Cyber Defense Advisors

Cyber News

Home / News / Cyber News / Page 956

Stories from the SOC: Fortinet authentication bypass observed in the wild

Executive summary: Fortinet’s newest vulnerability, CVE-2022-40684, allowing for authentication bypass to manipulate admin SSH keys, unauthorized downloading of configuration files, and creating of super admin accounts, is put a big target on the back’s of  unpatched and exposed Fortinet devices. An AT&T Managed Extended Detection and Response (MXDR) customer was involved in a true positive […]

Cyber News, Cyber Threat Trends

UK Shoppers Lost £15m+ to Scammers Last Winter

Cyber experts urge consumers to improve online safety

Cyber News, Cyber Threat Trends

Ukrainian CERT Discloses New Data-Wiping Campaign

Somnia malware hijacks Telegram and VPN accounts

Cyber News, Cyber Threat Trends
  • by
  • November 14, 2022

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks

A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team (SIRT), the Golang-based malware has been found targeting a variety of companies ranging from gaming to

Cyber News, Cyber Threat Trends
  • by
  • November 14, 2022

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor’s infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that’s used to facilitate information theft. “What is noteworthy is data collection from […]

Cyber News, Cyber Threat Trends
  • by
  • November 13, 2022

How to Fix CloudFormation

ACM.110 CloudFormation is an amazing concept but it needs a little TLC This is a continuation of my series of posts on Automating Cybersecurity Metrics. In the last post we looked at adding a policy to our VPC Endpoint that provides access to CloudFormation via a private network (i.e. without traversing the Internet.) Add a Policy […]

Cyber News, Cyber Threat Trends
  • by
  • November 12, 2022

Add a Policy to an AWS VPC Endpoint

ACM.109 Combining IAM and network controls to improve cloud security defenses This is a continuation of my series of posts on Automating Cybersecurity Metrics. In a prior post we created an AWS VPC Endpoint to use with CloudFormation. VPC Endpoint for CloudFormation Then we valiated that the traffic traverses a private route. Validating VPC Endpoint Connections Occur […]

Cyber News, Cyber Threat Trends

Security challenges facing SMBs – Week in security with Tony Anscombe

New ESET report shows how ever-growing threats impact SMB sentiment and why many SMBs are underprepared to defend against attacks The post Security challenges facing SMBs – Week in security with Tony Anscombe appeared first on WeLiveSecurity

Cyber News, Cyber Threat Trends

Friday Squid Blogging: Squid Purse

Perfect for an evening out. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Cyber News, Cyber Threat Trends