Cyber Defense Advisors

News

  • by
  • July 30, 2024

VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access

A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by “several” ransomware groups to gain elevated permissions and deploy file-encrypting malware. The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host. “A malicious actor […]

Cyber News

The CrowdStrike Meltdown Has Rocked Fortune 500s to the Tune of $5.4 Billion

The CrowdStrike Meltdown Has Rocked Fortune 500s to the Tune of $5.4 Billion Strategic Takeaways for IT & Cybersecurity Leaders In an unprecedented blow to the corporate world, the recent CrowdStrike outage we’ve been covering for you has sent shockwaves through Fortune 500 companies, causing financial losses estimated at $5.4 billion, as revealed by cloud […]

Cyber Thoughts
  • by
  • July 29, 2024

Hacking gang leaks documents stolen from Pentagon IT provider

Graham CLULEY July 29, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial Hackers have released internal documents stolen from one of America’s largest IT services providers, which counts various US government agencies, including the Department of Defense, amongst its customers. Bloomberg reports that the leaked data, which belonged to Virginia-based […]

Cyber News
  • by
  • July 29, 2024

Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild

Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild. The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords. The flaw impacts the following versions of Acronis Cyber […]

Cyber News
  • by
  • July 29, 2024

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails

An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint’s defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, among others. “These emails echoed from official Proofpoint email relays with authenticated SPF and […]

Cyber News
  • by
  • July 29, 2024

New Research in Detecting AI-Generated Videos

The latest in what will be a continuing arms race between creating and detecting videos: The new tool the research project is unleashing on deepfakes, called “MISLnet”, evolved from years of data derived from detecting fake images and video with tools that spot changes made to digital video or images. These may include the addition […]

Cyber News
  • by
  • July 29, 2024

How Searchable Encryption Changes the Data Security Game

Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere. Organizations know they must encrypt their most valuable, sensitive data to prevent data theft and breaches. They also understand that organizational data exists to be used. To be searched, viewed, and modified to keep businesses running. Unfortunately, our Network […]

Cyber News
  • by
  • July 29, 2024

‘Stargazer Goblin’ Creates 3,000 Fake GitHub Accounts for Malware Spread

A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service (DaaS) that propagates a variety of information-stealing malware and netting them $100,000 in illicit profits over the past year. The network, which comprises over 3,000 accounts on the cloud-based code hosting platform, spans thousands of […]

Cyber News
  • by
  • July 29, 2024

Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site

The remote access trojan known as Gh0st RAT has been observed being delivered by an “evasive dropper” called Gh0stGambit as part of a drive-by download scheme targeting Chinese-speaking Windows users. These infections stem from a fake website (“chrome-web[.]com”) serving malicious installer packages masquerading as Google’s Chrome browser, indicating that users searching for the software on […]

Cyber News