Cyber Defense Advisors

News

Home / News / Page 8

Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces

Threat hunters are calling attention to a new campaign that has targeted Fortinet FortiGate firewall devices with management interfaces exposed on the public internet. “The campaign involved unauthorized administrative logins on management interfaces of firewalls, creation of new accounts, SSL VPN authentication through those accounts, and various other configuration changes,” cybersecurity firm Arctic Wolf said […]

Cyber News

Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware

Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin’s efforts to gather economic and political intelligence in Central Asia. The campaign has been assessed to be the work of an intrusion set dubbed UAC-0063, which likely shares overlap with APT28, a nation-state group affiliated with […]

Cyber News

CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2024-12686 (CVSS score: 6.6), a medium-severity bug that could […]

Cyber News

Data Centers Under Siege: Defending the Digital Vaults of the Modern World

Data Centers Under Siege: Defending the Digital Vaults of the Modern World The Blueprint for Defying Cyber Attacks and Natural Disasters Hackers don’t break in through windows—they slip in through the front door you thought was secure. Data centers are the nerve centers of the digital world, storing and processing the data that keeps economies […]

Cyber Thoughts

Pastor’s “dream” crypto scheme alleged to be a multi-million dollar scam

Graham CLULEY January 13, 2025 Promo Protect all your devices, without slowing them down. Free 30-day trial A federal grand jury has indicted a 51-year-old church pastor on 26 counts of fraud, after allegedly using his position to deceive victims into investing in a cryptocurrency investment scam. That in itself would seem unusual, but what […]

Cyber News

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners

A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in unauthenticated […]

Cyber News

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]

The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay […]

Cyber News

Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme

Not sure this will matter in the end, but it’s a positive move: Microsoft is accusing three individuals of running a “hacking-as-a-service” scheme that was designed to allow the creation of harmful and illicit content using the company’s platform for AI-generated content. The foreign-based defendants developed tools specifically designed to bypass safety guardrails Microsoft has […]

Cyber News

Ransomware on ESXi: The Mechanization of Virtualized Attacks

In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet (according to Shodan), the operational and business impact of these attacks is profound. Most of the Ransomware strands that are attacking ESXi servers nowadays, are […]

Cyber News