CISA Updates Guidelines to Increase Resilience of Infrastructure Planning
They expand the framework’s scope by adding new resources and tools to support SLTT partners
Cyber News, Cyber Threat TrendsQakbot Infections Linked to Black Basta Ransomware Campaign
Threat actors obtained admin access in two hours and then deployed ransomware in under 12 hours
Cyber News, Cyber Threat TrendsThe US Has a Shortage of Bomb-Sniffing Dogs
Nothing beats a dog’s nose for detecting explosives. Unfortunately, there aren’t enough dogs: Last month, the US Government Accountability Office (GAO) released a nearly 100-page report about working dogs and the need for federal agencies to better safeguard their health and wellness. The GOA says that as of February the US federal government had approximately […]
Cyber News, Cyber Threat Trends
- November 23, 2022
Multiple MFA Devices for IAM
ACM.120 Add more than once MFA device to an IAM account for different purposes or in case of a lost device This is a continuation of my series on Automating Cybersecurity Metrics. I’m thrilled to see that we can now add multiple MFA devices to a user in AWS IAM. I’m stopping in the middle of […]
Cyber News, Cyber Threat Trends
- November 23, 2022
Network Security
Blog posts, papers, and articles on Network Security by Teri Radichel I’ve been writing about cloud security metrics automation in my latest series, but now I have to prepare for a cloud security class. I am teaching virtually now though I haven’t updated the website in a while. As always whatever is paying the bills takes […]
Cyber News, Cyber Threat Trends
- November 23, 2022
Top Cyber Threats Facing E-Commerce Sites This Holiday Season
Delivering a superior customer experience is essential for any e-commerce business. For those companies, there’s a lot at stake this holiday season. According to Digital Commerce 360, nearly $1.00 of every $4.00 spent on retail purchases during the 2022 holiday season will be spent online, resulting in $224 billion in e-commerce sales. To ensure your […]
Cyber News, Cyber Threat Trends
- November 23, 2022
Ducktail Malware Operation Evolves with New Malicious Capabilities
The operators of the Ducktail information stealer have demonstrated a “relentless willingness to persist” and continued to update their malware as part of an ongoing financially driven campaign. “The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim’s Facebook account,” WithSecure researcher Mohammad Kazem
Cyber News, Cyber Threat Trends
- November 23, 2022
34 Russian Hacker Groups Stole Over 50 Million Passwords with Stealer Malware
As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022. “The underground market value of stolen logs and compromised card details is estimated around $5.8 million,” Singapore-headquartered Group-IB said in a report shared with The Hacker News. Aside from looting
Cyber News, Cyber Threat TrendsHow to reset a Kerberos password and get ahead of coming updates
Do you recall when you last reset your Kerberos password? Hopefully that was not the last time I suggested you change it, back in April of 2021, when I urged you to do a regular reset of the KRBTGT account password. If you’ve followed my advice, you are already one step ahead of the side […]
Cyber News, Cyber Threat Trends