Thoughts and Articles by Cyooda Security
Improve your Data Security and Privacy : Six Step Process
By John Reeman |
Australian Data Privacy Act Reforms – Aug 2024 The Australian Data Privacy reforms are about to come into affect at the end of August 2024. So there has never been a better time to get your organisations’s data security and privacy controls in check than now! If you missed what the reforms are about here…
Read More What is a Virtual Chief Information Security Officer?
By John Reeman |
Bringing Cybersecurity Expertise to Your Business: The Power of a Virtual Chief Information Security Officer In today’s rapidly evolving digital landscape, businesses are faced with an increasingly complex and sophisticated range of cybersecurity threats. Protecting sensitive data, mitigating risks, and ensuring compliance have become vital priorities for organisations of all sizes. Enter the Virtual Chief…
Read More 15 Essential Cyber Security Controls for Law Firms
By John Reeman |
Essential Cyber Security Measures for Law Firms 1. Implementing Strong Password Policies and Multi-Factor Authentication Password security is a fundamental aspect of cyber security for law firms. Implementing strong password policies, such as requiring complex passwords and regular password changes, can help prevent unauthorized access to sensitive information. Additionally, enabling multi-factor authentication adds an extra…
Read More Cyber Incident Response | What Small to Medium Size Businesses need to know
By John Reeman |
🔒Choosing the right Incident Response Service for your small business is not just a decision, it’s an investment in your company’s future.🔒 In the current cyber landscape, small businesses are no longer immune to the threats that were once only a concern for big corporations. Each day we see how cyber threats are becoming more…
Read More Cyber Security for Law Firms: What you need to know
By John Reeman |
Introduction: Cyber Security for Law Firms In today’s threat landscape, protecting sensitive client information has become a critical concern for law firms around the world. With cyber threats on the rise, it’s imperative for legal professionals to have a comprehensive understanding of cyber security measures to safeguard their firm’s data and reputation. This guide aims…
Read More How to create a Cyber Security Incident Response Plan
By John Reeman |
Creating an Effective Cyber Security Incident Response Plan In today’s digital landscape, no organisation is immune to cyber threats. That’s why having an effective cyber security incident response plan is crucial. It not only helps you prepare for potential security incidents but also minimises their impact, allowing you to bounce back quickly. In this article,…
Read More How to Create an Effective Incident Response Plan to Protect Your Business
By John Reeman |
In today’s digital age, incidents and data breaches are becoming increasingly common. To protect your business from the potential damage caused by these incidents, it is essential to have a robust incident response plan in place. This article will guide you through the process of creating an effective incident response plan that can help minimize…
Read More Threat Intelligence a critical component of you cyber security strategy
By John Reeman |
⚠️ Threat Intelligence Operations are a critical component of a robust cybersecurity strategy, enabling organizations to anticipate and prepare for potential cyber attacks before they occur. Here are some steps to enhance your cyber defense game with Threat Intelligence Operations: 🔎 Understand the Threat Landscape: Analyze the potential threats relevant to your industry and organization.…
Read More Cyber Security News from around the world
FBI Shuts Down Dispossessor Ransomware Group’s Servers Across U.S., U.K., and Germany
By External News-Site | Cyber Security, Ransomware, Security News
The U.S. Federal Bureau of Investigation (FBI) on Monday announced the disruption of online infrastructure associated with a nascent ransomware group called Dispossessor (aka Radar). The effort saw the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Dispossessor is said to be led by
Read More X faces GDPR complaints for unauthorized use of data for AI training
By External News-Site | Cyber Security, Data Privacy, Security News
European privacy advocate NOYB (None of Your Business) has filed nine GDPR complaints about X using the personal data from over 60 million users in Europe to train "Grok," the social media company's large language model. [...]
Read More CrowdStrike Tries to Patch Things Up With Cybersecurity Industry
By External News-Site | Cyber Security, Security News
Both CrowdStrike president and CEO were at Black Hat and DEF CON to face direct questions from customers and cybersecurity professionals.
Read More UN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns
By External News-Site | Cyber Security, Security News
The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data about their users — potentially imperiling penetration testers and security researchers, among others.
Read More Australian gold producer Evolution Mining hit by ransomware
By External News-Site | Cyber Security, Ransomware, Security News
Evolution Mining has informed that it has been targeted by a ransomware attack on August 8, 2024, which impacted its IT systems. [...]
Read More Criminal IP and Maltego Join Forces for Enhanced Cyber Threat Search
By External News-Site | Cyber Security, Security News
AI SPERA announced today that its IP address intelligence engine, Criminal IP, can now be integrated with Maltego's unified user interface and is available on the Maltego's marketplace, [...]
Read More New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions
By External News-Site | Cyber Security, Malware, Security News
An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software. "The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data
Read More Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
By External News-Site | Cyber Security, Security News
Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences. "The impact of these vulnerabilities range between remote code execution (RCE), full-service user takeover (which might provide powerful administrative access), manipulation of AI modules, exposing sensitive data, data
Read More Microsoft discloses Office zero-day, still working on a patch
By External News-Site | Cyber Security, Security News
Multi-Malware ‘Cluster Bomb’ Campaign Drops Widespread Cyber Havoc
By External News-Site | Security News
"Unfurling Hemlock" has deployed malware on tens of thousands of systems worldwide by nesting multiple malicious files inside other malicious files.
Read More Prudential Financial now says 2.5 million impacted by data breach
By External News-Site | Cyber Security, Security News
Prudential Financial, a global financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach. [...]
Read More CDK Global says all dealers will be back online by Thursday
By External News-Site | Cyber Security, Security News, Uncategorized
CDK Global says that its dealer management system (DMS), impacted by a massive IT outage following a June 18th ransomware attack, will be back online by Thursday for all car dealerships. [...]
Read More Australian charged for ‘Evil Twin’ WiFi attack on plane
By External News-Site | Cyber Security, Security News
An Australian man was charged by Australia's Federal Police (AFP) for allegedly conducting an 'evil twin' WiFi attack on various domestic flights and airports in Perth, Melbourne, and Adelaide to steal other people's email or social media credentials. [...]
Read More Cisco warns of NX-OS zero-day exploited to deploy custom malware
By External News-Site | Cyber Security, Security News
Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches. [...]
Read More New regreSSHion OpenSSH RCE bug gives root on Linux servers
By External News-Site | Security News
A new OpenSSH unauthenticated remote code execution (RCE) vulnerability dubbed "regreSSHion" gives root privileges on glibc-based Linux systems. [...]
Read More Juniper releases out-of-cycle fix for max severity auth bypass flaw
By External News-Site | Cyber Security, Security News
Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router products. [...]
Read More Hackers exploit critical D-Link DIR-859 router flaw to steal passwords
By External News-Site | Cyber Security, Security News
Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords. [...]
Read More Meet Brain Cipher — The new ransomware behind Indonesia’s data center attack
By External News-Site | Cyber Security, Security News
The new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center. [...]
Read More 8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining
By External News-Site | Cyber Security, Security News
Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware code to run solely in memory and avoid disk-based detection mechanisms," Trend Micro researchers Ahmed
Read More U.S. indicts Russian GRU hacker, offers $10 million reward
By External News-Site | Cyber Security, Security News
The U.S. indicted Russian national Amin Timovich Stigal for his alleged role in cyberattacks targeting Ukrainian government computer networks in an operation from the Russian foreign military intelligence agency (GRU) prior to invading the country. [...]
Read More SUBSCRIBE TO OUR BLOG AND 'THE CYBERSECURITY LOOP' : WEEKLY NEWSLETTER
A blog and newsletter about cybersecurity for anyone who wants to keep up-to-date with what is going on.
*Data Privacy