Cyber Defense Advisors

News

  • by
  • December 6, 2023

Sierra:21 – Flaws in Sierra Wireless Routers Expose Critical Sectors to Cyber Attacks

A collection of 21 security flaws have been discovered in Sierra Wireless AirLink cellular routers and open-source software components like TinyXML and OpenNDS. Collectively tracked as Sierra:21, the issues expose over 86,000 devices across critical sectors like energy, healthcare, waste management, retail, emergency services, and vehicle tracking to cyber threats, according to Forescout Vedere Labs. […]

Cyber News
  • by
  • December 6, 2023

Scaling Security Operations with Automation

In an increasingly complex and fast-paced digital landscape, organizations strive to protect themselves from various security threats. However, limited resources often hinder security teams when combatting these threats, making it difficult to keep up with the growing number of security incidents and alerts. Implementing automation throughout security operations helps security teams alleviate these challenges by […]

Cyber News
  • by
  • December 6, 2023

Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a high-severity Adobe ColdFusion vulnerability by unidentified threat actors to gain initial access to government servers. “The vulnerability in ColdFusion (CVE-2023-26360) presents as an improper access control issue and exploitation of this CVE can result in arbitrary code execution,” CISA said, adding […]

Cyber News
  • by
  • December 6, 2023

$10 million up for grabs in fight against North Korean hackers

Graham CLULEY December 06, 2023 Promo Protect all your devices, without slowing them down. Free 30-day trial Fancy earning $10 million? Of course you do! Well, today could be your lucky day. Because the US State Department is offering a reward of up to $10 million for information that could help disrupt the activities of […]

Cyber News
  • by
  • December 6, 2023

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

Atlassian has released software fixes to address four critical flaws in its software that, if successfully exploited, could result in remote code execution. The list of vulnerabilities is below – CVE-2022-1471 (CVSS score: 9.8) – Deserialization vulnerability in SnakeYAML library that can lead to remote code execution in multiple products CVE-2023-22522 (CVSS score: 9.0) – […]

Cyber News
  • by
  • December 6, 2023

Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

Chipmaker Qualcomm has released more information about three high-severity security flaws that it said came under “limited, targeted exploitation” back in October 2023. The vulnerabilities are as follows – CVE-2023-33063 (CVSS score: 7.8) – Memory corruption in DSP Services during a remote call from HLOS to DSP. CVE-2023-33106 (CVSS score: 8.4) – Memory corruption in […]

Cyber News
  • by
  • December 5, 2023

Russia’s AI-Powered Disinformation Operation Targeting Ukraine, U.S., and Germany

The Russia-linked influence operation called Doppelganger has targeted Ukrainian, U.S., and German audiences through a combination of inauthentic news sites and social media accounts. These campaigns are designed to amplify content designed to undermine Ukraine as well as propagate anti-LGBTQ+ sentiment, U.S. military competence, and Germany’s economic and social issues, according to a new report […]

Cyber News
  • by
  • December 5, 2023

Warning for iPhone Users: Experts Warn of Sneaky Fake Lockdown Mode Attack

A new “post-exploitation tampering technique” can be abused by malicious actors to visually deceive a target into believing that their Apple iPhone is running in Lockdown Mode when it’s actually not and carry out covert attacks. The novel method, detailed by Jamf Threat Labs in a report shared with The Hacker News, “shows that if […]

Cyber News
  • by
  • December 5, 2023

AI and Mass Spying

Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents […]

Cyber News