Cyber Defense Advisors

News

  • by
  • October 29, 2024

New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

More than six years after the Spectre security flaw impacting modern CPU processors came to light, new research has found that the latest AMD and Intel processors are still susceptible to speculative execution attacks. The attack, disclosed by ETH Zürich researchers Johannes Wikner and Kaveh Razavi, aims to undermine the Indirect Branch Predictor Barrier (IBPB) […]

Cyber News

China-Linked Hackers Target U.S. Internet Providers in Massive Cyber Espionage Campaign

China-Linked Hackers Target U.S. Internet Providers in Massive Cyber Espionage Campaign Beijing-backed hackers are breaching American ISPs, raising concerns about critical infrastructure security Chinese hackers just waltzed into U.S. internet networks like they knew the Wi-Fi password all along—and they’re after sensitive data. Chinese state-sponsored hacking groups have slipped into several U.S. internet service providers […]

Cyber Thoughts
  • by
  • October 28, 2024

French ISP Free confirms data breach after hacker puts customer data up for auction

Graham CLULEY October 28, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial One of the largest internet providers in France, Free S.A.S, has confirmed that it recently suffered a cybersecurity breach after a hacker attempted to sell what purported to be stolen data from the organisation on the dark web. […]

Cyber News
  • by
  • October 28, 2024

Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. “The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies,” ESET security researcher Anh Ho […]

Cyber News
  • by
  • October 28, 2024

Criminals Are Blowing up ATMs in Germany

It’s low tech, but effective. Why Germany? It has more ATMs than other European countries, and—if I read the article right—they have more money in them. Tags: ATMs, banking, bombs, theft Sidebar photo of Bruce Schneier by Joe MacInnis.  

Cyber News
  • by
  • October 28, 2024

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 – Oct 27)

Cybersecurity news can sometimes feel like a never-ending horror movie, can’t it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your head spin. But don’t worry, we’re here to […]

Cyber News
  • by
  • October 28, 2024

Russian Espionage Group Targets Ukrainian Military with Malware via Telegram

A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google’s Threat Analysis Group (TAG) and Mandiant are tracking the activity under the name UNC5812. The threat group, which operates a Telegram channel named civildefense_com_ua, […]

Cyber News
  • by
  • October 28, 2024

BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

Three malicious packages published to the npm registry in September 2024 have been found to contain a known malware called BeaverTail, a JavaScript downloader and information stealer linked to an ongoing North Korean campaign tracked as Contagious Interview. The Datadog Security Research team is monitoring the activity under the name Tenacious Pungsan, which is also […]

Cyber News
  • by
  • October 28, 2024

Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials

Cybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services like Cloudflare and Microsoft Sway to their advantage. “The campaigns target sensitive information from different crypto wallets, including Coinbase, MetaMask, Phantom, Trezor, and Bitbuy, as well as login credentials […]

Cyber News