Cyber Defense Advisors

News

  • by
  • May 28, 2024

Treasury Sanctions Creators of 911 S5 Proxy Botnet

The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one’s Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation […]

Cyber News

The Post-Pandemic Cybersecurity Nightmare

The Post-Pandemic Cybersecurity Nightmare From Remote Work Risks to Cyberattack Surges—The New Normal for Cybersecurity In the aftermath of the global shift towards remote work, Chief Information Security Officers (CISOs) find themselves at the heart of a cyber storm, navigating through an era that’s reshaping the landscape of digital defense. For those leading the cybersecurity […]

Cyber Thoughts
  • by
  • May 28, 2024

Indian National Pleads Guilty to $37 Million Cryptocurrency Theft Scheme

An Indian national has pleaded guilty in the U.S. over charges of stealing more than $37 million by setting up a website that impersonated the Coinbase cryptocurrency exchange platform. Chirag Tomar, 30, pleaded guilty to wire fraud conspiracy, which carries a maximum sentence of 20 years in prison and a $250,000 fine. He was arrested […]

Cyber News
  • by
  • May 28, 2024

4-Step Approach to Mapping and Securing Your Organization’s Most Critical Assets

You’re probably familiar with the term “critical assets”. These are the technology assets within your company’s IT infrastructure that are essential to the functioning of your organization. If anything happens to these assets, such as application servers, databases, or privileged identities, the ramifications to your security posture can be severe. But is every technology asset […]

Cyber News
  • by
  • May 28, 2024

Lattice-Based Cryptosystems and Quantum Cryptanalysis

Quantum computers are probably coming, though we don’t know when—and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms. In anticipation of this possibility, cryptographers have been working on quantum-resistant public-key algorithms. The National Institute for Standards and Technology (NIST) has been hosting a competition since 2017, and […]

Cyber News
  • by
  • May 28, 2024

Researchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack Technique

The threat actors behind the CatDDoS malware botnet have exploited over 80 known security flaws in various software over the past three months to infiltrate vulnerable devices and co-opt them into a botnet for conducting distributed denial-of-service (DDoS) attacks. “CatDDoS-related gangs’ samples have used a large number of known vulnerabilities to deliver samples,” the QiAnXin […]

Cyber News
  • by
  • May 28, 2024

WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites

Unknown threat actors are abusing lesser-known code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting credit card data. The campaign, observed by Sucuri on May 11, 2024, entails the abuse of a WordPress plugin called Dessky Snippets, which allows users to add custom PHP code. It […]

Cyber News
  • by
  • May 28, 2024

TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks

A maximum-severity security flaw has been disclosed in the TP-Link Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests. The vulnerability, tracked as CVE-2024-5035, carries a CVSS score of 10.0. It impacts all versions of the router firmware including and prior to 1_1.1.6. It has […]

Cyber News

Five Ways to Combat Post-Pandemic Cybersecurity Threats

Five Ways to Combat Post-Pandemic Cybersecurity Threats As we continue to navigate the complexities of cybersecurity in a post-pandemic world, it’s essential for businesses to implement robust strategies to defend against evolving threats. Here are five effective ways to combat these cybersecurity challenges: 1. Enhance Employee Training and Awareness Phishing Simulation Programs: Regularly conduct phishing […]

Cyber Thoughts