Cyber Defense Advisors

News

Private Equity Exposed by Cyber-Hygiene Shortcomings

Fifth of portfolio companies feature “zero tolerance findings”

Cyber News, Cyber Threat Trends

Ten Charged in $11m Healthcare BEC Plots

Several of the men diverted funds intended for hospitals

Cyber News, Cyber Threat Trends

New AXLocker Ransomware Steals Victims’ Discord Tokens

Researchers also discover two additional new variants

Cyber News, Cyber Threat Trends
  • by
  • November 21, 2022

Google Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the Wild

Google Cloud last week disclosed that it identified 34 different hacked release versions of the Cobalt Strike tool in the wild, the earliest of which shipped in November 2012. The versions, spanning 1.44 to 4.7, add up to a total of 275 unique JAR files, according to findings from the Google Cloud Threat Intelligence (GCTI) team. The latest […]

Cyber News, Cyber Threat Trends
  • by
  • November 20, 2022

Automatically Stop VMs on AWS

ACM.117 Avoid unnecessary charges by stopping AWS EC2 instances when not in use In the last post we considered how someone might bypass the controls we created for user-specific VMs. User-Specific EC2 Instance Now what if we wanted to automatically stop the VM after it has been created? It doesn’t need to be running until the […]

Cyber News, Cyber Threat Trends
  • by
  • November 19, 2022

Bypassing the User-Specific Restrictions We Created for Cloud VMs

ACM.116 Other security controls and policies to consider for user-specific EC2 instances This is a continuation of my series on Automating Cybersecurity Metrics. Code in the last post automatically stops a VM after deploying it to help save money when resources are created before they are needed for use. https://medium.com/@2ndsightlab/automatically-stop-vms-on-aws-792cded54578 Now that we have deployed our […]

Cyber News, Cyber Threat Trends
  • by
  • November 19, 2022

Indian Government Publishes Draft of Digital Personal Data Protection Bill 2022

The Indian government on Friday released a draft version of the much-awaited data protection regulation, making it the fourth such effort since it was first proposed in July 2018. The Digital Personal Data Protection Bill, 2022, as it’s called, aims to secure personal data, while also seeking users’ consent in what the draft claims is “clear and plain […]

Cyber News, Cyber Threat Trends
  • by
  • November 19, 2022

Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware

A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware. Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569. “Observed DEV-0569 attacks show a pattern of continuous innovation, with

Cyber News, Cyber Threat Trends
  • by
  • November 19, 2022

Chinese ‘Mustang Panda’ Hackers Actively Targeting Governments Worldwide

A notorious advanced persistent threat actor known as Mustang Panda has been linked to a spate of spear-phishing attacks targeting government, education, and research sectors across the world. The primary targets of the intrusions from May to October 2022 included counties in the Asia Pacific region such as Myanmar, Australia, the Philippines, Japan, and Taiwan, cybersecurity firm […]

Cyber News, Cyber Threat Trends