Cyber Defense Advisors

News

  • by
  • December 5, 2024

Smashing Security podcast #396: Dishy DDoS dramas, and mining our minds for data

A CEO is arrested for turning satellite receivers into DDoS attack weapons, and we journey into the world of bossware and “affective computing” and explore how AI is learning to read our emotions – is this the future of work, or a recipe for dystopia? All this and more is discussed in the latest edition […]

Cyber News
  • by
  • December 5, 2024

Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers

A suspected Chinese threat actor targeted a large U.S. organization earlier this year as part of a four-month-long intrusion. According to Broadcom-owned Symantec, the first evidence of the malicious activity was detected on April 11, 2024 and continued until August. However, the company doesn’t rule out the possibility that the intrusion may have occurred earlier. […]

Cyber News
  • by
  • December 5, 2024

ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan

The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024. The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) and ANEL (aka UPPERCUT), Trend Micro said in a technical analysis. “An interesting aspect of this […]

Cyber News
  • by
  • December 5, 2024

NCA Busts Russian Crypto Networks Laundering Funds and Evading Sanctions

The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and organized crime across the U.K., the Middle East, Russia, and South America. The effort, codenamed Operation Destabilise, has resulted in the arrest of 84 suspects linked to […]

Cyber News
  • by
  • December 5, 2024

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-51378 (CVSS score: 10.0) – An incorrect default permissions vulnerability […]

Cyber News
  • by
  • December 4, 2024

AI chatbot startup WotNot leaks 346,000 files, including passports and medical records

Graham CLULEY December 04, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial An Indian AI startup that helps businesses build custom chatbots has leaked almost 350,000 sensitive files after the data was left unsecured on the web. Ahmedabad-headquartered WotNot left a massive collection of sensitive user information – including scans […]

Cyber News

The Intensifying “Salt Typhoon” Hacks: Is Your Data Safe?

The Intensifying “Salt Typhoon” Hacks: Is Your Data Safe? A Massive Telecom Espionage Campaign Is Unfolding—Here’s What You Need to Know A sweeping cyberattack has infiltrated U.S. telecom networks, and the fallout could affect millions. What Happened? “Salt Typhoon” is the codename for a suspected espionage operation allegedly linked to China, according to U.S. officials. […]

Cyber Thoughts
  • by
  • December 4, 2024

Russia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian Entities

The Russia-linked advanced persistent threat (APT) group known as Turla has been linked to a previously undocumented campaign that involved infiltrating the command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to conduct its own operations since 2022. The activity, first observed in December 2022, is the latest instance of the nation-state adversary “embedding […]

Cyber News
  • by
  • December 4, 2024

Ransomware-hit vodka maker Stoli files for bankruptcy in the United States

Sales: 0845 470 4001 | Support: 0845 230 6001 | Contact Form | NPS Cyber Security Business Continuity Ransomware Disaster Recovery Data Protection 1977 Hits Stoli Group USA, the US subsidiary of vodka maker Stoli, has filed for bankruptcy – and a ransomware attack is at least partly to blame. The American branch of Stoli, […]

Cyber News