Cyber Defense Advisors

News

  • by
  • July 22, 2024

PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing

A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. “Serverless architectures are attractive to developers and enterprises for their flexibility, cost effectiveness, and ease of use,” Google said in its biannual […]

Cyber News
  • by
  • July 22, 2024

How to Set up an Automated SMS Analysis Service with AI in Tines

The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization’s security posture is by building an automated SMS analysis service. Workflow automation platform Tines provides a good example of how to do it. The vendor recently released […]

Cyber News
  • by
  • July 22, 2024

Snake Mimics a Spider

This is a fantastic video. It’s an Iranian spider-tailed horned viper (Pseudocerastes urarachnoides). Its tail looks like a spider, which the snake uses to fool passing birds looking for a meal. Tags: natural security Sidebar photo of Bruce Schneier by Joe MacInnis.  

Cyber News
  • by
  • July 22, 2024

MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting

As a vCISO, you are responsible for your client’s cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO – 5 Steps to Success”, which covers all the phases entailed in launching a successful vCISO […]

Cyber News
  • by
  • July 22, 2024

SocGholish Malware Exploits BOINC Project for Covert Cyberattacks

The JavaScript downloader malware known as SocGholish (aka FakeUpdates) is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC. BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an open-source “volunteer computing” platform maintained by the University of California with an aim to carry […]

Cyber News
  • by
  • July 22, 2024

New Linux Variant of Play Ransomware Targeting VMware ESXi Systems

Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that’s designed to target VMware ESXi environments. “This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations,” Trend Micro researchers […]

Cyber News
  • by
  • July 20, 2024

Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware

Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of providing a hotfix. The attack chains involve distributing a […]

Cyber News
  • by
  • July 20, 2024

17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K.

Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate. The arrest was made “in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks,” West […]

Cyber News
  • by
  • July 19, 2024

Friday Squid Blogging: Peru Trying to Protect its Squid Fisheries

Peru is trying to protect its territorial waters from Chinese squid-fishing boats. Blog moderation policy.  

Cyber News