FBI: Beware of Cyber-Threat from Russian Hacktivists
Feds claim DDoS attacks are being aimed at critical infrastructure
Cyber News, Cyber Threat Trends6 ways to reduce your IoT attack surface
As attackers target the ever-growing IoT attack surface, companies can reduce their risks with these six security best practices. The post 6 ways to reduce your IoT attack surface appeared first on TechRepublic.
Cyber News, Cyber Threat TrendsICO: Department for Education Should Have Been Fined £10m
DfE oversight leads to misuse of data on 28 million children
Cyber News, Cyber Threat Trends
- November 7, 2022
Robin Banks Phishing Service for Cybercriminals Returns with Russian Server
A phishing-as-a-service (PhaaS) platform known as Robin Banks has relocated its attack infrastructure to DDoS-Guard, a Russian provider of bulletproof hosting services. The switch comes after “Cloudflare disassociated Robin Banks phishing infrastructure from its services, causing a multi-day disruption to operations,” according to a report from cybersecurity company IronNet. Robin Banks was
Cyber News, Cyber Threat Trends
- November 6, 2022
Prefix Lists in Network Rules to Access AWS Services Without CIDRs
ACM.103 Provide access to S3 (and yum) in network rules without adding every S3 CIDR to maintain zero-trust networking This is a continuation of my series on Automating Cybersecurity Metrics. In the last post, I showed you how to access Git using a static IP addess (otherwise known as an EIP on AWS to add […]
Cyber News, Cyber Threat Trends
- November 6, 2022
Bug in AWS IAM Console for User Groups
I was just updating my deployment script to add users to groups as part of my latest blog series on automated security metrics: Automating Cybersecurity Metrics (ACM) I added a user to the Developers group. I had an existing user named Developer, added a new user name Developer2 using my add to group code. After deploying my […]
Cyber News, Cyber Threat Trends
- November 5, 2022
Limiting Access to an AWS EIP in GitHub
ACM.102 Ensuring only authorized IP addresses can access your private GitHub repositories This is a continuation of my series on Automating Cybersecurity Metrics. My last post explained how you can restrict SSH access on your local network to only authorized IP addresses. Local Firewall Rules to Connect to an AWS EIP via SSH Specifically, we […]
Cyber News, Cyber Threat Trends
- November 5, 2022
Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer
Cybersecurity researchers have uncovered 29 packages in Python Package Index (PyPI), the official third-party software repository for the Python programming language, that aim to infect developers’ machines with a malware called W4SP Stealer. “The main attack seems to have started around October 12, 2022, slowly picking up steam to a concentrated effort around October 22,” […]
Cyber News, Cyber Threat Trends
- November 5, 2022
Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities
Microsoft is warning of an uptick in the nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments. The tech giant, in its 114-page Digital Defense Report, said it has “observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability,” making it imperative that
Cyber News, Cyber Threat Trends