Cyber Defense Advisors

News

  • by
  • November 4, 2022

Researchers Detail New Malware Campaign Targeting Indian Government Employees

The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. “This group abuses Google advertisements for the purpose of malvertising to distribute backdoored versions of Kavach multi-authentication (MFA) applications,” Zscaler ThreatLabz researcher Sudeep Singh said 

Cyber News, Cyber Threat Trends

NSA on Supply Chain Security

The NSA (together with CISA) has published a long report on supply-chain security: “Securing the Software Supply Chain: Recommended Practices Guide for Suppliers.“: Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. But the […]

Cyber News, Cyber Threat Trends

“Disturbing” Rise in Nation State Activity, Microsoft Reports

The proportion of cyber-attacks perpetrated by nation states targeting critical infrastructure jumped from 20% to 40%

Cyber News, Cyber Threat Trends
  • by
  • November 4, 2022

Local Firewall Rules to Connect to an AWS EIP via SSH

ACM.101 Configuring network and host firewalls on home and business networks to allow SSH to an AWS IP address This is a continuation of my series on Automating Cybersecurity Metrics. In the last post, we deployed an EC2 instance configured with an EIP on AWS. Deploying an AWS Elastic IP Address If you’ve done that, now you […]

Cyber News, Cyber Threat Trends
  • by
  • November 4, 2022

CLEANING UP THE CLUTTER (Pt. 5 of “Why Don’t You Go Dox Yourself?”)

Welcome back! Previously in our Go Dox Yourself series, we walked through reviewing what information is available about you online, prioritizing those accounts that are most important or still active, and then restricting how much we share through those accounts and who gets to see it. That’s two out of our three steps — maybe good […]

Cyber News, Cyber Threat Trends

Phishers Abuse Microsoft Voicemail Service to Trick Users

Avanan spots campaign leveraging Dynamic 365 Customer Voice

Cyber News, Cyber Threat Trends
  • by
  • November 4, 2022

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published three Industrial Control Systems (ICS) advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation. Prominent among them is a set of three flaws affecting ETIC Telecom’s Remote Access Server (RAS), which “could allow an attacker to obtain sensitive information and

Cyber News, Cyber Threat Trends

Crime in the metaverse – police face new challenges in a virtual world

The metaverse is evolving, and tech giants like Meta (the firm previously known as Facebook), Microsoft, and Google are betting big that you’ll want to be a part of it. You know who else might be keen? Criminals. Read more in my article on the Hot for Security blog.

Cyber News, Cyber Threat Trends