Thoughts and articles by Cyooda
Unlocking the Potential: The Ultimate Guide to Crafting a Powerful AI Policy
By John Reeman |
In the rapidly evolving landscape of artificial intelligence (AI), crafting a powerful AI policy is essential for unlocking its potential while ensuring ethical and responsible use. With the technology becoming more widely adopted in various industries, organizations face the challenge of balancing innovation and accountability. In this ultimate guide, we will explore the key principles…
Read More 
Attackers only have to get it right once: Defenders 100% of the time!
By John Reeman |
𝐀𝐭𝐭𝐚𝐜𝐤𝐞𝐫𝐬 𝐨𝐧𝐥𝐲 𝐡𝐚𝐯𝐞 𝐭𝐨 𝐠𝐞𝐭 𝐢𝐭 𝐫𝐢𝐠𝐡𝐭 𝐨𝐧𝐜𝐞, 𝐝𝐞𝐟𝐞𝐧𝐝𝐞𝐫𝐬 𝐡𝐚𝐯𝐞 𝐭𝐨 𝐠𝐞𝐭 𝐢𝐭 𝐫𝐢𝐠𝐡𝐭 100% 𝐨𝐟 𝐭𝐡𝐞 𝐭𝐢𝐦𝐞! Do defenders really have to get it right 100% of the time though? 🤔 I’ve heard this phrase so often over the last decade and sometimes by people who should know better, 𝐢𝐭’𝐬 𝐭𝐢𝐦𝐞 𝐭𝐨 𝐜𝐚𝐥𝐥 𝐁𝐒…
Read More 
Rapid Cyber Incident Response: The Critical Role of Speed, Quality, and Tooling
By John Reeman |
Cyberattacks, ranging from ransomware, data breaches, business email compromise to advanced persistent threats (APTs), can strike at any moment, potentially causing significant damage. So having rapid and effective incident response is essential to minimise the impact of cyberattacks and to protect an organisation’s sensitive data, reputation, and business continuity. For organisations of any size, the…
Read More 
Unlocking the Secrets of Cloud Digital Forensics | M365
By John Reeman |
Welcome to the world of cloud forensics, where investigations in cloud environments like AWS, Azure, GCP, and M365 require unique expertise and tools. As organisations increasingly rely on these platforms for their business operations, the need for effective cloud forensics becomes paramount. In this article, we will unveil the intricacies of cloud forensics and explore…
Read More 
The Crucial Role of Mobile Device Forensics: Unveiling Hidden Secrets
By John Reeman |
I think we can all agree that mobile phones have become an extension of ourselves, storing important information about our lives. From personal messages to financial transactions, these devices hold a wealth of data. But what happens when this data is compromised or needs to be unearthed for investigative purposes? This is where digital forensics…
Read More 
Email Security 101: Getting the basics right
By John Reeman |
EMAIL SECURITY 101 This article delves into getting the basics of email security correct in your organisation. So, let’s start with the basics and grounding in terminology! Email basics The original basis of Internet email uses the SMTP protocol, which stands for Simple Mail Transfer Protocol. This protocol has no features for authentication, validation, or…
Read More 
Learnings from business email compromise and payment scams
By John Reeman |
Over the last few months, I’ve helped with several incident response cases involving impersonation fraud and business email compromise. The businesses involved were different in size and industry, but they all had one thing in common: handling and processing reasonable amounts of money. This makes them attractive targets for cybercriminals who engage in social engineering…
Read More 
Cyber Security for Law Firms
By John Reeman |
Cyber Security for Law Firms : 15 Essential Controls 1. Implementing Strong Password Policies and Multi-Factor Authentication Password security is a fundamental aspect for all businesses to undertake. Implementing strong password policies, such as requiring complex passwords and regular password changes, can help prevent unauthorised access to sensitive information. But a single password on its…
Read More Cybersecurity news from around the world
Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score
By External News-Site | Cyber Security, Security News
Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The flaws are listed below - CVE-2025-21396 (CVSS score: 7.5) - Microsoft Account Elevation of Privilege Vulnerability CVE-2025-21415 (CVSS score: 9.9) - Azure AI Face Service
Read More Canadian charged with stealing $65 million using DeFI crypto exploits
By External News-Site | Cyber Security, Security News
The U.S. Justice Department has charged a Canadian man with stealing roughly $65 million after exploiting two decentralized finance (DeFI) protocols. [...]
Read More 
Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists
By External News-Site | Cyber Security, Security News
Meta-owned WhatsApp on Friday said it disrupted a campaign that involved the use of spyware to target journalists and civil society members. The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions. The attackers were neutralized in December 2024. In a statement to The Guardian, the encrypted messaging app said it has reached
Read More 
Adversarial Misuse of Generative AI
By External News-Site | AI
Rapid advancements in artificial intelligence (AI) are unlocking new possibilities for the way we work and accelerating innovation in science, technology, and beyond.
Read More 
New SLAP & FLOP Attacks Expose Apple M-Series Chips to Speculative Execution Exploits
By External News-Site | Cyber Security, Security News
A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome. The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the
Read More 
Phone Phishing Gang Busted: Eight Arrested in Belgium and Netherlands
By External News-Site | Cyber Security, Security News
Belgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands with an aim to steal victims' financial data and funds. As part of the international operation, law enforcement agencies carried out 17 searches in different locations in Belgium and the Netherlands, Europol said. In addition, large amounts of cash,
Read More 
Ransomware attack hits leading heart surgery device maker
By External News-Site | Cyber Security, Security News
Microsoft NTLM Zero-Day to Remain Unpatched Until April
By External News-Site | Cyber Security, Security News
The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice.
Read More 
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
By External News-Site | Cyber Security, Security News
The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. "Users within the target environment will be email bombed by the threat actor, which is often achieved by signing up the user's email to numerous mailing lists simultaneously," Rapid7
Read More 
Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI
By External News-Site | AI, Cyber Security, Security News
Details have emerged about a now-patched security flaw in the DeepSeek artificial intelligence (AI) chatbot that, if successfully exploited, could permit a bad actor to take control of a victim's account by means of a prompt injection attack. Security researcher Johann Rehberger, who has chronicled many a prompt injection attack targeting various AI tools, found that providing the input "Print
Read More 
Blue Yonder SaaS giant breached by Termite ransomware gang
By External News-Site | Cyber Security, Security News
EU enacts new laws to strengthen cybersecurity defenses and coordination
By External News-Site | Cyber Security, Security News
The European Union has enacted two new laws to bolster its cybersecurity defenses and coordination mechanisms.
Read More 
Storm-1811 exploits RMM tools to drop Black Basta ransomware
By External News-Site | Cyber Security, Security News
Storm-1811's latest help desk scam begins with email bombing leading to IT impersonation and ends with Black Basta ransomware
Read More 
Interpol Cyber-Fraud Action Nets More Than 5K Arrests
By External News-Site | Cyber Security, Security News
Chalk up another win for global cooperation among law enforcement, this time targeting seven types of cyber fraud, including voice phishing and business email compromise.
Read More 
Russia sentences Hydra dark web market leader to life in prison
By External News-Site | Cyber Security, Security News
Russian authorities have sentenced the leader of the criminal group behind the now-closed dark web platform Hydra Market to life in prison. [...]
Read More 
Incident Response Playbooks: Are You Prepared?
By External News-Site | Cyber Security, Security News
The playbooks that accompany your incident response plan provide efficiency and consistency in responses, help reduce downtime and dwell time, and can be a cost-saving and reputational-saving measure for your organization.
Read More 
8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play
By External News-Site | Cyber Security, Security News
Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs. "These PUP (potentially unwanted programs) applications use social engineering tactics to trick users into providing sensitive information and granting extra mobile app permissions, which
Read More Novel phishing campaign uses corrupted Word documents to evade security
By External News-Site | Cyber Security, Security News
A novel phishing attack abuses Microsoft's Word file recovery feature by sending corrupted Word documents as email attachments, allowing them to bypass security software due to their damaged state but still be recoverable by the application. [...]
Read More 
Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs
By External News-Site | Cyber Security, Security News
Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in
Read More 
Iranian Hackers Use “Dream Job” Lures to Deploy SnailResin Malware in Aerospace Attacks
By External News-Site | Cyber Security, Security News
The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. "The campaign distributed the SnailResin malware, which activates the SlugResin backdoor," Israeli cybersecurity company ClearSky said
Read More 
SUBSCRIBE TO OUR BLOG AND 'THE CYBERSECURITY LOOP' : WEEKLY NEWSLETTER
A blog and newsletter about cybersecurity for anyone who wants to keep up-to-date with what is going on.
!
*Data Privacy
Terms and Conditions checkbox is required.
Something went wrong. Please check your entries and try again.