Cyber Defense Advisors

News

  • by
  • November 29, 2023

DJVU Ransomware’s Latest Variant ‘Xaro’ Disguised as Cracked Software

A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. “While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed infecting systems alongside a host […]

Cyber News
  • by
  • November 29, 2023

GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability

The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that’s capable of remotely commandeering the infected hosts. The attacks involve the exploitation of a remote code execution bug (CVE-2023-46604, CVSS […]

Cyber News
  • by
  • November 29, 2023

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of […]

Cyber News
  • by
  • November 28, 2023

Digital Car Keys Are Coming

Soon we will be able to unlock and start our cars from our phones. Let’s hope people are thinking about security. Tags: cars, keys, smartphones, transportation Sidebar photo of Bruce Schneier by Joe MacInnis.  

Cyber News

Hacker Gang Files SEC Report Against Their Own Victim

Hacker Gang Files SEC Report Against Their Own Victim Cite Company’s Failure to Report Ransomware Attack it Perpetrated Turns out, crossing paths with a BlackCat really does bring misfortune! In a recent, bizarre turn of events, the notorious BlackCat ransomware gang has played a twisted game with the U.S. Securities and Exchange Commission (SEC). Just […]

Cyber Thoughts
  • by
  • November 28, 2023

ID Theft Service Resold Access to USInfoSearch Data

One of the cybercrime underground’s more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned. Since at least February 2023, a service advertised on Telegram called USiSLookups has operated an automated bot that allows anyone to look […]

Cyber News
  • by
  • November 28, 2023

iOS 17 NameDrop privacy scare: What you need to know

Graham CLULEY November 28, 2023 Promo Protect all your devices, without slowing them down. Free 30-day trial What’s happened? Warnings are spreading on social media about a new way for iPhone users to quickly share their contact information with others. For instance, Forbes is reporting that police departments across America have been spreading a warning, […]

Cyber News
  • by
  • November 28, 2023

Transform Your Data Security Posture – Learn from SoFi’s DSPM Success

As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra’s DSPM (Data Security Posture Management) emerges as a comprehensive solution, offering continuous discovery and accurate classification of sensitive data in the cloud. […]

Cyber News
  • by
  • November 28, 2023

Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access

Cybersecurity researchers have detailed a “severe design flaw” in Google Workspace’s domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. “Such exploitation could result in theft of emails from Gmail, data exfiltration from Google Drive, or other unauthorized […]

Cyber News