Cyber Defense Advisors

News

  • by
  • November 22, 2023

AI Solutions Are the New Shadow IT

Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks Like the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot. Employees are covertly using AI with little regard for established IT and cybersecurity review procedures. Considering ChatGPT’s meteoric rise to 100 million users […]

Cyber News
  • by
  • November 22, 2023

ClearFake Campaign Expands to Target Mac Systems with Atomic Stealer

The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake. “This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of geolocation but also operating […]

Cyber News
  • by
  • November 22, 2023

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing and […]

Cyber News

SEC Declares Open Season On CISOs

SEC Declares Open Season On CISOs Cyber Lapses Could Now Put Their Heads on the Legal Chopping Block This Thanksgiving, while tables across America are set for a traditional feast, CISOs find themselves on a less savory menu – dodging the carving knives of the SEC’s latest crackdown. The U.S. Securities and Exchange Commission (SEC) […]

Cyber Thoughts

Simplify Your ERP/WMS Redeployment

Simplify Your ERP/WMS Redeployment A common challenge many organizations face is the redeployment of their Enterprise Resource Planning (ERP) and Warehouse Management Systems (WMS). The primary goal of redeployment is to maximize system efficiency and capitalize on the latest functionalities that new versions or systems offer. Whether you’re embarking on an upgrade or migrating to […]

ERP/WMS Redeployment

How SOC 2 Compliance Can Help Keep Your Company Secure

How SOC 2 Compliance Can Help Keep Your Company Secure The business landscape is replete with stories of data breaches, cyber-attacks, and massive information leaks. While technology has been an enabler for business growth, it’s also paved the way for cyber threats. The responsibility to safeguard data—especially sensitive information about clients or customers—has never been […]

SOC 2 Compliance
  • by
  • November 21, 2023

Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals

The ransomware strain known as Play is now being offered to other threat actors “as a service,” new evidence unearthed by Adlumin has revealed. “The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks […]

Cyber News
  • by
  • November 21, 2023

Email Security Flaw Found in the Wild

Google’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world. TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authentication tokens. Most of this activity occurred after the initial fix became public on Github. To […]

Cyber News
  • by
  • November 21, 2023

New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks

A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. “ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP […]

Cyber News