Thoughts and Articles by Cyooda Security
To be or not to be a CISO
By John Reeman |
Do you aspire to be a CISO? As a former CISO, I felt compelled to write this article after seeing many articles about the role of a CISO and opinions on how hard it is becoming. I’m uncertain whether many people today would actually aspire to be a CISO given the pressures, the demands of…
Read More How To: Email Phishing, malicious payload analysis walkthrough
By John Reeman |
The other day I received a malicious phishing email with what appeared to be an invoice but in fact was a javascript embedded in an HTML document. So let’s get into it. Initial Inspection When I initially opened the document in my visual code editor it appeared as follows: The second line declares a variable…
Read More Data Security in the era of AI
By John Reeman |
In the era of AI, forward-thinking organisations need to adopt a new approach to protecting their most sensitive data. The growing volume of data and the propensity of its use means that organisations can no longer rely on traditional and manual data processing methods to manage unstructured data. The only way to manage data in the future will be with automation, and ironically AI.
Read More CyberChef : how to decode your data the easy way
By John Reeman |
Intro If you haven’t heard of CyberChef you may be thinking is a new robot being created to compete on the next series of “My Kitchen Rules” or go head to head with Gordon Ramsay on “Kitchen Nightmares”! Actually CyberChef or at least the one I’m referring to is actually a really cool tool developed…
Read More How to measure the success of your cybersecurity program
By John Reeman |
Being asked to present to the board and other key stakeholders in your business about the state of your cybersecurity program can be a daunting prospect. Putting aside the technical jargon can also be challenging for even the most seasoned security professional.
Read More Ransomware Resilience: How to prepare and respond in a crisis
By John Reeman |
Are you prepared for a ransomware attack? What should you do if you become a victim? This guide provides some practical advice you need to know & do to survive.
Read More Cyber Security News from around the world
Backlogs at National Vulnerability Database prompt action from NIST and CISA
By CSO Online | Cyber Security, Security News
Backlogs at the US National Vulnerability Database (NVD), a critical source of information about security flaws in software, have reached crisis proportions, prompting federal agencies to seek help from the private sector.
Read More Singapore Cybersecurity Update Puts Cloud Providers on Notice
By Dark Reading | Cyber Security, Legal, Security News
The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
Read More Microsoft Windows DWM Zero-Day Poised for Mass Exploit
By Tara Seals Managing Editor News Dark Reading | Cyber Security, Security News
CVE-2024-30051, under active exploit, is the most concerning out of this month's Patch Tuesday offerings, and already being abused by several QakBot actors.
Read More Google Chrome emergency update fixes 6th zero-day exploited in 2024
By Bleeping Computer | Cyber Security, Security News
Google has released emergency security updates for the Chrome browser to address a high-severity zero-day vulnerability tagged as exploited in attacks. [...]
Read More Botnet sent millions of emails in LockBit Black ransomware campaign
By Sergiu Gatlan | Cyber Security, Security News
Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign. [...]
Read More Hackers use DNS tunneling for network scanning, tracking victims
By Bleeping Computer | Cyber Security, Security News
Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities. [...]
Read More Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
By The Hacker News | Cyber Security, Security News
The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022. In a joint advisory published by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS
Read More Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part One
By Elastic Security | Cyber Security, Security News
This malware research article describes the REMCOS implant at a high level, and provides background for future articles in this multipart series.
Read More Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug
By Jai Vijayan Contributing Writer | Cyber Security, Security News
Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
Read More Microsoft releases Exchange hotfixes for security update issues
By Sergiu Gatlan | Cyber Security, Security News
Lessons for CISOs From OWASP’s LLM Top 10
By Dark Reading | AI, Cyber Security, Security News
It's time to start regulating LLMs to ensure they're accurately trained and ready to handle business deals that could affect the bottom line.
Read More Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery
By The Hacker News | Cyber Security, Security News
Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there's a larger, more pressing question: What is the true financial impact of a cyberattack? According to research by Cybersecurity Ventures, the global cost of cybercrime is projected to reach
Read More German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies
By The Hacker News | Cyber Security, Security News
German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R. "The suspects are strongly suspected of working for a Chinese secret service since an unspecified
Read More Microsoft: APT28 hackers exploit Windows flaw reported by NSA
By Sergiu Gatlan | Cyber Security, Security News
Synlab Italia suspends operations following ransomware attack
By Bleeping Computer | Cyber Security, Ransomware, Security News
Synlab Italia has suspended all its medical diagnostic and testing services after a ransomware attack forced its IT systems to be taken offline. [...]
Read More Russian Sandworm hackers targeted 20 critical orgs in Ukraine
By Bleeping Computer | Cyber Security, Security News
Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure facilities in Ukraine, according to a report from the Ukrainian Computer Emergency Response Team (CERT-UA). [...]
Read More Multiple LastPass Users Lose Master Passwords to Ultra-Convincing Scam
By Dark Reading | Cyber Security, Security News
CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent user into handing over their high-value credentials.
Read More Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing
By The Hacker News | Cyber Security, Security News
Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets. The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet
Read More Vietnamese Cybercrime Group CoralRaider Nets Financial Data
By Dark Reading | Cyber Security, Security News
With a complex attack chain and using Telegram for its command and control, CoralRaider targets victims in Asian countries — and appears to have accidentally infected itself as well.
Read More Targus discloses cyberattack after hackers detected on file servers
By Bleeping Computer | Cyber Security, Data Breach, Security News
Laptop and tablet accessories maker Targus disclosed that it suffered a cyberattack disrupting operations after a threat actor gained access to the company's file servers. [...]
Read More SUBSCRIBE TO OUR BLOG AND 'THE CYBERSECURITY LOOP' : WEEKLY NEWSLETTER
A blog and newsletter about cybersecurity for anyone who wants to keep up-to-date with what is going on.
GDPR