Cyber Defense Advisors

Cyber Threat Trends

Qatar Spyware

Everyone visiting Qatar for the World Cup needs to install spyware on their phone. Everyone travelling to Qatar during the football World Cup will be asked to download two apps called Ehteraz and Hayya. Briefly, Ehteraz is an covid-19 tracking app, while Hayya is an official World Cup app used to keep track of match […]

Cyber News, Cyber Threat Trends
  • by
  • October 19, 2022

GitGuardian adds IaC scanning to code security platform to protect SDLC

GitGuardian has added infrastructure-as-code (IaC) scanning to its code security platform to enhance the security of software development. The firm said the new feature will help security and development teams write, maintain, and run secure code, protecting the software development lifecycle (SDLC) against risks like tampering, code leakage and hardcoded credentials. The release reflects a […]

Cyber News, Cyber Threat Trends
  • by
  • October 19, 2022

User-Specific Secrets on AWS: KMS

ACM.84 Granting an IAM Group permission to use a KMS key in a Key Policy This is a continuation of my series of posts on Automating Cybersecurity Metrics. We’ve been working on adding a user-specific secret in Secrets Manager in the past few posts and considered how to deploy secrets in a manner that supports non-repudiation. […]

Cyber News, Cyber Threat Trends
  • by
  • October 19, 2022

Сryptocurrency and Ransomware — The Ultimate Friendship

Both cryptocurrency and ransomware are nothing new in the digital world; both have been there for a very long time, which was enough for them to find common pieces for starting their relationship. Ransomware can be like a virtual car that works on all types of fuels, and crypto is the one that is currently […]

Cyber News, Cyber Threat Trends
  • by
  • October 19, 2022

Zoom for Mac patches sneaky “spy-on-me” bug – update now!

Hey! That back door isn’t supposed to be there at all, let alone propped open…

Cyber News, Cyber Threat Trends
  • by
  • October 19, 2022

Dangerous hole in Apache Commons Text – like Log4Shell all over again

Third time unlucky. Time to put your patching boots on again…

Cyber News, Cyber Threat Trends

Zoom Patches High-Severity Flaw in macOS Client

The flaw could allow an attacker to connect to clients and control the Zoom Apps running in it

Cyber News, Cyber Threat Trends

HelpSystems Patch Falls Short, RCE Vulnerability in Cobalt Strike Remains

Certain components in Java Swing will interpret text as HTML content if it starts with

Cyber News, Cyber Threat Trends

Spyder Loader Malware Deployed Against Hong Kong Organizations

The attackers reportedly remained active on some networks for more than a year

Cyber News, Cyber Threat Trends