ACM.76 Why you might want to move development to cloud VMs This is a continuation of my series on Automating Cybersecurity Metrics. I’ve been logging into a VM on AWS to deploy CloudFormation scripts up to this point in this series. I am using a host I previously deployed in an automated fashion from another project, […]
Cyber NewsThreat actors associated with the notorious Emotet malware are continually shifting their tactics and command-and-control (C2) infrastructure to escape detection, according to new research from VMware. Emotet is the work of a threat actor tracked as Mummy Spider (aka TA542), emerging in June 2014 as a banking trojan before morphing into an all-purpose loader in 2016 […]
Cyber NewsA CISO’s responsibilities have evolved immensely in recent years, so their first three months on the job should look a different today than they might have several years ago.
Cyber NewsMicrosoft calls it “Modern Auth”, though it’s a decade old, and is finally forcing Exchange Online customers to switch to it.
Cyber NewsACM.75 An alternative to NATs and Internet Gateways This is a continuation of my series on Automating Cybersecurity Metrics. We looked at adding a VPC configuration for our Lambda function in an earlier post in this series where I demonstrated how a Lambda function that had Internet access may be abused. I also mentioned two options […]
Cyber NewsAbout 1 in 5 phishing email messages reach workers’ inboxes, as attackers get better at dodging Microsoft’s platform defenses and defenders run into processing limitations.
Cyber NewsACM.74 How these crucial services work by default and what happens if you want to use your own DNS and NTP servers on AWS This is a continuation of my series of posts on Automating Cybersecurity Metrics. It’s always DNS… Everything in AWS needs to access DNS or it will break. And I mean EVERYTHING. When we […]
Cyber NewsA severe remote code execution vulnerability in Zimbra’s enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue. The shortcoming, assigned CVE-2022-41352, carries a critical-severity rating of CVSS 9.8, providing a pathway for attackers to upload arbitrary files and carry out malicious actions on affected
Cyber NewsMicrosoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server. To that end, the tech giant has revised the blocking rule in IIS Manager from “.*autodiscover.json.*Powershell.*” to “(?=.*autodiscover.json)(?=.*powershell).” The list of
Cyber News