Cyber Defense Advisors

Cyber News

Home / News / Cyber News / Page 25

How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model

Cybersecurity isn’t just another checkbox on your business agenda. It’s a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to protect your digital assets becomes crucial. The shared responsibility model, exemplified through Microsoft 365’s approach, offers a framework for comprehending and implementing effective cybersecurity measures. The Essence of […]

Cyber News

Six Governments Likely Use Israeli Paragon Spyware to Hack IM Apps and Harvest Data

The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by Israeli company Paragon Solutions, according to a new report from The Citizen Lab. Paragon, founded in 2019 by Ehud Barak and Ehud Schneorson, is the maker of a surveillance tool called Graphite that’s capable of harvesting sensitive data […]

Cyber News

Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers

Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security […]

Cyber News

CISA Adds NAKIVO Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to read files […]

Cyber News

Supply-chain CAPTCHA attack hits over 100 car dealerships

A security researcher has discovered that the websites of over 100 car dealerships have been compromised in a supply-chain attack that attempted to infect the PCs of internet visitors. Read more in my article on the Hot for Security blog. 

Cyber News

CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages

The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a new campaign that targets the defense sectors with Dark Crystal RAT (aka DCRat). The campaign, detected earlier this month, has been found to target both employees of enterprises of the defense-industrial complex and individual representatives of the Defense Forces of Ukraine. The activity […]

Cyber News

DOGE to Fired CISA Staff: Email Us Your Personal Data

A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration’s continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to […]

Cyber News

Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners

Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code. Cybersecurity company […]

Cyber News

Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia

The recently leaked trove of internal chat logs among members of the Black Basta ransomware operation has revealed possible connections between the e-crime gang and Russian authorities. The leak, containing over 200,000 messages from September 2023 to September 2024, was published by a Telegram user @ExploitWhispers last month. According to an analysis of the messages […]

Cyber News