Cyber Defense Advisors

News

Home / News / Page 1297

LofyGang Group Linked to Recent Software Supply Chain Attacks

The group focuses on utilizing open-source software for malicious purposes

Cyber News

New cryptojacking campaign exploits OneDrive vulnerability

Cryptojacking is turning into a security nightmare for consumers and enterprises alike. Malicious actors have used a variety of techniques to install cryptojackers on victims’ computers and in a new development, cybersecurity software maker Bitdefender has detected a cryptojacking campaign that uses a Microsoft OneDrive vulnerability to gain persistence and run undetected on infected devices. […]

Cyber News

LofyGang Uses 100s of Malicious NPM Packages to Poison Open Source Software

The group has been operating for over a year, promoting their tools in hacking forums, stealing credit card information, and using typosquatting techniques to target open source software flaws.

Cyber News

Businesses in Canada Warned Not to Overlook Cybersecurity As Recession Looms

CEOs put cybersecurity seventh behind near-term risks such as the economy and potential recession

Cyber News

Russian Sanctions Instigator Lloyd’s Possibly Hit by Cyber-Attack

The insurance market has detected “unusual activity” and turned off its systems

Cyber News

RCE on Log4j Among Top CVEs Exploited By Chinese-Backed Hackers

In a joint advisory, three US agencies, NSA, CISA and FBI, warned about Chinese threat actors

Cyber News

WhatsApp goes after Chinese password scammers via US court

If you can’t beat ’em, sue ’em!

Cyber News

LofyGang Distributed ~200 Malicious NPM Packages to Steal Credit Card Data

Multiple campaigns that distributed trojanized and typosquatted packages on the NPM open source repository have been identified as the work of a single threat actor dubbed LofyGang. Checkmarx said it discovered 199 rogue packages totaling thousands of installations, with the group operating for over a year with the goal of stealing credit card data as […]

Cyber News

Network Design: Serverless Applications

ACM.73 Thinking through serverless network architecture This is a continuation of my series of posts on Automating Cybersecurity Metrics. I covered network access for developers for our batch job development and deployment in the last post. Network Design: Developer Network In this post I am going to cover some considerations for serverless application networking. Earlier in […]

Cyber News