Cyber Defense Advisors

News

  • by
  • July 23, 2024

DDoS-for-hire site DigitalStress taken down by police, suspected owner arrested

Graham CLULEY July 23, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial It has been revealed that earlier this month a website which offered a DDoS-for-hire service was taken offline by law enforcement, but only after they collected data about its criminal customers. Anyone visiting DigitalStress’s website today will no […]

Cyber News
  • by
  • July 23, 2024

Chinese Hackers Target Taiwan and U.S. NGO with MgBot and MACMA Malware

Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using an upgraded set of malware tools. The campaign is a sign that the group “also engages in internal espionage,” Symantec’s Threat Hunter Team, part of Broadcom, said in a new report […]

Cyber News
  • by
  • July 23, 2024

The AI Fix #8: Emergence, a rancid donkey, and the world’s funniest joke

In episode eight of “The AI Fix”, our hosts tackle the latest news from the world of artificial intelligence and learn about two important medical breakthroughs, Mark coughs, Graham ruins “Killing me softly”, and neither shows their junk to an AI. Graham explains humour to Mark and shares a donkey story he learned from a […]

Cyber News
  • by
  • July 23, 2024

2017 ODNI Memo on Kaspersky Labs

It’s heavily redacted, but still interesting. Many more ODNI documents here.  

Cyber News
  • by
  • July 23, 2024

New ICS Malware ‘FrostyGoop’ Targeting Critical Infrastructure

Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems (ICS)-focused malware that has been used in a disruptive cyber attack targeting an energy company in the Ukrainian city of Lviv earlier this January. Industrial cybersecurity firm Dragos has dubbed the malware FrostyGoop, describing it as the first malware strain to directly […]

Cyber News
  • by
  • July 23, 2024

How to Securely Onboard New Employees Without Sharing Temporary Passwords

The initial onboarding stage is a crucial step for both employees and employers. However, this process often involves the practice of sharing temporary first-day passwords, which can expose organizations to security risks. Traditionally, IT departments have been cornered into either sharing passwords in plain text via email or SMS, or arranging in-person meetings to verbally […]

Cyber News
  • by
  • July 23, 2024

Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files

Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information. The sneaky technique, observed by Sucuri on a Magento e-commerce site’s checkout page, allowed the malware to survive multiple cleanup attempts, the company said. The skimmer is designed to capture all the data […]

Cyber News
  • by
  • July 23, 2024

Meta Given Deadline to Address E.U. Concerns Over ‘Pay or Consent’ Model

Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its “pay or consent” advertising model or risk-facing enforcement measures, including sanctions. The European Commission said the Consumer Protection Cooperation (CPC) Network has notified the social media giant that the model adopted for Facebook and Instagram […]

Cyber News
  • by
  • July 23, 2024

Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware

The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of a spear-phishing campaign targeting a scientific research institution in the country with malware known as HATVIBE and CHERRYSPY. The agency attributed the attack to a threat actor it tracks under the name UAC-0063, which was previously observed targeting various government entities to gather sensitive […]

Cyber News