Cyber Defense Advisors

News

  • by
  • August 2, 2024

APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack

A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 2023 to deliver a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike. It has […]

Cyber News
  • by
  • August 2, 2024

APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure

A Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. “The campaign likely targeted diplomats and began as early as March 2024,” Palo Alto Networks Unit 42 said in a report published today, attributing it with […]

Cyber News
  • by
  • August 2, 2024

Webinar: Discover the All-in-One Cybersecurity Solution for SMBs

In today’s digital battlefield, small and medium businesses (SMBs) face the same cyber threats as large corporations, but with fewer resources. Managed service providers (MSPs) are struggling to keep up with the demand for protection. If your current cybersecurity strategy feels like a house of cards – a complex, costly mess of different vendors and […]

Cyber News
  • by
  • August 2, 2024

Leaked GitHub Python Token

Here’s a disaster that didn’t happen: Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker container hosted on Docker Hub, which granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF). JFrog discussed what could have happened: The […]

Cyber News
  • by
  • August 2, 2024

Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal

Enterprise Resource Planning (ERP) Software is at the heart of many enterprising supporting human resources, accounting, shipping, and manufacturing. These systems can become very complex and difficult to maintain. They are often highly customized, which can make patching difficult. However, critical vulnerabilities keep affecting these systems and put critical business data at risk. The SANS […]

Cyber News
  • by
  • August 2, 2024

New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication

Cybersecurity researchers have discovered a previously undocumented Windows backdoor that leverages a built-in feature called Background Intelligent Transfer Service (BITS) as a command-and-control (C2) mechanism. The newly identified malware strain has been codenamed BITSLOTH by Elastic Security Labs, which made the discovery on June 25, 2024, in connection with a cyber attack targeting an unspecified […]

Cyber News
  • by
  • August 2, 2024

U.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner Exchange

In a historic prisoner exchange between Belarus, Germany, Norway, Russia, Slovenia, and the U.S., two Russian nationals serving time for cybercrime activities have been freed and repatriated to their country. This includes Roman Valerevich Seleznev and Vladislav Klyushin, who are part of a group of eight people who have been swapped back to Russia in […]

Cyber News
  • by
  • August 2, 2024

Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware

Cybersecurity companies are warning about an uptick in the abuse of Clouflare’s TryCloudflare free service for malware delivery. The activity, documented by both eSentire and Proofpoint, entails the use of TryCloudflare to create a rate-limited tunnel that acts as a conduit to relay traffic from an attacker-controlled server to a local machine through Cloudflare’s infrastructure. […]

Cyber News
  • by
  • August 2, 2024

U.S. Trades Cybercriminals to Russia in Prisoner Swap

Twenty-four prisoners were freed today in an international prisoner swap between Russia and Western countries. Among the eight Russians repatriated were several convicted cybercriminals. In return, Russia has reportedly released 16 prisoners, including Wall Street Journal reporter Evan Gershkovich and ex-U.S. Marine Paul Whelan. AMong those in the prisoner swap is Roman Seleznev, 40, who […]

Cyber News