Cyber Defense Advisors

Year: 2023

ThreatModeler Makes DevSecOps More Accessible With New Marketplace

The store includes pre-built threat models that can be integrated into a development pipeline

Cyber News, Cyber Threat Trends

ThreatModeler Makes DevSecOps More Accessible With New Marketplace

The store includes pre-built threat models that can be integrated into a development pipeline

Cyber News, Cyber Threat Trends

Mailchimp Hit By Another Data Breach Following Employee Hack

According to the company, the incident was limited to 133 accounts

Cyber News, Cyber Threat Trends

Mailchimp Hit By Another Data Breach Following Employee Hack

According to the company, the incident was limited to 133 accounts

Cyber News, Cyber Threat Trends

Ransomware Payments Fall by 40% in 2022

The Chainalysis report found that victim organizations are increasingly reluctant to pay ransom demands

Cyber News, Cyber Threat Trends
  • by
  • January 19, 2023

AWS Service Control Policies

Setting controls at the organizational level This is a continuation of my series on Automating Cybersecurity Metrics. As a reminder I’ve recently been considering how to protect domain names migrated to a single AWS account in an organization that is dedicated for that purpose. I’ve considered the pros and cons of using various IAM functions […]

Cyber News, Cyber Threat Trends
  • by
  • January 19, 2023

New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks

A new critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious actor to completely take control of a targeted application. “The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu,” Ermetic researcher Liv Matan said in a report shared with The Hacker News. […]

Cyber News, Cyber Threat Trends

Ransomware Payments Fall by 40% in 2022

The Chainalysis report found that victim organizations are increasingly reluctant to pay ransom demands

Cyber News, Cyber Threat Trends

Security Analysis of Threema

A group of Swiss researchers have published an impressive security analysis of Threema. We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models. As one example, we present a […]

Cyber News, Cyber Threat Trends