Cyber Defense Advisors

News

  • by
  • July 12, 2024

The NSA Has a Long-Lost Lecture by Adm. Grace Hopper

The NSA has a video recording of a 1982 lecture by Adm. Grace Hopper titled “Future Possibilities: Data, Hardware, Software, and People.” The agency is (so far) refusing to release it. Basically, the recording is in an obscure video format. People at the NSA can’t easily watch it, so they can’t redact it. So they […]

Cyber News
  • by
  • July 12, 2024

U.S. Seizes Domains Used by AI-Powered Russian Bot Farm for Disinformation

The U.S. Department of Justice (DoJ) said it seized two internet domains and searched nearly 1,000 social media accounts that Russian threat actors allegedly used to covertly spread pro-Kremlin disinformation in the country and abroad on a large scale. “The social media bot farm used elements of AI to create fictitious social media profiles — […]

Cyber News
  • by
  • July 11, 2024

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account […]

Cyber News
  • by
  • July 11, 2024

Apple Is Alerting iPhone Users of Spyware Attacks

Not a lot of details: Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It’s the second such alert campaign from the company this year, following a similar notification sent to users in 92 nations in April. Tags: Apple, cybersecurity, iPhone, spyware […]

Cyber News
  • by
  • July 11, 2024

60 New Malicious Packages Uncovered in NuGet Supply Chain Attack

Threat actors have been observed publishing a new wave of malicious packages to the NuGet package manager as part of an ongoing campaign that began in August 2023, while also adding a new layer of stealth to evade detection. The fresh packages, about 60 in number and spanning 290 versions, demonstrate a refined approach from […]

Cyber News
  • by
  • July 11, 2024

Exposed! The AI-enhanced social media bot farm that pumped out Kremlin propaganda on Twitter

Graham CLULEY July 11, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial The US Justice Department, working in coordination with Canadian and Dutch authorities, has seized two domain names which it claims were being used by Russian-backed hackers to spread disinformation on social media. The FBI has issued a joint […]

Cyber News
  • by
  • July 11, 2024

Smashing Security podcast #380: Teachers TikTok targeted, and fraud in the doctors’ waiting room

Execs at a health tech startup are sentenced to jail after a massive ad fraud, and a school is shaken after teachers are targeted via TikTok. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Plus don’t miss our featured interview […]

Cyber News
  • by
  • July 11, 2024

Chinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalk

The China-linked advanced persistent threat (APT) group codenamed APT41 is suspected to be using an “advanced and upgraded version” of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector – which is also referred to as DUSTPAN – has been designated DodgeBox by Zscaler ThreatLabz, which […]

Cyber News
  • by
  • July 11, 2024

Streamlined Security Solutions: PAM for Small to Medium-sized Businesses

Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit perceived vulnerabilities in smaller firms for […]

Cyber News