Cyber Defense Advisors

News

  • by
  • July 1, 2024

Juniper Networks Releases Critical Security Update for Routers

Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity. “An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router […]

Cyber News
  • by
  • June 29, 2024

Google to Block Entrust Certificates in Chrome Starting November 2024

Google has announced that it’s going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority’s inability to address security issues in a timely manner. “Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors […]

Cyber News
  • by
  • June 28, 2024

Friday Squid Blogging: New Squid Species

A new squid species—of the Gonatidae family—was discovered. The video shows her holding a brood of very large eggs. Research paper. Tags: academic papers, squid, video Sidebar photo of Bruce Schneier by Joe MacInnis.  

Cyber News
  • by
  • June 28, 2024

Russian hackers read the emails you sent us, Microsoft warns more customers

Graham CLULEY June 28, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial More of Microsoft’s clients are being warned that emails they exchanged with the company were accessed by Russian hackers who broke into its systems and spied on staff inboxes. In January, Microsoft revealed that members of the “Midnight […]

Cyber News
  • by
  • June 28, 2024

Supply-chain ransomware attack cripples thousands of car dealerships

Sales: 0845 470 4001 | Support: 0845 230 6001 | Contact Form | NPS Company Cyber Security Business Continuity Ransomware Disaster Recovery Data Protection 299 Hits Car dealerships have been brought to a standstill across the United States after a software provider was hit by a ransomware attack. The attack, believed to be by the […]

Cyber News
  • by
  • June 28, 2024

Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data

The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that’s designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the extension TRANSLATEXT, highlighting its ability to gather […]

Cyber News
  • by
  • June 28, 2024

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in versions 17.1.1, 17.0.3, and 16.11.5. The most severe of […]

Cyber News
  • by
  • June 28, 2024

8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining

Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. “The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware code to run solely in memory and avoid disk-based detection mechanisms,” Trend Micro […]

Cyber News
  • by
  • June 28, 2024

James Bamford on Section 702 Extension

Longtime NSA-watcher James Bamford has a long article on the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA). Tags: FISA, national security policy, NSA, privacy, surveillance Sidebar photo of Bruce Schneier by Joe MacInnis.  

Cyber News