How to hack an unpatched Exchange server with rogue PowerShell code
Review your servers, your patches and your authentication policies – there’s a proof-of-concept out
Cyber News, Cyber Threat Trends
- November 22, 2022
Ducktail Hacker Group Evolves, Targets Facebook Business Accounts
Activity observed since early September featured new avenues to spear-phish targets
Cyber News, Cyber Threat TrendsOuch! Ransomware gang says it won’t attack AirAsia again due to the “chaotic organisation” and sloppy security of hacked company’s network
The Daixin ransomware gang has given a humiliating slap in the face to Air Asia, which lost the personal data of five million passengers and all of its employees earlier this month.
Cyber News, Cyber Threat TrendsUS Takes Down Domains Used in ‘Pig Butchering’ Cryptocurrency Scheme
The US Attorney’s Office for the Eastern District of Virginia made the announcement on Monday
Cyber News, Cyber Threat TrendsApple’s Device Analytics Can Identify iCloud Users
Researchers claim that supposedly anonymous device analytics information can identify users: On Twitter, security researchers Tommy Mysk and Talal Haj Bakry have found that Apple’s device analytics data includes an iCloud account and can be linked directly to a specific user, including their name, date of birth, email, and associated information stored on iCloud. Apple […]
Cyber News, Cyber Threat TrendsFirms Spend $1197 Per Employee Yearly to Address Cyber-Attacks
The data excludes compliance fines, ransomware costs and losses from non-operational processes
Cyber News, Cyber Threat Trends
- November 22, 2022
AWS Secrets Manager vs. SSM Parameter Store
ACM.119 Choosing where to store secrets and configuration data This is a continuation of my series of posts on Automating Cybersecurity Metrics. In the last post I explained why you might want to use a customer-managed instead of AWS-managed encryption. https://medium.com/cloud-security/customer-managed-kms-keys-vs-aws-managed-encryption-keys-722038fc4a0b Now let’s review the differences between AWS Secrets Manager and AWS Systems Manager Parameter […]
Cyber News, Cyber Threat Trends
- November 22, 2022
Here’s How to Ensure Your Incident Response Strategy is Ready for Holiday Hackers
The best line of defense against holiday hacking schemes is a comprehensive incident response strategy that focuses on end-user vulnerabilities. The holiday season is upon us and with it a slew of cybersecurity scams preying on end-user vulnerabilities. Because employees often use their business emails and cell phones as their primary point of contact, these scams quickly […]
Cyber News, Cyber Threat Trends
- November 22, 2022
Researchers Warn of Cyber Criminals Using Go-based Aurora Stealer Malware
A nascent Go-based malware known as Aurora Stealer is being increasingly deployed as part of campaigns designed to steal sensitive information from compromised hosts. “These infection chains leveraged phishing pages impersonating download pages of legitimate software, including cryptocurrency wallets or remote access tools, and the 911 method making use of YouTube videos and SEO-poised fake
Cyber News, Cyber Threat Trends