Private Equity Exposed by Cyber-Hygiene Shortcomings
Fifth of portfolio companies feature “zero tolerance findings”
Cyber News, Cyber Threat TrendsTen Charged in $11m Healthcare BEC Plots
Several of the men diverted funds intended for hospitals
Cyber News, Cyber Threat TrendsNew AXLocker Ransomware Steals Victims’ Discord Tokens
Researchers also discover two additional new variants
Cyber News, Cyber Threat Trends
- November 21, 2022
Google Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the Wild
Google Cloud last week disclosed that it identified 34 different hacked release versions of the Cobalt Strike tool in the wild, the earliest of which shipped in November 2012. The versions, spanning 1.44 to 4.7, add up to a total of 275 unique JAR files, according to findings from the Google Cloud Threat Intelligence (GCTI) team. The latest […]
Cyber News, Cyber Threat Trends
- November 20, 2022
Automatically Stop VMs on AWS
ACM.117 Avoid unnecessary charges by stopping AWS EC2 instances when not in use In the last post we considered how someone might bypass the controls we created for user-specific VMs. User-Specific EC2 Instance Now what if we wanted to automatically stop the VM after it has been created? It doesn’t need to be running until the […]
Cyber News, Cyber Threat Trends
- November 19, 2022
Bypassing the User-Specific Restrictions We Created for Cloud VMs
ACM.116 Other security controls and policies to consider for user-specific EC2 instances This is a continuation of my series on Automating Cybersecurity Metrics. Code in the last post automatically stops a VM after deploying it to help save money when resources are created before they are needed for use. https://medium.com/@2ndsightlab/automatically-stop-vms-on-aws-792cded54578 Now that we have deployed our […]
Cyber News, Cyber Threat Trends
- November 19, 2022
Indian Government Publishes Draft of Digital Personal Data Protection Bill 2022
The Indian government on Friday released a draft version of the much-awaited data protection regulation, making it the fourth such effort since it was first proposed in July 2018. The Digital Personal Data Protection Bill, 2022, as it’s called, aims to secure personal data, while also seeking users’ consent in what the draft claims is “clear and plain […]
Cyber News, Cyber Threat Trends
- November 19, 2022
Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware
A developing threat activity cluster has been found using Google Ads in one of its campaigns to distribute various post-compromise payloads, including the recently discovered Royal ransomware. Microsoft, which spotted the updated malware delivery method in late October 2022, is tracking the group under the name DEV-0569. “Observed DEV-0569 attacks show a pattern of continuous innovation, with
Cyber News, Cyber Threat Trends
- November 19, 2022
Chinese ‘Mustang Panda’ Hackers Actively Targeting Governments Worldwide
A notorious advanced persistent threat actor known as Mustang Panda has been linked to a spate of spear-phishing attacks targeting government, education, and research sectors across the world. The primary targets of the intrusions from May to October 2022 included counties in the Asia Pacific region such as Myanmar, Australia, the Philippines, Japan, and Taiwan, cybersecurity firm […]
Cyber News, Cyber Threat Trends