Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited
Microsoft recently discovered Russian state-sponsored hacker group APT28 (“Fancybear” or “Strontium”) exploiting a critical Outlook flaw to gain access to Microsoft Exchange accounts and steal their critical information. This Cybersecurity Threat Advisory looks at the threat and recommendations to protect against it. What is the threat? The security vulnerability, known as CVE-2023-23397, is a critical escalation of […]
A case study of a cyber attack where hackers manage to shutdown 30 Ukrainian substations in 2015
This week, we are going to look at a case study of a cyber attack that contributed to the hack shutdown 30 Ukrainian substations in 2015. Industrial Control System (ICS) are generally separated from the corporate networks (which are business administrative networks), but it is not the case. The openness between networks contributed to the […]
Cybersecurity Threat Advisory: High-severity WebRTC vulnerability
A critical vulnerability identified as CVE-2023-7024 poses a significant threat to Google Chrome and Microsoft Edge browser users. This high-severity flaw, a heap-based buffer overflow in the WebRTC framework, can lead to remote code execution and potential compromise of sensitive data. Read this Cybersecurity Threat advisory to learn how to mitigate the risks of this vulnerability. What […]
How to identify business critical systems?
If you are a returning viewer, welcome back to the 2nd posts of this month and thank you for your support. For this week, let’s have a look on business critical systems. There are three critical systems: 1. Mission critical systems These are the systems that are responsible for executing the functions organizations depend on […]
Cybersecurity Threat Advisory: Updated Bumblebee malware loader discovered
Today’s Cybersecurity Threat advisory discusses the update to the popular Bumblebee malware loader that increases its defense evasion capabilities. The loader is commonly distributed via “.lnk” (softlink/shortcut) files attached to an email or compressed in a .zip archive attached to an email. Once installed, the loader allows attackers to deploy their desired payload onto affected […]
Identifying your business assets (Confidentiality, Integrity, Availability)
Welcome back if you have been following our posts for cyber awareness month last month. If you are new to this post series, welcome and thank you for your support. As you probably realized, IT becomes integral to day-to-day operation of a business, the cost of failing to protect these systems becomes greater. All organizations […]
Cybersecurity Threat Advisory: Significant increase of cyber incidents
This Cybersecurity Threat Advisory sheds light on the recent global events between Israel and Hamas that have caused a surge in cyber incidents from hacker activists, also known as “hacktivists”. These attacks have been experienced on both sides of the conflict, as well as in other nations. Common targets of these attacks have been government […]
Avoid bankruptcy by Cyber ATTACK
We recently learned that cyber threat actors, with the intention of financial gain, have started to convert their business model to a subscription service. This service offers subscribers protection to be excluded from being ransom in the future. Welcome to the new digital era of extortion by actors who operate like mafia, extorting money to […]
Cybersecurity Threat Advisory: BlackCat ransomware targets Microsoft Azure
This Cybersecurity Threat Advisory reviews the latest movements of the BlackCat ransomware gang. They are using the Sphynx encryptor to target Microsoft Azure storage through a recently discovered vulnerability in Azure’s security infrastructure. The BlackCat (ALPHV) ransomware gang is using stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt targets’ Azure cloud storage. […]
Let’s talk about the top three ransomware in 2023.
First in the chart is Akira ransomware. It steals sensitive data and encrypts it, rendering it inaccessible to the victim. Threat actors then demand a ransom for decryption and threaten to leak the stolen data on the dark web if their demands are not met. It was first seen in early 2023. Second in the […]