Cyber Defense Advisors

Month: September 2022

Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems

A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet. “Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through

Cyber News

Improve your security posture with Wazuh, a free and open source XDR

Organizations struggle to find ways to keep a good security posture. This is because it is difficult to create secure system policies and find the right tools that help achieve a good posture. In many cases, organizations work with tools that do not integrate with each other and are expensive to purchase and maintain. Security […]

Cyber News

Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware

A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). “This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past,” Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a Tuesday write-up. Sold on the dark […]

Cyber News

Automated Creation and CIDR Allocation for Subnets on AWS

ACM.64 Automating the creation of subnets an NACLS in AWS CloudFormation This is a continuation of my series on Automating Cybersecurity Metrics. We implemented our Public and Private VPCs and added VPC Flow Logs in the last few posts. Now we need to create Subnets and Network Access Control Lists (NACLs). What are subnets? They are a […]

Cyber News

Jamf Announces Intent to Acquire ZecOps, to Provide a Market-Leading Security Solution for Mobile Devices as Targeted Attacks Continue to Grow

ZecOps extends Jamf’s mobile security capabilities by adding advanced detections and incident response.

Cyber News

Cold War Bugging of Soviet Facilities

Found documents in Poland detail US spying operations against the former Soviet Union. The file details a number of bugs found at Soviet diplomatic facilities in Washington, D.C., New York, and San Francisco, as well as in a Russian government-owned vacation compound, apartments used by Russia personnel, and even Russian diplomats’ cars. And the bugs […]

Cyber News

Defend your organization from ransomware attacks with Cisco Secure Endpoint

Ransomware is one of the most dangerous threats organizations face today, so it’s no wonder that Cisco Talos Incident Response named it the top threat of the year in 2021. These attacks continue to grow and become more advanced, with ransomware attacks (see Figure 1 below).1  Stopping ransomware attacks isn’t easy either, as adversaries continue […]

Cyber News

Facebook Shuts Down Covert Political ‘Influence Operations’ from Russia and China

Meta Platforms on Tuesday disclosed it took steps to dismantle two covert influence operations originating from China and Russia for engaging in coordinated inauthentic behavior (CIB) so as to manipulate public debate. While the Chinese operation sets its sights on the U.S. and the Czech Republic, the Russian network primarily targeted Germany, France, Italy, Ukraine […]

Cyber News

Hackers Using PowerPoint Mouseover Trick to Infect System with Malware

The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique “is designed to be triggered when the user starts the presentation mode and moves the mouse,” cybersecurity firm Cluster25 said in a technical report. “The code […]

Cyber News