Cyber Defense Advisors

News

  • by
  • October 24, 2022

SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan

SideWinder, a prolific nation-state actor mainly known for targeting Pakistan military entities, compromised the official website of the National Electric Power Regulatory Authority (NEPRA) to deliver a tailored malware called WarHawk. “The newly discovered WarHawk backdoor contains various malicious modules that deliver Cobalt Strike, incorporating new TTPs such as KernelCallBackTable injection

Cyber News, Cyber Threat Trends

Top Signs of Identity Theft

When it comes to identity theft, trust your gut when something doesn’t feel right. Follow up. What you’re seeing could be a problem.   A missing bill or a mysterious charge on your credit card could be the tip of an identity theft iceberg, one that can run deep if left unaddressed. Here, we’ll look at several signs of identity theft that likely need some investigation and the steps […]

Cyber News, Cyber Threat Trends
  • by
  • October 24, 2022

SSH Error — Github or AWS CloudFormation?

SSH Error — Github or AWS CloudFormation? While trying to access the Github meta API to get the list of CIDRs associated with GitHub and put them into an AWS Prefix List I randomly got this error. verfiable_password_authentication… falsessh_key_fingerprints The thing is, my code never changed when I got this error. I had run the same code a […]

Cyber News, Cyber Threat Trends
  • by
  • October 24, 2022

Why Ransomware in Education on the Rise and What That Means for 2023

The breach of LA Unified School District (LAUSD) highlights the prevalence of password vulnerabilities, as criminal hackers continue to use breached credentials in increasingly frequent ransomware attacks on education. The Labor Day weekend breach of LAUSD brought significant districtwide disruptions to access to email, computers, and applications. It’s unclear what student or employee data the

Cyber News, Cyber Threat Trends
  • by
  • October 23, 2022

Deploy an EC2 Instance with a KMS Encryption Key

ACM.89 Using a KMS customer managed key (CMK) to limit access to data on EC2 Instances and EBS Volumes This is a continuation of my series on Automating Cybersecurity Metrics. Encrypting Volumes when you deploy an EC2 instance is a security best practice on AWS. In fact, you will probably want to enforce this throughout your […]

Cyber News, Cyber Threat Trends
  • by
  • October 22, 2022

Automated Deployment of an EC2 Instance with the Latest AWS Linux AMI

ACM.88 Deploy and instance in the Developer VPC created Earlier and Test Remote Access This is a continuation of my series of posts on Automating Cybersecurity Metrics. We already spent a few posts considering ways to authenticate and log into an EC2 instance and for now, we will use an SSH key. You can follow along […]

Cyber News, Cyber Threat Trends

Biggest Cybersecurity Concerns for Everyone

People on all levels are still making attempts to adopt the new “normal” that COVID-19 presented to the world. It […]

Cyber News, Cyber Threat Trends
  • by
  • October 22, 2022

Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network

Researchers have disclosed details about a now-patched critical flaw in the Move virtual machine that powers the Aptos blockchain network. The vulnerability “can cause Aptos nodes to crash and cause denial of service,” Singapore-based Numen Cyber Labs said in a technical write-up published earlier this month. Aptos is a new entrant to the blockchain space, which launched its mainnet on October

Cyber News, Cyber Threat Trends

How to Spot Fake Login Pages 

Have you ever come across a website that just didn’t look quite right? Perhaps the company logo looked slightly misshapen, or the font seemed off-brand. Odds are, you landed on a phony version of a legitimate corporation’s website—a tried and true tactic relied on by many cybercriminals.   Fake Login Pages Explained   A fake login page is essentially a knock-off of […]

Cyber News, Cyber Threat Trends