Cyber Defense Advisors

Cyber Threat Trends

Firms Spend $1197 Per Employee Yearly to Address Cyber-Attacks

The data excludes compliance fines, ransomware costs and losses from non-operational processes

Cyber News, Cyber Threat Trends

Apple’s Device Analytics Can Identify iCloud Users

Researchers claim that supposedly anonymous device analytics information can identify users: On Twitter, security researchers Tommy Mysk and Talal Haj Bakry have found that Apple’s device analytics data includes an iCloud account and can be linked directly to a specific user, including their name, date of birth, email, and associated information stored on iCloud. Apple […]

Cyber News, Cyber Threat Trends
  • by
  • November 22, 2022

AWS Secrets Manager vs. SSM Parameter Store

ACM.119 Choosing where to store secrets and configuration data This is a continuation of my series of posts on Automating Cybersecurity Metrics. In the last post I explained why you might want to use a customer-managed instead of AWS-managed encryption. https://medium.com/cloud-security/customer-managed-kms-keys-vs-aws-managed-encryption-keys-722038fc4a0b Now let’s review the differences between AWS Secrets Manager and AWS Systems Manager Parameter […]

Cyber News, Cyber Threat Trends
  • by
  • November 22, 2022

Here’s How to Ensure Your Incident Response Strategy is Ready for Holiday Hackers

The best line of defense against holiday hacking schemes is a comprehensive incident response strategy that focuses on end-user vulnerabilities.  The holiday season is upon us and with it a slew of cybersecurity scams preying on end-user vulnerabilities. Because employees often use their business emails and cell phones as their primary point of contact, these scams quickly […]

Cyber News, Cyber Threat Trends
  • by
  • November 22, 2022

Researchers Warn of Cyber Criminals Using Go-based Aurora Stealer Malware

A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of campaigns designed to steal sensitive information from compromised hosts. “These infection chains leveraged phishing pages impersonating download pages of legitimate software, including cryptocurrency wallets or remote access tools, and the 911 method making use of YouTube videos and SEO-poised fake

Cyber News, Cyber Threat Trends
  • by
  • November 22, 2022

Adapt and overcome: What the story of the Tardigrade can teach us about resilience

When you think about the most resilient creatures in the animal kingdom, what comes to mind? Perhaps the camel, which can survive for 6 months with no food or water. Or maybe it’s the honey badger, which tends to drink snake venom like cranberry juice. Or how about the immortal jellyfish? This is one of […]

Cyber News, Cyber Threat Trends
  • by
  • November 22, 2022

U.S. Authorities Seize Domains Used in ‘Pig butchering’ Cryptocurrency Scams

The U.S. Justice Department (DoJ) on Monday announced the takedown of seven domain names in connection to a “pig butchering” cryptocurrency scam. The fraudulent scheme, which operated from May to August 2022, netted the actors over $10 million from five victims, the DoJ said. Pig butchering, also called Sha Zhu Pan, is a type of scam in […]

Cyber News, Cyber Threat Trends
  • by
  • November 22, 2022

Luna Moth Gang Invests in Call Centers to Target Businesses with Callback Phishing Campaigns

The Luna Moth campaign has extorted hundreds of thousands of dollars from several victims in the legal and retail sectors. The attacks are notable for employing a technique called callback phishing or telephone-oriented attack delivery (TOAD), wherein the victims are social engineered into making a phone call through phishing emails containing invoices and subscription-themed lures. Palo Alto

Cyber News, Cyber Threat Trends
  • by
  • November 22, 2022

Know thy enemy: thinking like a hacker can boost cybersecurity strategy

As group leader for Cyber Adversary Engagement at MITRE Corp., Maretta Morovitz sees value in getting to know the enemy – she can use knowledge about cyber adversaries to distract, trick, and deflect them and develop strategies to help keep threat actors from getting whatever they’re after. That could mean placing decoys and lures that […]

Cyber News, Cyber Threat Trends