Cyber Defense Advisors

News

Home / News / Page 867
  • by
  • January 29, 2023

Mitigating CreateUser Privilege Escalation and Back Doors

ACM.143 Preventing an attacker from creating a backdoor user in your cloud account This is a continuation of my series on Automating Cybersecurity Metrics. I have been thinking about the CreateUser escalation problem I wrote about for days. Attackers get ahold of credentials and create back door users in cloud accounts to maintain persistent access. In […]

Cyber News, Cyber Threat Trends
  • by
  • January 29, 2023

Gootkit Malware Continues to Evolve with New Components and Obfuscations

The threat actors associated with the Gootkit malware have made “notable changes” to their toolset, adding new components and obfuscations to their infection chains. Google-owned Mandiant is monitoring the activity cluster under the moniker UNC2565, noting that the usage of the malware is “exclusive to this group.” Gootkit, also called Gootloader, is spread through compromised websites that

Cyber News, Cyber Threat Trends
  • by
  • January 29, 2023

RDP on Ubuntu AWS EC2 Instance

Experimenting with Ubuntu on AWS Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends
  • by
  • January 29, 2023

Counting Unique Users on a Web Site

Fooled by the proxy When you are counting unique users visiting a web site you cannot base it on IP address. Why? Because large companies have users behind a proxy a lot of times and all the traffic will come from one IP address. There are numerous other users and internal IP addresses behind that proxy. So for […]

Cyber News, Cyber Threat Trends
  • by
  • January 29, 2023

What are AWS’s Security Responsibilities, Anyway?

ACM.144 A deeper dive into the shared responsibility model Continue reading on Cloud Security »

Cyber News, Cyber Threat Trends

Friday Squid Blogging: Squid-Inspired Hydrogel

Scientists have created a hydrogel “using squid mantle and creative chemistry.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Cyber News, Cyber Threat Trends

Here’s how IT budgets should fill cybersecurity moats in 2023

TechRepublic speaks with Carlos Morales of Neustar Security Services on the best ways for companies to spend on cybersecurity — even if their budgets are tighter. The post Here’s how IT budgets should fill cybersecurity moats in 2023 appeared first on TechRepublic.

Cyber News, Cyber Threat Trends
  • by
  • January 27, 2023

Hackers abuse legitimate remote monitoring and management tools in attacks

Security researchers warn that an increasing number of attackers are using legitimate remote monitoring and management (RMM) tools in their attacks to achieve remote access and control over systems. These tools are commonly used by managed service providers (MSPs) and IT help desks so their presence on an organization’s network and systems might not raise […]

Cyber News, Cyber Threat Trends
  • by
  • January 27, 2023

3 Ways ChatGPT Will Change Infosec in 2023

OpenAI’s chatbot has the promise to revolutionize how security practitioners work.

Cyber News, Cyber Threat Trends