Increase your Cybersecurity effectiveness

The very best knowledge of all aspects of cybersecurity.

Get our blog and 'The Cybersecurity Loop' newsletter delivered to your inbox:

Thoughts and Articles by Cyooda Security

Vulnerability Management

Vulnerability Management Metrics: How to be effective

๐Ÿ”’Implementing a robust Vulnerability Management Program is a critical step in strengthening your organisation’s cyber defences. But how do you determine its effectiveness? Success cannot be measured merely by the number of vulnerabilities identified or patches applied.๐Ÿ”’ Key metrics can provide a clear picture of your program’s performance and effectiveness. Here are a few critical…
Read More
Data Security and Privacy

Data Privacy: What is Personally Identifiable Information (PII)?

What is Personally Identifiable Information (PII) In a world where personal information is constantly being shared and disseminated online, protecting your privacy has become more important than ever. Understanding what constitutes Personally Identifiable Information (PII) is crucial in safeguarding your sensitive data. From your name and address to your superannuation number and banking details, PII…
Read More
Virtual CISO

Virtual CISO for hire: Reduce cyber risk for your business

As cybersecurity threats continue to evolve and become more sophisticated, organizations must stay one step ahead to protect their valuable data and assets. In today’s digital landscape, the role of a Chief Information Security Officer (CISO) is vital in ensuring the security of an organization’s systems and information. However, not every organization has the resources…
Read More
IRAP Assessment

Demystifying an IRAP Assessment: Everything You Need to Know

Are you a business owner looking to understand the ins and outs of the IRAP assessment? Look no further! In this comprehensive guide, we will demystify the IRAP assessment and provide you with everything you need to know. The IRAP assessment, or Information Security Registered Assessors Program, is a crucial step in ensuring the security…
Read More
Data Security and Data Privacy

Data Privacy in Australia: Safeguard Your Personal Data

In an increasingly interconnected digital world, data privacy has become a critical concern for individuals and businesses alike. Nowhere is this more evident than in Australia, where safeguarding online information has taken on utmost importance. With cyber threats on the rise and data breaches becoming more frequent, protecting sensitive data has become imperative for Australians.…
Read More
Virtual CISO Costs

Why having a Virtual CISO is important for your business?

๐Ÿ’ผ Small to medium-sized businesses (SMBs) often underestimate their vulnerability to cyber threats, primarily because they lack the necessary tools and expertise to protect against these risks. That’s where a ๐•๐ข๐ซ๐ญ๐ฎ๐š๐ฅ ๐‚๐ˆ๐’๐Ž (Chief Information Security Officer) comes into play! ๐Ÿ’ผ A Virtual CISO is not only a cost-effective solution, but they can also deliver a…
Read More

Cyber Security News from around the world

DDoS attacks target EU political parties as elections begin

Hacktivists are conducting DDoS attacks on European political parties that represent and promote strategies opposing their interests, according to a report by Cloudflare. [...]
Read More

Atlassian Confluence High-Severity Bug Allows Code Execution

Because of the role the Confluence Server plays in managing documentation and knowledge data bases, the researchers recommend users upgrade to patch CVE-2024-21683 as soon as possible.
Read More

BreachForums Returns Just Weeks After FBI Seizure – Honeypot or Blunder?

The online criminal bazaar BreachForums has been resurrected merely two weeks after a U.S.-led coordinated law enforcement action dismantled and seized control of its infrastructure. Cybersecurity researchers and dark web trackers Brett Callow, Dark Web Informer, and FalconFeeds revealed the site's online return at breachforums[.]st โ€“ one of the dismantled sites โ€“ by a user named ShinyHunters,
Read More

Over 90 malicious Android apps with 5.5M installs found on Google Play

Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity. [...]
Read More

Attackers Target Check Point VPNs to Access Corporate Networks

Using VPNs as an initial access vector is ironic, given that security is the very reason enterprises employ them in the first place.
Read More

Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud

Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that's behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. "Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate," the company said in its latest Cyber Signals report. "We've seen some examples where
Read More

6 Facts About How Interpol Fights Cybercrime

So you think you know Interpol? Here are some key details of how this international law enforcement entity disrupts cybercrime worldwide.
Read More

Google Discovers Fourth Zero-Day in Less Than a Month

The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.
Read More

Backlogs at National Vulnerability Database prompt action from NIST and CISA

Backlogs at the US National Vulnerability Database (NVD), a critical source of information about security flaws in software, have reached crisis proportions, prompting federal agencies to seek help from the private sector.
Read More

Singapore Cybersecurity Update Puts Cloud Providers on Notice

The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
Read More

Microsoft Windows DWM Zero-Day Poised for Mass Exploit

CVE-2024-30051, under active exploit, is the most concerning out of this month's Patch Tuesday offerings, and already being abused by several QakBot actors.
Read More

As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs

Scattered Spider is as active as ever, despite authorities claiming that they're close to nailing its members.
Read More

Microsoft fixes VPN failures caused by April Windows updates

Today, Microsoft fixed a known issue breaking VPN connections across client and server platforms after installing the April 2024 Windows security updates. [...]
Read More

Google Chrome emergency update fixes 6th zero-day exploited in 2024

Google has released emergency security updates for the Chrome browser to address a high-severity zero-day vulnerability tagged as exploited in attacks. [...]
Read More

Botnet sent millions of emails in LockBit Black ransomware campaign

Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign. [...]
Read More

Hackers use DNS tunneling for network scanning, tracking victims

Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities. [...]
Read More

Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia

The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022. In a joint advisory published by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS
Read More

Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part One

This malware research article describes the REMCOS implant at a high level, and provides background for future articles in this multipart series.
Read More

Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug

Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
Read More

Microsoft releases Exchange hotfixes for security update issues

Microsoft has released hotfix updates to address multiple known issues impacting Exchange servers after installing the March 2024 security updates. [...]
Read More
The Cyber Security Loop Newsletter


A blog and newsletter about cybersecurity for anyone who wants to keep up-to-date with what is going on.

*Data Privacy

Terms and Conditions checkbox is required.
Something went wrong. Please check your entries and try again.