Ransomware Payments Fall by 40% in 2022
The Chainalysis report found that victim organizations are increasingly reluctant to pay ransom demands
Cyber News, Cyber Threat Trends
- January 19, 2023
AWS Service Control Policies
Setting controls at the organizational level This is a continuation of my series on Automating Cybersecurity Metrics. As a reminder I’ve recently been considering how to protect domain names migrated to a single AWS account in an organization that is dedicated for that purpose. I’ve considered the pros and cons of using various IAM functions […]
Cyber News, Cyber Threat Trends
- January 19, 2023
New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks
A new critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious actor to completely take control of a targeted application. “The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu,” Ermetic researcher Liv Matan said in a report shared with The Hacker News. […]
Cyber News, Cyber Threat TrendsRansomware Payments Fall by 40% in 2022
The Chainalysis report found that victim organizations are increasingly reluctant to pay ransom demands
Cyber News, Cyber Threat TrendsSecurity Analysis of Threema
A group of Swiss researchers have published an impressive security analysis of Threema. We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models. As one example, we present a […]
Cyber News, Cyber Threat Trends
- January 19, 2023
New Research Delves into the World of Malicious LNK Files and Hackers Behind Them
Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and execute payloads such as Bumblebee, IcedID, and Qakbot. A recent study by cybersecurity experts has shown that it is possible to identify relationships between different threat actors by analyzing the metadata of malicious LNK files, uncovering information such as the […]
Cyber News, Cyber Threat TrendsSecurity Analysis of Threema
A group of Swiss researchers have published an impressive security analysis of Threema. We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models. As one example, we present a […]
Cyber News, Cyber Threat TrendsImprove your AWS security posture, Step 3: Encrypt AWS data in transit and at rest
In the first two blogs in this series, we discussed properly setting up IAM and avoiding direct internet access to AWS resources. In this blog, we’ll tackle encrypting AWS in transit and at rest. Sometimes, despite all efforts to the contrary, data can be compromised. This can occur due to data leakage through faulty apps or systems, […]
Cyber News, Cyber Threat TrendsFTX: Over $400m Stolen from Bankrupt Exchange
FTX founder already charged with fraud and money laundering
Cyber News, Cyber Threat Trends