SBS CyberSecurity - In The Wild 133

In The Wild - CyberSecurity Newsletter

Welcome to the 133rd issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information you may find helpful.
Related image
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.
Image result for sbs cybersecurity twitter

How the Cyber Kill Chain Can Help You Protect Against Attacks

SBS Educational Resources

If you’ve been involved in cybersecurity for any period of time, you’ve likely heard of the concept of defense in depth security strategies. The general idea behind defense in depth is that there is no ‘silver bullet’ security measure that can fully protect our networks, so we seek to deploy a series of administrative, technical, and physical security controls that work in concert to make our security posture acceptable.

Forced Password Reset? Check Your Assumptions

Krebs on Security

Almost weekly now I hear from an indignant reader who suspects a data breach at a Web site they frequent that has just asked the reader to reset their password. Further investigation almost invariably reveals that the password reset demand was not the result of a breach but rather the site’s efforts to identify customers who are reusing passwords from other sites that have already been hacked.

Hackers Actively Trying to Steal Passwords from 2 Widely Used VPNs

ars technica

Hackers are actively unleashing attacks that attempt to steal encryption keys, passwords, and other sensitive data from servers that have failed to apply critical fixes for two widely used virtual private network (VPN) products, researchers said. The vulnerabilities can be exploited by sending unpatched servers Web requests that contain a special sequence of characters, researchers at the Black Hat security conference in Las Vegas said earlier this month.

The WIRED Guide to Cyberwar

Wired

Not so long ago, stories about cyberwar started with scary hypotheticals: What if state-sponsored hackers were to launch widespread attacks that blacked out entire cities? Crippled banks and froze ATMs across a country? Shut down shipping firms, oil refineries, and factories? Paralyzed airports and hospitals? Today, these scenarios are no longer hypotheticals: Every one of those events has now actually occurred. Incident by catastrophic incident, cyberwar has left the pages of overblown science fiction and the tabletops of Pentagon war games to become a reality.
Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »


14 Simple Strategies For Consumers To Avoid Cybercrime

Forbes

In the past, many consumers considered that only businesses would be at risk of cybercrime. However, today's cybercriminals target both businesses and individuals without restraint. Each time you log on to the internet or use some form of connected banking, you are exposing yourself to potential cybercrime. So how can an individual defend against the ever-present threat of cybercrime? What dos and don’ts should consumers follow every time they go online?

I Visited 47 Sites. Hundreds of Trackers Followed Me

The New York Times

Earlier this year, an editor working on The Times’s Privacy Project asked me whether I’d be interested in having all my digital activity tracked, examined in meticulous detail and then published — you know, for journalism. “Hahaha,” I said, and then I think I made an “at least buy me dinner first” joke, but it turned out he was serious. What could I say? I’m new here, I like to help, and, conveniently, I have nothing whatsoever at all to hide.

Firewall Best Practices to Protect Against Ransomware

Sophos News

Ransomware has recently vaulted to the top of the news again, as devastating attacks continue to impact government, education and business operations in many jurisdictions, particularly in the United States. The most famous network vulnerability exploited in a ransomware attack was EternalBlue a couple of years ago. But since then, new vulnerabilities like BlueKeep have been discovered (and patches made available), but there are still many networks out there that are vulnerable.

How to Hire and Retain More Cybersecurity Professionals

BizTech

For all the difficulties that modern threat actors throw at them, IT security leaders’ biggest challenge may be a simple human one: how to hire and retain enough qualified professionals to maintain secure networks. According to the 2017 Global Information Security Workforce Study, two-thirds of organizations said they lack the number of cybersecurity professionals needed for today’s threat climate. By another estimate, 74 percent of organizations say the cybersecurity skills shortage has impacted them to some degree.

Image result for sbs cybersecurity twitter

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"