Cyber Defense Advisors

Cyber News

  • by
  • November 12, 2024

Microsoft Patch Tuesday, November 2024 Edition

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today. The zero-day flaw tracked as CVE-2024-49039 is […]

Cyber News
  • by
  • November 12, 2024

The AI Fix #24: Where are the alien AIs, and are we being softened up for superintelligence?

In episode 24 of The AI Fix, Mark makes an unforgivable error about the Terminator franchise, our hosts wonder if a “seductive” government chatbot will make it easier to talk about tax, a radio station abandons its three month AI experiment after a week, and OpenAI parks its tanks on Google’s lawn. Graham gets cosmic […]

Cyber News
  • by
  • November 12, 2024

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and mouse input, along with a video […]

Cyber News
  • by
  • November 12, 2024

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D’ Luffy) on the Runion forum earlier this August, is advertised as a tool that allows criminal actors […]

Cyber News
  • by
  • November 12, 2024

North Korean Hackers Target macOS Using Flutter-Embedded Malware

Threat actors with ties to the Democratic People’s Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform […]

Cyber News
  • by
  • November 12, 2024

Criminals Exploiting FBI Emergency Data Requests

I’ve been writing about the problem with lawful-access backdoors in encryption for decades now: that as soon as you create a mechanism for law enforcement to bypass encryption, the bad guys will use it too. Turns out the same thing is true for non-technical backdoors: The advisory said that the cybercriminals were successful in masquerading […]

Cyber News
  • by
  • November 12, 2024

5 Ways Behavioral Analytics is Revolutionizing Incident Response

Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights during alert triage and investigation, SOCs can transform their workflows to become more accurate, efficient, […]

Cyber News
  • by
  • November 12, 2024

Winter Fuel Payment scam targets UK citizens via SMS

Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills.  In July, the UK’s new Labour Government announced that it was limiting who was eligible for assistance with their winter fuel bills by making eligibility […]

Cyber News
  • by
  • November 12, 2024

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. “Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness,” Russian cybersecurity vendor Kaspersky said. “Threat actors leveraged an unconventional blend of […]

Cyber News