Cyber Defense Advisors

News

  • by
  • March 18, 2024

New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics

A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it’s likely associated with the North Korean state-sponsored group tracked as Kimsuky (aka Emerald Sleet, Springtail, or Velvet Chollima). “The malware payloads used in the […]

Cyber News
  • by
  • March 18, 2024

Fujitsu hack raises questions, after firm confirms customer data breach

Fujitsu has warned that cybercriminals may have stolen files with personal and customer data after it discovering malware on its computer systems. The firm at the center of the British Post Office scandal, said in a Japanese press release that it had discovered the presence of malware on its computers, the potential theft of customer […]

Cyber News
  • by
  • March 18, 2024

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. “A directory traversal within the ‘ftpservlet’ of the FileCatalyst […]

Cyber News
  • by
  • March 18, 2024

Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites

Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. “It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website,” Netskope Threat […]

Cyber News
  • by
  • March 18, 2024

Drones and the US Air Force

Fascinating analysis of the use of drones on a modern battlefield—that is, Ukraine—and the inability of the US Air Force to react to this change. The F-35A certainly remains an important platform for high-intensity conventional warfare. But the Air Force is planning to buy 1,763 of the aircraft, which will remain in service through the […]

Cyber News
  • by
  • March 18, 2024

WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw

WordPress users of miniOrange’s Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw. The flaw, tracked as CVE-2024-2172, is rated 9.8 out of a maximum of 10 on the CVSS scoring system and discovered by Stiofan. It impacts the following […]

Cyber News
  • by
  • March 18, 2024

APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme

The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. “The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated documents […]

Cyber News

Unlocking Success: Compliance Strategies for Robo-Advisor Platforms

Unlocking Success: Compliance Strategies for Robo-Advisor Platforms The world of finance is undergoing a significant transformation, driven by advancements in technology and changing consumer preferences. One of the most prominent developments in this space is the rise of robo-advisors. These automated investment platforms are reshaping the way individuals manage their finances, offering convenience, accessibility, and […]

FINRA Compliance

Unlocking Hidden Value in Application Due Diligence

Unlocking Hidden Value in Application Due Diligence In the world of mergers and acquisitions (M&A), due diligence is a critical step that can make or break a deal. Traditionally, due diligence has focused on financials, legal compliance, and operational efficiency. However, in today’s rapidly evolving digital landscape, there’s a hidden treasure trove of value waiting […]

Value-Enhancing Application Due Diligence