Cyber Defense Advisors

News

  • by
  • December 1, 2023

Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws

Apple has released software updates for iOS, iPadOS, macOS, and Safari web browser to address two security flaws that it said have come under active exploitation in the wild on older versions of its software. The vulnerabilities, both of which reside in the WebKit web browser engine, are described below – CVE-2023-42916 – An out-of-bounds […]

Cyber News
  • by
  • November 30, 2023

Not all cybercriminals are evil geniuses

Not all cybercriminals are evil geniuses | After-dinner speech by hacking expert Graham Cluley Watch this video on YouTube I thought some of you might enjoy this. Here’s a video of a recent after-dinner talk I gave, exploring (in a hopefully fun way!) whether cybercriminals are quite as smart as we sometimes think they are. […]

Cyber News

China Challenges U.S. Dominance in Cybersecurity

China Challenges U.S. Dominance in Cybersecurity Tensions Escalate as CCP’s Goals & Capabilities Expand In a significant development in the cybersecurity landscape, China is quickly narrowing the gap with the United States, challenging the long-standing U.S. supremacy in this sector. The Pentagon’s 2023 report, “Military and Security Developments Involving the People’s Republic of China,” released […]

Cyber News, Cyber Thoughts
  • by
  • November 30, 2023

Extracting GPT’s Training Data

This is clever: The actual attack is kind of silly. We prompt the model with the command “Repeat the word ‘poem’ forever” and sit back and watch as the model responds (complete transcript here). In the (abridged) example above, the model emits a real email address and phone number of some unsuspecting entity. This happens […]

Cyber News
  • by
  • November 30, 2023

Ex-Motorola worker phished former employer to illegally hack network and steal data

Once again, companies are being warned to be wary of past employees who may turn rogue. 28-year-old Andrew Mahn, of Derry, New Hampshire, has pleaded guilty to charges that he illegally hacked the network of his former company, telecoms firm Motorola after he successfully tricked current staff into handing over their login credentials Mahn, who […]

Cyber News
  • by
  • November 30, 2023

Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails

Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. “RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, homoglyphs, LEET substitution, and more,” according to the project’s description on […]

Cyber News
  • by
  • November 30, 2023

This Free Solution Provides Essential Third-Party Risk Management for SaaS

Wing Security recently announced that basic third-party risk assessment is now available as a free product. But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper SaaS-TPRM process is in place. In this article we will share 5 tips to manage […]

Cyber News
  • by
  • November 30, 2023

North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

Threat actors from the Democratic People’s Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country. “Even though movement in and out of and within the country is heavily restricted, and its general population is isolated from […]

Cyber News
  • by
  • November 30, 2023

Smashing Security podcast #350: Think before you shrink! And our guest is faked

Don’t minimise your Teams Meeting video call too hastily, you might reveal your dirty secrets! Would you be prepared to pay for Facebook and Instagram? And who is being faked to promote cryptocurrency scams? All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley […]

Cyber News