Cyber Defense Advisors

News

  • by
  • June 18, 2024

VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi

VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution. The list of vulnerabilities is as follows – CVE-2024-37079 & CVE-2024-37080 (CVSS scores: 9.8) – Multiple heap-overflow vulnerabilities in the implementation of the DCE/RPC protocol that could […]

Cyber News
  • by
  • June 18, 2024

Singapore Police Extradites Malaysians Linked to Android Malware Fraud

The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a mobile malware campaign targeting citizens in the country since June 2023. The unnamed individuals, aged 26 and 47, engaged in scams that tricked unsuspecting users into downloading malicious apps onto their Android devices via phishing […]

Cyber News

Top 10 Cyber Security Blunders: The Homer Simpson Guide to What Not to Do

Top 10 Cyber Security Blunders The Homer Simpson Guide to What Not to Do This week, we’re diving into Cyber Security Lessons from Springfield! Discover the top 10 blunders—from password fumbles to ignoring updates—through Homer Simpson’s hilarious missteps, and learn how a single “D’oh!” can jeopardize your business. 1. Password Fumbles: “Mmm… Passwords”Using “Springfield” as […]

Cyber Thoughts
  • by
  • June 17, 2024

ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models

ASUS has shipped software updates to address a critical security flaw impacting its routers that could be exploited by malicious actors to bypass authentication. Tracked as CVE-2024-3080, the vulnerability carries a CVSS score of 9.8 out of a maximum of 10.0. “Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated remote attackers to log […]

Cyber News
  • by
  • June 17, 2024

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes. Cybersecurity company Sygnia, which […]

Cyber News
  • by
  • June 17, 2024

What is DevSecOps and Why is it Essential for Secure Software Delivery?

Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts […]

Cyber News
  • by
  • June 17, 2024

Using LLMs to Exploit Vulnerabilities

Interesting research: “Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.” Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents can exploit real-world vulnerabilities when given a description of the vulnerability and toy capture-the-flag problems. However, these agents still perform poorly on real-world vulnerabilities that are […]

Cyber News
  • by
  • June 17, 2024

Hackers Exploit Legitimate Websites to Deliver BadSpace Windows Backdoor

Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. “The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser update, and a JScript downloader to deploy a backdoor into the […]

Cyber News
  • by
  • June 17, 2024

NiceRAT Malware Targets South Korean Users via Cracked Software

Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft Office. “Due to the nature […]

Cyber News