Cyber Defense Advisors

Month: November 2022

Medibank refuses to pay ransom after 9.7 million health insurance customers have their data stolen

Embattled Australian health insurer Medibank says that it will not pay a ransom to cyber extortionists who stolen the personal data of almost ten million customers. Read more in my article on the Hot for Security blog.

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2022

Public URL scanning tools – when security leads to insecurity

Never make your users cry/By how you use an API

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2022

Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack

Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was “consistent with the precursors to a ransomware event,” […]

Cyber News, Cyber Threat Trends

Android RAT Group Targets Indian Defense Personnel

The app asked for several permissions, including camera, microphone, internet and storage

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2022

This Hidden Facebook Tool Lets Users Remove Their Email or Phone Number Shared by Others

Facebook appears to have silently rolled out a tool that allows users to remove their contact information, such as phone numbers and email addresses, uploaded by others. The existence of the tool, which is buried inside a Help Center page about “Friending,” was first reported by Business Insider last week. It’s offered as a way for “Non-users” to “exercise their […]

Cyber News, Cyber Threat Trends

Cyber Insurance Market Stabilizing as Security Awareness Improves

The cyber insurance market is beginning to stabilize following several years of steep rate increases, according to a recent report

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2022

How an EIPAssociation in CloudFormation can Help Prevent Dependency Issues

ACM.104 Maintaining a static IP address when you need to delete and recreate an EC2 instance This is a continuation of my series on Automating Cybersecurity Metrics. We ran into a snag in the last post and we’re going to fix it in this post. In that post, we used an AWS-managed prefix list ot add […]

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2022

Experts Find Urlscan Security Scanner Inadvertently Leaks Sensitive URLs and Data

Security researchers are warning of “a trove of sensitive information” leaking through urlscan.io, a website scanner for suspicious and malicious URLs. “Sensitive URLs to shared documents, password reset pages, team invites, payment invoices and more are publicly listed and searchable,” Positive Security co-founder, Fabian Bräunlein, said in a report published on November 2, 2022. The

Cyber News, Cyber Threat Trends

The Conviction of Uber’s Chief Security Officer

I have been meaning to write about Joe Sullivan, Uber’s former Chief Security Officer. He was convicted of crimes related to covering up a cyberattack against Uber. It’s a complicated case, and I’m not convinced that he deserved a guilty ruling or that it’s a good thing for the industry. I may still write something, […]

Cyber News, Cyber Threat Trends