Cyber Defense Advisors

Cyber Threat Trends

Malicious Package on PyPI Hides Behind Image Files, Spreads Via GitHub

The findings indicate that PyPI malicious packages and their obfuscation techniques are evolving

Cyber News, Cyber Threat Trends

High-Risk Vulnerability Found in ABB’s Flow Computers

Attackers could exploit it by sending a specially crafted message to an affected system node

Cyber News, Cyber Threat Trends

Having refused to pay ransom, health insurer Medibank sees customer data posted online by hackers

A ransomware gang has begun to publish data on the dark web stolen from Australia’s largest health insurer Medibank. Curiously, the hackers have released details of insured customers, sorted into two files bearing the label “naughty-list” and “good-list.” Read more in my article on the Hot for Security blog.

Cyber News, Cyber Threat Trends

Medibank Confirms Data Stolen in Breach is Now Available Online

The leaked data includes personal data like names, addresses and phone numbers, among others

Cyber News, Cyber Threat Trends

Cisco Secure Endpoint – looking very positive in recent reports!

Lots of exciting things happening at Cisco, and for our customers, all to help them better prepare for what’s next. Case in point, we just returned from a very successful Cisco Partner Summit where the spotlight shined on cyber security. When our executives were on stage talking about solutions, the attendees heard a very catchy […]

Cyber News, Cyber Threat Trends
  • by
  • November 9, 2022

APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network

The Russia-linked APT29 nation-state actor has been found leveraging a “lesser-known” Windows feature called Credential Roaming as part of its attack against an unnamed European diplomatic entity. “The diplomatic-centric targeting is consistent with Russian strategic priorities as well as historic APT29 targeting,” Mandiant researcher Thibault Van Geluwe de Berlaere said in a technical write-up.

Cyber News, Cyber Threat Trends
  • by
  • November 9, 2022

Several Cyber Attacks Observed Leveraging IPFS Decentralized Network

A number of phishing campaigns are leveraging the decentralized Interplanetary Filesystem (IPFS) network to host malware, phishing kit infrastructure, and facilitate other attacks. “Multiple malware families are currently being hosted within IPFS and retrieved during the initial stages of malware attacks,” Cisco Talos researcher Edmund Brumaghin said in an analysis shared with The Hacker News.

Cyber News, Cyber Threat Trends
  • by
  • November 9, 2022

Cisco Secure Firewall on AWS: Build resilience at scale with stateful firewall clustering

Organizations embrace the public cloud for the agility, scalability, and reliability it offers when running applications. But just as organizations need these capabilities to ensure their applications operate where needed and as needed, they also require their security does the same. Organizations may introduce multiple individual firewalls into their AWS infrastructure to produce this outcome. […]

Cyber News, Cyber Threat Trends
  • by
  • November 9, 2022

VPC Endpoint for CloudFormation

ACM.106 Adding an Interface VPC Endpoint to A VPC This is a continuation of my series on Automating Cybersecurity Metrics. In the last post I showed how you can provide access to GitHub from AWS with one rule in a security group with an AWS customer-managed prefix list. Creating an AWS Security Group rule to Access GitHub […]

Cyber News, Cyber Threat Trends