Cyber Defense Advisors

News

Security Vulnerabilities in Covert CIA Websites

Back in 2018, we learned that covert system of websites that the CIA used for communications was compromised by—at least—China and Iran, and that the blunder caused a bunch of arrests, imprisonments, and executions. We’re now learning that the CIA is still “using an irresponsibly secured system for asset communication.” Citizen Lab did the research: […]

Cyber News

The cost of a short code for SMS using AWS Pinpoint

$650 on time fee and a charge of $995 per month I wrote about how I was trying to get a short code for AWS Pinpoint here: Sending an SMS Message from a Lambda Function I have requested a pinpoint short code a few times on AWS and had issues getting through the process. This is the […]

Cyber News

Microsoft Confirms Two Exchange Zero-Day Vulnerabilities

The vulnerabilities were first discovered by Vietnamese cybersecurity firm GTSC

Cyber News

New Malware Families Found Targeting VMware ESXi Hypervisors

Threat actors have been found deploying never-before-seen post-compromise implants in VMware’s virtualization software to seize control of infected systems and evade detection. Google’s Mandiant threat intelligence division referred to it as a “novel malware ecosystem” that impacts VMware ESXi, Linux vCenter servers, and Windows virtual machines, allowing attackers to maintain persistent access

Cyber News

Watchfinder warns customers that hackers stole their data

Luxury pre-owned watch website Watchfinder has warned its user base that their personal data has been accessed after an employee’s account was broken into and a customer list accessed.

Cyber News

Lazarus-Associated Hackers Weaponize Open-Source Tools Against Several Countries

The advisory suggests Zinc has targeted media, defense and aerospace, and IT services

Cyber News

Cyber Attacks Against Middle East Governments Hide Malware in Windows logo

An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments. Broadcom’s Symantec Threat Hunter Team attributed the updated tooling to a hacking group it tracks under the name Witchetty, which is also known as LookingFrog, a subgroup operating under […]

Cyber News

Automated Creation of NACLS on AWS

ACM.66 Why you should use Subnet NACLs even if you already use security groups and how to create them This is a continuation of my series of posts on Automating Cybersecurity Metrics. In the past few posts we automated the creation of public and private VPCs, route tables and subnets. In this post, we’ll apply network […]

Cyber News

Onyxia Raises $5M to Help Companies Proactively Manage Cybersecurity Risks Using AI

Onyxia, an AI-powered cybersecurity strategy and performance platform providing a centralized way for security teams to monitor and manage cybersecurity efforts in real time, has raised $5 million in seed fundraising led by World Trade Ventures with participation by Silvertech Ventures and angel investors.

Cyber News