Cyber Defense Advisors

News

  • by
  • November 10, 2022

Citrix Issues Patches for Critical Flaw Affecting ADC and Gateway Products

Citrix has released security updates to address a critical authentication bypass flaw in the application delivery controller (ADC) and Gateway that could be exploited to take control of affected systems. Successful exploitation of the issues could enable an adversary to gain authorized access, perform remote desktop takeover, and even circumvent defenses against login brute-force attempts under

Cyber News, Cyber Threat Trends

Some 98% of Global Firms Suffer Supply Chain Breach in 2021

Two-fifths still trust suppliers to handle their own security

Cyber News, Cyber Threat Trends

The pros and cons of the digital transformation in banking

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Digital transformation in banking began following the creation of the internet in the 1990s as a way for banks to deliver services to […]

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2022

Re-Focusing Cyber Insurance with Security Validation

The rise in the costs of data breaches, ransomware, and other cyber attacks leads to rising cyber insurance premiums and more limited cyber insurance coverage. This cyber insurance situation increases risks for organizations struggling to find coverage or facing steep increases. Some Akin Gump Strauss Hauer & Feld LLP’s law firm clients, for example, reported a three-fold […]

Cyber News, Cyber Threat Trends

Couple Get 40 Years for Navy Espionage Plot

Duo tried to sell secrets of nuclear propulsion

Cyber News, Cyber Threat Trends

Malware Redirects 15,000 Sites in Malicious SEO Campaign

Campaign designed to improve search engine rankings of spammy sites

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2022

High-Severity Flaw Reported in Critical System Used in Oil and Gas Companies

Cybersecurity researchers have disclosed details of a new vulnerability in a system used across oil and gas organizations that could be exploited by an attacker to inject and execute arbitrary code. The vulnerability, tracked as CVE-2022-0902 (CVSS score: 8.1), is a path-traversal vulnerability in ABB Totalflow flow computers and remote controllers. “Attackers can exploit this flaw to gain […]

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2022

New UEFI Firmware Flaws Reported in Several Lenovo Notebook Models

PC maker Lenovo has addressed yet another set of three shortcomings in the Unified Extensible Firmware Interface (UEFI) firmware affecting several Yoga, IdeaPad, and ThinkBook devices. “The vulnerabilities allow disabling UEFI Secure Boot or restoring factory default Secure Boot databases (incl. dbx): all simply from an OS,” Slovak cybersecurity firm ESET explained in a series of tweets. […]

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2022

Emergency code execution patch from Apple – but not an 0-day

Not a zero-day, but important enough for a quick-fire patch to one system library…

Cyber News, Cyber Threat Trends