Cyber Defense Advisors

News

CISA Updates Guidelines to Increase Resilience of Infrastructure Planning

They expand the framework’s scope by adding new resources and tools to support SLTT partners

Cyber News, Cyber Threat Trends

Qakbot Infections Linked to Black Basta Ransomware Campaign

Threat actors obtained admin access in two hours and then deployed ransomware in under 12 hours

Cyber News, Cyber Threat Trends

The US Has a Shortage of Bomb-Sniffing Dogs

Nothing beats a dog’s nose for detecting explosives. Unfortunately, there aren’t enough dogs: Last month, the US Government Accountability Office (GAO) released a nearly 100-page report about working dogs and the need for federal agencies to better safeguard their health and wellness. The GOA says that as of February the US federal government had approximately […]

Cyber News, Cyber Threat Trends
  • by
  • November 23, 2022

Multiple MFA Devices for IAM

ACM.120 Add more than once MFA device to an IAM account for different purposes or in case of a lost device This is a continuation of my series on Automating Cybersecurity Metrics. I’m thrilled to see that we can now add multiple MFA devices to a user in AWS IAM. I’m stopping in the middle of […]

Cyber News, Cyber Threat Trends
  • by
  • November 23, 2022

Network Security

Blog posts, papers, and articles on Network Security by Teri Radichel I’ve been writing about cloud security metrics automation in my latest series, but now I have to prepare for a cloud security class. I am teaching virtually now though I haven’t updated the website in a while. As always whatever is paying the bills takes […]

Cyber News, Cyber Threat Trends
  • by
  • November 23, 2022

Top Cyber Threats Facing E-Commerce Sites This Holiday Season

Delivering a superior customer experience is essential for any e-commerce business. For those companies, there’s a lot at stake this holiday season. According to Digital Commerce 360, nearly $1.00 of every $4.00 spent on retail purchases during the 2022 holiday season will be spent online, resulting in $224 billion in e-commerce sales. To ensure your […]

Cyber News, Cyber Threat Trends
  • by
  • November 23, 2022

Ducktail Malware Operation Evolves with New Malicious Capabilities

The operators of the Ducktail information stealer have demonstrated a “relentless willingness to persist” and continued to update their malware as part of an ongoing financially driven campaign. “The malware is designed to steal browser cookies and take advantage of authenticated Facebook sessions to steal information from the victim’s Facebook account,” WithSecure researcher Mohammad Kazem

Cyber News, Cyber Threat Trends
  • by
  • November 23, 2022

34 Russian Hacker Groups Stole Over 50 Million Passwords with Stealer Malware

As many as 34 Russian-speaking gangs distributing information-stealing malware under the stealer-as-a-service model stole no fewer than 50 million passwords in the first seven months of 2022. “The underground market value of stolen logs and compromised card details is estimated around $5.8 million,” Singapore-headquartered Group-IB said in a report shared with The Hacker News. Aside from looting

Cyber News, Cyber Threat Trends

How to reset a Kerberos password and get ahead of coming updates

Do you recall when you last reset your Kerberos password? Hopefully that was not the last time I suggested you change it, back in April of 2021, when I urged you to do a regular reset of the KRBTGT account password. If you’ve followed my advice, you are already one step ahead of the side […]

Cyber News, Cyber Threat Trends