|
In The Wild - CyberSecurity Newsletter
Welcome to the 157th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information you may find helpful.
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.
|
Hopefully, your organization has never experienced a major cybersecurity incident, and hopefully you never will. However, for those that have experienced an incident and did not have a strong Incident Response Plan (IRP) that helped prepare the organization to deal with incidents ahead of time, one of the biggest regrets is not having taken the time to sit down and walk through different and highly impactful incidents. Enter, the Incident Response Playbook.
|
|
|
Many modern vehicles let owners use the Internet or a mobile device to control the car’s locks, track location and performance data, and start the engine. But who exactly owns that control is not always clear when these smart cars are sold or leased anew. Here’s the story of one former electric vehicle owner who discovered he could still gain remote, online access to his old automobile years after his lease ended.
|
|
Only a few times in the history of hacking has a piece of malicious code been spotted attempting to meddle directly with industrial control systems, the computers that bridge the gap between digital and physical systems. Those rare specimens of malware have destroyed nuclear enrichment centrifuges in Iran and caused a blackout in Ukraine. Now, a malware sample has surfaced that uses specific knowledge of control systems to target them with a far blunter, and more familiar, tactic: Kill the target's software processes, encrypt the underlying data, and hold it hostage.
|
|
The financial services sector in the U.S. found itself under a barrage of cyberattacks last month, all bent on delivering a powerful backdoor called Minebridge. The attack chain employed a known method called “VBS Stomping” to avoid detection. The campaigns, aimed at enabling further malware infections and espionage efforts, were initiated via phishing emails with attached documents containing malicious macros. The emails were coming from fake domains that were geared to add legitimacy to the messages, resulting in a convincing theme running throughout the proceedings.
|
Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »
|
|
The Credit Union National Association, a major lobbyist and trade association for credit unions, is recovering after its systems were knocked offline earlier this week following a “cyber incident.” CUNA, headquartered in Washington, DC, represents state and federally chartered credit unions across the U.S. and provides lobbying, advocacy and other trade association services.
|
|
In a blog post promoting the capabilities of its commercial security platform -- the Microsoft Defender ATP -- Microsoft said that on a daily basis, the company's security team detects and tracks on average around 77,000 active web shells, spread across 46,000 infected servers. But while the Microsoft blog post goes on to promote Defender ATP's industry-recognized detection capabilities, the nugget in Microsoft's recent marketing material is the 77,000 and 46,000 daily statistics.
|
|
A transformative piece of technology is supposed to “disrupt” the unwieldy ways that came before it. On Monday evening, an app built to deliver quicker caucus results took the Silicon Valley term of art literally, contributing to massive delays in reporting the results in Iowa. Hours after the caucuses ended, the state Democratic Party, citing inconsistencies in the reporting data, still has not publicly reported any results. It stressed there was no “hack or intrusion.”
|
|
Your best morning routine is more than the ideal start to your day. It’s an opportunity to reset; to forget about what happened yesterday, develop a positive mindset about the day ahead, and to take care of yourself before stressors have a chance to crop up. While most of us want to get the same things out of our morning routine, we go about starting our day in different ways. Some people love to get up early and exercise. Others are happy to lie in bed until the last minute. Some drink coffee, others drink only water, and some skip straight to breakfast.
|
|
10 Other Interesting Links From This Week
There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:
|
|
Comments
Post a Comment