Cyber Defense Advisors

Month: March 2023

Home / News / 2023 / March / Page 8
  • by
  • March 26, 2023

Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers

Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) hashes and stage a relay attack without requiring any user interaction. “External

Cyber News, Cyber Threat Trends
  • by
  • March 26, 2023

U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals

In what’s a case of setting a thief to catch a thief, the U.K. National Crime Agency (NCA) revealed that it has created a network of fake DDoS-for-hire websites to infiltrate the online criminal underground. “All of the NCA-run sites, which have so far been accessed by around several thousand people, have been created to […]

Cyber News, Cyber Threat Trends
  • by
  • March 26, 2023

Calculating the size of a TCP Packet Payload

Part of a series on Cybersecurity Math. Also, Network Security. Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends
  • by
  • March 26, 2023

Pasting Code in AWS CloudShell from Mac — Not Pretty

If anyone out there working on AWS CloudShell happens to see this, I’d consider this a bug because it makes CloudShell pretty much… Continue reading on Bugs That Bite »

Cyber News, Cyber Threat Trends
  • by
  • March 26, 2023

AWS Organizations SCPs — Redundant and Extraneous Policies

The design of AWS Organizations is such that accounts and OUs end up having repetitive and redundant FullAWSAccess policies. Continue reading on Bugs That Bite »

Cyber News, Cyber Threat Trends
  • by
  • March 26, 2023

Bug in AWS CloudShell

I have a particular file that has a portion of the code that looks like this when I open it up: Continue reading on Bugs That Bite »

Cyber News, Cyber Threat Trends
  • by
  • March 26, 2023

Resource handler returned message: “The provided policy document does not meet the requirements of…

Error message for AWS CloudFormation with a Service Control Policy is *Not Helpful* (or any IAM-like policy) Continue reading on Bugs That Bite »

Cyber News, Cyber Threat Trends

DevSecOps puts security in the software cycle

Addressing cybersecurity can be a challenge when the focus is on speed in software development and production life cycles. The post DevSecOps puts security in the software cycle appeared first on TechRepublic.

Cyber News, Cyber Threat Trends

Exploding USB Sticks

In case you don’t have enough to worry about, people are hiding explosives—actual ones—in USB sticks: In the port city of Guayaquil, journalist Lenin Artieda of the Ecuavisa private TV station received an envelope containing a pen drive which exploded when he inserted it into a computer, his employer said. Artieda sustained slight injuries to […]

Cyber News, Cyber Threat Trends