Cyber Defense Advisors

Year: 2023

  • by
  • November 7, 2023

Cisco patches serious flaws in Firepower and Identity Services Engine

Cisco released several patches for high and critical vulnerabilities affecting several products like its Firepower network security devices, Identity Services Engine (ISE)) network access control platform, and Adaptive Security Appliance (ASA). The US Cybersecurity and Infrastructure Security Agency (CISA) issued an alert urging administrators to deploy the available patches because “a cyber threat actor could […]

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2023

Novel Google Cloud RAT Uses Calendar Events for C2

Cybercriminals are abusing legitimate functions within cloud services, and providers can’t totally stop them, especially when it comes to innovative approaches like this.

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2023

Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams

With AI and publicly available data, cybercriminals have the resources they need to fake a real-life kidnapping and make you believe it.

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2023

Gootloader Aims Malicious, Custom Bot Army at Enterprise Networks

Previously limited to initial access brokering, the Gootloader group has pivoted to a nasty post-compromise “GootBot” attack, each implant with its own C2.

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2023

Kinsing Cyberattackers Debut ‘Looney Tunables’ Cloud Exploits

Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2023

Steps to Follow to Comply With the SEC Cybersecurity Disclosure Rule

Mandiant/Google Cloud’s Jill C. Tyson offers up timelines, checklists, and other guidance around enterprise-wide readiness to ensure compliance with the new rule.

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2023

Preventing Privilege Escalation with an AWS IAM Permission Boundary

ACM.372 Taking a closer look at the AWS IAM permission boundary documentation and configuration Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends
  • by
  • November 7, 2023

Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now

Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. The list of vulnerabilities is as follows – CVE-2023-38547 (CVSS score: 9.9) – An unspecified flaw that can be leveraged by an unauthenticated user to gain information about the SQL server connection Veeam […]

Cyber News, Cyber Threat Trends