Cyber Defense Advisors

News

  • by
  • May 17, 2024

New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

A new report from XM Cyber has found – among other insights – a dramatic gap between where most organizations focus their security efforts, and where the most serious threats actually reside. The new report, Navigating the Paths of Risk: The State of Exposure Management in 2024, is based on hundreds of thousands of attack […]

Cyber News
  • by
  • May 17, 2024

China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

Cybersecurity researchers have shed more light on a remote access trojan (RAT) known as Deuterbear used by the China-linked BlackTech hacking group as part of a cyber espionage campaign targeting the Asia-Pacific region this year. “Deuterbear, while similar to Waterbear in many ways, shows advancements in capabilities such as including support for shellcode plugins, avoiding […]

Cyber News
  • by
  • May 17, 2024

FBI Seizes BreachForums Website

The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data. If law enforcement has gained access to the hacking forum’s backend data, as they claim, they would have email addresses, IP addresses, and private messages that could expose members and be used in law enforcement investigations. […] The FBI […]

Cyber News
  • by
  • May 17, 2024

Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations. The backdoor, codenamed Gomir, is “structurally almost identical to GoBear, with extensive sharing of code between […]

Cyber News
  • by
  • May 17, 2024

CISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2014-100005 – A cross-site request forgery (CSRF) vulnerability impacting D-Link DIR-600 routers that allows an attacker to […]

Cyber News
  • by
  • May 16, 2024

New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

Researchers have discovered a new security vulnerability stemming from a design flaw in the IEEE 802.11 Wi-Fi standard that tricks victims into connecting to a less secure wireless network and eavesdrop on their network traffic. The SSID Confusion attack, tracked as CVE-2023-52424, impacts all operating systems and Wi-Fi clients, including home and mesh networks that […]

Cyber News
  • by
  • May 16, 2024

BreachForums seized! One of the world’s largest hacking forums is taken down by the FBI… again

Law enforcement agencies worldwide have coordinated to take down one of the world’s largest hacker forums, scoring a victory against cybercrime. BreachForums, a notorious marketplace for stolen data, was seized by the authorities on Wednesday, according to a message on its website. BREACHFORUMS IS UNDER THE CONTROL OF THE FBIThis website has been taken down […]

Cyber News
  • by
  • May 16, 2024

North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign

The North Korea-linked Kimsuky hacking group has been attributed to a new social engineering attack that employs fictitious Facebook accounts to targets via Messenger and ultimately delivers malware. “The threat actor created a Facebook account with a fake identity disguised as a public official working in the North Korean human rights field,” South Korean cybersecurity […]

Cyber News
  • by
  • May 16, 2024

Zero-Trust DNS

Microsoft is working on a promising-looking protocol to lock down DNS. ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform—the core component of the Windows Firewall—directly into client devices. Jake Williams, VP of research and development at consultancy Hunter Strategy, said the union of these previously […]

Cyber News