|
In The Wild - CyberSecurity Newsletter
Welcome to the 140th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information you may find helpful.
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.
|
|
Managing information security for a mobile workforce takes a strategic effort prior to allowing employees access to company information via personally owned devices. Implementing an effective bring your own device (BYOD) policy requires balancing competing fears of the employer who may be concerned about security and the threat of exposing the company’s information to vulnerabilities and the privacy concerns of the employee. Further concerns may arise due to legal (electronic discovery requests) and labor issues protecting non-exempt employees in some states. It is highly recommended that any BYOD policy should be fully vetted with legal counsel prior to implementation.
|
|
|
|
The FBI has observed cyber actors circumventing multi-factor authentication through common social engineering and technical attacks. This PIN explains these methods and offers mitigation strategies for organizations and entities using multi-factor authentication in their security efforts. Multi-factor authentication continues to be a strong and effective security measure to protect online accounts, as long as users take precautions to ensure they do not fall victim to these attacks.
|
|
|
Cybersecurity is broken. It’s a bold statement, but given the increasing frequency of cyber breaches, along with the presence of more varied and evolving threats, there is growing uncertainty about the ability of the cybersecurity industry to protect its customers. There is virtually no company that isn’t a potential target. From mom-and-pop storefronts to Fortune 500 companies, no business is immune to cyber risk. Even with the best possible cybersecurity posture, there is always a threat of a breach.
|
|
|
More than three years after media reports disclosed hackers were interfering in the 2016 U.S. presidential race to influence voters, most of the country's candidates in the 2020 presidential election are struggling with cybersecurity issues, according to a nonpartisan group focused on internet standards. A majority of the 23 candidates in the race for the White House failed to meet the privacy and security standards set by the Internet Society's Online Trust Alliance (OTA), according to the group's audit released this week.
|
Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with someone curious. » Find Out Here! »
|
|
|
Amid the complexity of cybersecurity and the secrecy of criminal hackers, security threats have acquired an aura of mysticism, giving rise to enduring legends, rumors, misperceptions, and outright myths. In the cybersecurity space, these myths are almost always damaging. Watching from the murky underworld, attackers can find the people and businesses that believe these myths, then they strike.
|
|
|
Global shipping and mailing services company Pitney Bowes announced today that it was the victim of a ransomware attack that encrypted some of its systems, leading to a partial system outage that impacted customer access to some services. Pitney Bowes is a global tech company that provides mailing, e-commerce, shipping, data, and financial services, and powering billions of transactions for more than 1.5 million clients around the world, including 90% of Fortune 500 companies according to a press release published today.
|
|
|
Business email compromise (BEC) ramped up 269% from last quarter to this quarter, according to Mimecast's latest Email Security Risk Assessment (ESRA). This quarter showed a massive spike in emails containing dangerous file types, malware attachments, and spam in target inboxes. The quarterly report reviewed more than 260 million emails from more than 480,000 users. Of the emails that were scanned and successfully delivered, 28.8 million were spam, 28,808 contained malware attachments, and 28,726 contained dangerous file types. More than 60,000 of these messages contained BEC, or impersonation fraud, scams.
|
|
|
I've worked with hundreds of executives and CEOs, and the one thing that they all have in common is the feeling that they never have enough time. Time to think, to strategize, and to get ahead of the game. They feel pulled toward meetings, urgent problems, and last-minute calls others place on their calendars. It leaves them feeling like they're struggling to be anything other than reactive. Although we can't control time, we can manage it a lot better than we think we can. In fact, for most of us, it's actually shocking how much more productive we can be with a little attention.
|
|
|
10 Other Interesting Links From This Week
There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:
|
|
Comments
Post a Comment