Cyber Defense Advisors

Cyber News

  • by
  • June 7, 2024

Cyber Landscape is Evolving – So Should Your SCA

Traditional SCAs Are Broken: Did You Know You Are Missing Critical Pieces? Application Security professionals face enormous challenges securing their software supply chains, racing against time to beat the attacker to the mark. Software Composition Analysis (SCA) tools have become a basic instrument in the application security arsenal in the last 7 years. Although essential, […]

Cyber News
  • by
  • June 7, 2024

The AI Debate: Google’s Guidelines, Meta’s GDPR Dispute, Microsoft’s Recall Backlash

Google is urging third-party Android app developers to incorporate generative artificial intelligence (GenAI) features in a responsible manner. The new guidance from the search and advertising giant is an effort to combat problematic content, including sexual content and hate speech, created through such tools. To that end, apps that generate content using AI must ensure […]

Cyber News
  • by
  • June 7, 2024

The Justice Department Took Down the 911 S5 Botnet

The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide. These devices were associated with more than 19 million […]

Cyber News
  • by
  • June 7, 2024

FBI Distributes 7,000 LockBit Ransomware Decryption Keys to Help Victims

The U.S. Federal Bureau of Investigation (FBI) has disclosed that it’s in possession of more than 7,000 decryption keys associated with the LockBit ransomware operation to help victims get their data back at no cost. “We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our […]

Cyber News
  • by
  • June 7, 2024

SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting defense forces in the country with a malware called SPECTR as part of an espionage campaign dubbed SickSync. The agency attributed the attacks to a threat actor it tracks under the moniker UAC-0020, which is also called Vermin and is assessed […]

Cyber News
  • by
  • June 7, 2024

Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances

The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial gain. “The attackers used the cmd.cat/chattr docker image container that retrieves the payload from their own command-and-control (C&C) infrastructure,” Trend Micro researchers Sunil Bharti and Shubham Singh […]

Cyber News
  • by
  • June 6, 2024

Espionage with a Drone

The US is using a World War II law that bans aircraft photography of military installations to charge someone with doing the same thing with a drone.  

Cyber News
  • by
  • June 6, 2024

Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys

Did your company fall victim to the LockBit ransomware? Have cybercriminals left gigabytes of your data encrypted, with no easy route for recovery that doesn’t involve paying a ransom? Well, don’t fear. The FBI announced this week that it had obtained over 7,000 decryption keys for the LockBit ransomware and is urging victims to come […]

Cyber News
  • by
  • June 6, 2024

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining. Infection involves executing a shell script from a remote IP, downloading the Muhstik malware binary (“pty3”), and ensuring persistence by copying to multiple directories and editing system files. With over […]

Cyber News