Cyber Defense Advisors

Month: July 2023

  • by
  • July 18, 2023

Microsoft ‘Logging Tax’ Hinders Incident Response, Experts Warn

A recent email compromise by Chinese APT group Storm-0558 highlights a lack of access to security logging by many Microsoft 365 license holders, prompting calls from researchers to abolish it.

Cyber News, Cyber Threat Trends
  • by
  • July 18, 2023

How AI-Augmented Threat Intelligence Solves Security Shortfalls

Researchers explore how overburdened cyber analysts can improve their threat intelligence jobs by using ChatGPT-like large language models (LLMs).

Cyber News, Cyber Threat Trends
  • by
  • July 18, 2023

Automatically Displaying the Reason A CloudFormation Stack Failed Using AWS CLI

ACM.251 Develop CloudFormation faster by getting information you need to resolve errors more quickly Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends
  • by
  • July 18, 2023

Startup Spotlight: Binarly Hardens Firmware Security

The company, one of four finalists in this year’s Black Hat USA Startup Spotlight competition, uses AI/ML to find firmware vulnerabilities.

Cyber News, Cyber Threat Trends
  • by
  • July 18, 2023

JumpCloud Blames ‘Sophisticated Nation-State’ Actor for Security Breach

A little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor. The adversary “gained unauthorized access to our systems to target a small and specific set of our customers,” Bob Phan, chief information security officer (CISO) at JumpCloud, said in […]

Cyber News, Cyber Threat Trends
  • by
  • July 18, 2023

Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites

Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to impersonate arbitrary users and perform some actions as the impersonated user, including an

Cyber News, Cyber Threat Trends
  • by
  • July 18, 2023

Owner of BreachForums Pleads Guilty to Cybercrime and Child Pornography Charges

Conor Brian Fitzpatrick, the owner of the now-defunct BreachForums website, has pleaded guilty to charges related to his operation of the cybercrime forum as well as having child pornography images. The development, first reported by DataBreaches.net last week, comes nearly four months after Fitzpatrick (aka pompompurin) was formally charged in the U.S. with conspiracy to commit access device

Cyber News, Cyber Threat Trends

Using Snapshots to Improve Data Security

How snapshots — point-in-time copies of data — can improve data security.

Cyber News, Cyber Threat Trends
  • by
  • July 18, 2023

UAE and South African Hospitals Fail on DMARC Implementation

Only a quarter of hospitals have implemented the strongest level of DMARC, with a third running any version of the email validation protocol.

Cyber News, Cyber Threat Trends