Cyber Defense Advisors

News

Home / News / Page 307

Stories from the SOC: Proactive steps to protect customers from misconfigured MFA

Executive summary Multifactor authentication, or MFA, provides users with an added layer of security when logging into web applications. Surpassing its predecessor, two-factor authentication, in 2023, MFA is a standard option for another layer of security for online accounts. . In May 2022, the Cybersecurity & Infrastructure Security Agency (CISA) published security advisory AA22-074A describing how […]

Cyber News, Cyber Threat Trends
  • by
  • November 16, 2023

Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks

A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. “Starting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with […]

Cyber News
  • by
  • November 16, 2023

Russian Hackers Linked to ‘Largest Ever Cyber Attack’ on Danish Critical Infrastructure

Russian threat actors have been possibly linked to what’s been described as the “largest cyber attack against Danish critical infrastructure,” in which 22 companies associated with the operation of the country’s energy sector were targeted in May 2023. “22 simultaneous, successful cyberattacks against Danish critical infrastructure are not commonplace,” Denmark’s SektorCERT said [PDF]. “The attackers […]

Cyber News

Smashing Security podcast #348: Hacking for chimp change, and AI chatbot birthday

Who’s more incompetent – the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Cyber News, Cyber Threat Trends
  • by
  • November 16, 2023

Veterans play a crucial role in filling the cybersecurity skills gap

While the veteran unemployment rate may be at a historic low, the transition from the military to civilian life isn’t without its challenges. For starters, ex-military members often need help translating their skills gained in the armed forces to non-military roles, and many need to become more familiar with the wide variety of civilian career path […]

Cyber News, Cyber Threat Trends

Smashing Security podcast #348: Hacking for chimp change, and AI chatbot birthday

Who’s more incompetent – the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast may contain nuts, adult […]

Cyber News

New SSH Vulnerability

This is interesting: For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established. […] The vulnerability occurs when there are errors during the signature generation that […]

Cyber News, Cyber Threat Trends

New SSH Vulnerability

This is interesting: For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established. […] The vulnerability occurs when there are errors during the signature generation that […]

Cyber News
  • by
  • November 15, 2023

U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty

The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan national behind the operation pleaded guilty. “The botnet infrastructure had infected Windows systems then further expanded to infect Linux, Mac, and Android devices, victimizing computers and other electronic devices around the world, including […]

Cyber News