Thoughts and Articles by Cyooda Security
Rapid Cyber Incident Response: The Critical Role of Speed, Quality, and Tooling
By John Reeman |
Cyberattacks, ranging from ransomware, data breaches, business email compromise to advanced persistent threats (APTs), can strike at any moment, potentially causing significant damage. So having rapid and effective incident response is essential to minimise the impact of cyberattacks and to protect an organisation’s sensitive data, reputation, and business continuity. For organisations of any size, the…
Read More 
Unlocking the Secrets of Cloud Digital Forensics | M365
By John Reeman |
Welcome to the world of cloud forensics, where investigations in cloud environments like AWS, Azure, GCP, and M365 require unique expertise and tools. As organisations increasingly rely on these platforms for their business operations, the need for effective cloud forensics becomes paramount. In this article, we will unveil the intricacies of cloud forensics and explore…
Read More 
The Crucial Role of Mobile Device Forensics: Unveiling Hidden Secrets
By John Reeman |
I think we can all agree that mobile phones have become an extension of ourselves, storing important information about our lives. From personal messages to financial transactions, these devices hold a wealth of data. But what happens when this data is compromised or needs to be unearthed for investigative purposes? This is where digital forensics…
Read More 
Email Security 101: Getting the basics right
By John Reeman |
EMAIL SECURITY 101 This article delves into getting the basics of email security correct in your organisation. So, let’s start with the basics and grounding in terminology! Email basics The original basis of Internet email uses the SMTP protocol, which stands for Simple Mail Transfer Protocol. This protocol has no features for authentication, validation, or…
Read More 
Learnings from business email compromise and payment scams
By John Reeman |
Over the last few months, I’ve helped with several incident response cases involving impersonation fraud and business email compromise. The businesses involved were different in size and industry, but they all had one thing in common: handling and processing reasonable amounts of money. This makes them attractive targets for cybercriminals who engage in social engineering…
Read More 
Cyber Security for Law Firms
By John Reeman |
Cyber Security for Law Firms : 15 Essential Controls 1. Implementing Strong Password Policies and Multi-Factor Authentication Password security is a fundamental aspect for all businesses to undertake. Implementing strong password policies, such as requiring complex passwords and regular password changes, can help prevent unauthorised access to sensitive information. But a single password on its…
Read More 
Improve your Data Security and Privacy : Six Step Process
By John Reeman |
Australian Data Privacy Act Reforms – Aug 2024 The Australian Data Privacy reforms are about to come into affect at the end of August 2024. So there has never been a better time to get your organisations’s data security and privacy controls in check than now! If you missed what the reforms are about here…
Read More 
What is a Virtual Chief Information Security Officer?
By John Reeman |
Bringing Cybersecurity Expertise to Your Business: The Power of a Virtual Chief Information Security Officer In today’s rapidly evolving digital landscape, businesses are faced with an increasingly complex and sophisticated range of cybersecurity threats. Protecting sensitive data, mitigating risks, and ensuring compliance have become vital priorities for organisations of all sizes. Enter the Virtual Chief…
Read More Cyber Security News from around the world
Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs
By External News-Site | Cyber Security, Security News
Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild.
The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in
Read More 
Iranian Hackers Use “Dream Job” Lures to Deploy SnailResin Malware in Aerospace Attacks
By External News-Site | Cyber Security, Security News
The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023.
"The campaign distributed the SnailResin malware, which activates the SlugResin backdoor," Israeli cybersecurity company ClearSky said
Read More 
Amazon Employee Data Compromised in MOVEit Breach
By External News-Site | Cyber Security, Security News
The data leak was not actually due to a breach in Amazon's systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well.
Read More 
Citrix Issues Patches for Zero-Day Recording Manager Bugs
By External News-Site | Cyber Security, Security News
There is some disagreement over whether the remote code execution (RCE) security flaws allow for unauthenticated exploitation or not. Citrix says no, but researchers say the company is downplaying a "good old unauthenticated RCE."
Read More 
North Korean Hackers Target macOS Using Flutter-Embedded Malware
By External News-Site | Cyber Security, Security News
Threat actors with ties to the Democratic People's Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices.
Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier this month, said the Flutter-built
Read More 
Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware
By External News-Site | Cyber Security, Security News
Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT.
Remcos RAT "provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer," Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week.
"However, threat actors have
Read More 
Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild
By External News-Site | Cyber Security, Security News
Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild.
Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromium-based
Read More 
Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks
By External News-Site | Cyber Security, Security News
Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic.
The end goal of the campaigns are broad and varied, allowing threat actors to compromise identities and devices and conduct business email compromise (BEC) attacks, which ultimately result
Read More 
Ex-Uber CISO Requests a New, ‘Fair’ Trial
By External News-Site | Cyber Security, Legal, Security News
Attorneys for Joseph Sullivan argue the jury didn't hear essential facts of the case during the original trial and that his conviction must be overturned.
Read More 
FBI Shuts Down Dispossessor Ransomware Group’s Servers Across U.S., U.K., and Germany
By External News-Site | Cyber Security, Ransomware, Security News
The U.S. Federal Bureau of Investigation (FBI) on Monday announced the disruption of online infrastructure associated with a nascent ransomware group called Dispossessor (aka Radar).
The effort saw the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Dispossessor is said to be led by
Read More 
X faces GDPR complaints for unauthorized use of data for AI training
By External News-Site | Cyber Security, Data Privacy, Security News
European privacy advocate NOYB (None of Your Business) has filed nine GDPR complaints about X using the personal data from over 60 million users in Europe to train "Grok," the social media company's large language model. [...]
Read More 
CrowdStrike Tries to Patch Things Up With Cybersecurity Industry
By External News-Site | Cyber Security, Security News
Both CrowdStrike president and CEO were at Black Hat and DEF CON to face direct questions from customers and cybersecurity professionals.
Read More 
UN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns
By External News-Site | Cyber Security, Security News
The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data about their users — potentially imperiling penetration testers and security researchers, among others.
Read More 
Australian gold producer Evolution Mining hit by ransomware
By External News-Site | Cyber Security, Ransomware, Security News
Evolution Mining has informed that it has been targeted by a ransomware attack on August 8, 2024, which impacted its IT systems. [...]
Read More 
Criminal IP and Maltego Join Forces for Enhanced Cyber Threat Search
By External News-Site | Cyber Security, Security News
AI SPERA announced today that its IP address intelligence engine, Criminal IP, can now be integrated with Maltego's unified user interface and is available on the Maltego's marketplace, [...]
Read More 
New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions
By External News-Site | Cyber Security, Malware, Security News
An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software.
"The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data
Read More 
Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
By External News-Site | Cyber Security, Security News
Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences.
"The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might provide powerful administrative access), manipulation of AI modules, exposing sensitive data, data
Read More 
Microsoft discloses Office zero-day, still working on a patch
By External News-Site | Cyber Security, Security News
Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. [...]
Read More 
Multi-Malware ‘Cluster Bomb’ Campaign Drops Widespread Cyber Havoc
By External News-Site | Security News
"Unfurling Hemlock" has deployed malware on tens of thousands of systems worldwide by nesting multiple malicious files inside other malicious files.
Read More 
Prudential Financial now says 2.5 million impacted by data breach
By External News-Site | Cyber Security, Security News
Prudential Financial, a global financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach. [...]
Read More 
SUBSCRIBE TO OUR BLOG AND 'THE CYBERSECURITY LOOP' : WEEKLY NEWSLETTER
A blog and newsletter about cybersecurity for anyone who wants to keep up-to-date with what is going on.
!
*Data Privacy
Terms and Conditions checkbox is required.
Something went wrong. Please check your entries and try again.