CYBER THIS WEEK – AUGUST 07, 2022
11 stakeholder strategies for red team success
From the CISO’s perspective, incorporating red teaming into your cybersecurity program goes beyond checklists and broad-brush security assessments and facilitates targeted and sophisticated techniques to highlight real vulnerabilities, gaps and deficiencies for your most highly prioritized risks
11 stakeholder strategies for red team success | CSO Online
How to protect the Active Directory from cyber attacks
Active Directory is a complex technology, very powerful. But because it’s fairly complicated, lots of special medium-sized companies work with the defaults. And the default permissions, which are fairly, let’s say, extensive from a read perspective. That means that everybody can read a lot and find out a lot of the vulnerabilities that then they use to take themselves further.
How to protect the Active Directory from cyber attacks (openaccessgovernment.org)
15 Years of Cloud Outages: A Stroll Through the InformationWeek Archives
The cloud is growing, but cloud outages are nothing new. InformationWeek was first founded in 1985 and their online archives go back to 1998. Here are just a few lowlights from the cloud’s worst moments, dug up from their archives.
15 Years of Cloud Outages: A Stroll through the InformationWeek Archives
‘CosmicStrand’ Highlights Ongoing Firmware Risks
CosmicStrand is a sophisticated UEFI firmware rootkit that allows its owners to achieve very durable persistence: The whole lifetime of the computer, while at the same time being extremely stealthy
‘CosmicStrand’ Highlights Ongoing Firmware Risks – Security Boulevard
What is a Man-in-the-Middle Attack And Why is It So Dangerous?
A Man-in-the-Middle (MitM) attack is when an attacker intercepts communication between two parties either to secretly eavesdrop or modify traffic traveling between them. Attackers might use MitM attacks to steal login credentials or personal information, spy on the victim, or sabotage communications and corrupt data.
Why Are Man-in-the-Middle Attacks So Dangerous? | Venafi
Hackers Exploit Hostinger’s Preview Domain Feature to Launch Phishing Campaigns
A team of security researchers from CloudSEK has discovered a new phishing tactic used by threat actors (TA) to target Indian banking customers via preview domains from Hosting Provider Hostinger.
Vulnerabilities in GPS tracker could put 1.5 million vehicles in danger
A GPS tracker that has been sold to customers across 169 countries and has been installed in more than 1.5 million devices has been revealed to have numerous critical cyber security vulnerabilities that could allow bad actors to remotely hack a vehicle’s system.
3 steps to conquer cyber-attacks through a data-driven defence
A data-driven defence framework uses a defender’s local experience to determine the most likely threats and align appropriate defenses against these first before counterposing less risky hazards.
3 steps to conquer cyber-attacks through a data-driven defense | World Economic Forum (weforum.org)
Joint cybersecurity advisory: 2021 Top Malware Strains
The joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC). This advisory provides details on the top malware strains observed in 2021.
2021 Top Malware Strains | Cyber.gov.au
This was H1 2022 – Part 1 – The Fight Against Cybercrime
It’s the first post in a three-part series that takes a thematic look at cyber activities from the first half of 2022. The second post focuses on the cyber events leading up to and occurring as a consequence of the invasion of Ukraine by Russia. The third and final post in our series will cover events, attacks and heists beyond the cyber war.
This was H1 2022 – Part 1 – The Fight Against Cybercrime | Radware Blog