Cyber Defense Advisors

Year: 2023

  • by
  • November 10, 2023

Deploying the Initial Admin User With Limited Permissions

ACM.375 Scripts to deploy the rootadmin (orgroot) user with restrictions covered in last few posts Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2023

Iranian APT group launches destructive attacks against Israeli organizations

Security researchers warn that an Iran-based threat actor has launched cyberespionage attacks against Iranian organizations from the education and technology sectors since the beginning of the year. The attacks have a destructive component as the actor deploys data wipers to cover their tracks, leaving impacted systems unusable. “Our investigation revealed the perpetrators of the attacks […]

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2023

What We Can Learn from Major Cloud Cyberattacks

Analysis of six major cloud incidents shows how some common mistakes can lead to serious consequences.

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2023

Treasury Markets Disrupted by ICBC Ransomware Attack

The US Treasury states that it is in contact with financial regulators as it monitors the breach.

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2023

MOVEit Hackers Pivot to SysAid Zero-Day in Ransomware Attacks

The Clop ransomware group is actively exploiting a SysAid zero-day flaw after running rampant through enterprise systems using MOVEit file transfer bug.

Cyber News, Cyber Threat Trends
  • by
  • November 10, 2023

‘BlazeStealer’ Python Malware Allows Complete Takeover of Developer Machines

Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams.

Cyber News, Cyber Threat Trends

Signature Techniques of Asian APT Groups Revealed

Kaspersky said the primary focus of these actors is cyber-espionage and information gathering

Cyber News, Cyber Threat Trends
  • by
  • November 9, 2023

Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability

The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT support software in limited attacks, according to new findings from Microsoft. Lace Tempest, which is known for distributing the Cl0p ransomware, has in the past leveraged zero-day flaws in MOVEit Transfer and PaperCut servers. The […]

Cyber News
  • by
  • November 9, 2023

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers

A new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. “This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as seen in its […]

Cyber News