SBS CyberSecurity - In The Wild 220

 

In The Wild - CyberSecurity Newsletter Welcome to the 220th issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Hacker Hour: The Rise of the vCISO SBS Educational Resources Held:  Wed, Apr 28, 2021 2:00 PM - 3:00 PM CDT The term vCISO (virtual chief information security officer) is a relatively new term being used in the cyber world, but the outsourcing solution itself is rather mature.  The vCISO solution has been touted as an innovative way to help close the cybersecurity talent gap for organizations, but it's important to know that not all vCISO programs are created equal. Join SBS as we discuss why the vCISO is on the rise and discover the pros and cons of considering this model for your organization in the future. Read Here »   Hackers go after SonicWall email appliances with three zero-days The Record A hacking group has used three zero-day vulnerabilities impacting SonicWall products to breach corporate networks and install backdoors, security firm FireEye said in a report on Tuesday. Read Here »   Why You Need Attack Surface Management (And How To Achieve It) SecurityIntelligence Attack surface management (ASM) has rightly become a major priority for business leaders and digital defenders alike. Read Here »   REvil ransomware – what you need to know TripWire REvil is an ambitious criminal ransomware-as-a-service (RAAS) enterprise that first came to prominence in April 2019, following the demise of another ransomware gang GandCrab. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Malware and ransomware gangs have found this new way to cover their tracks ZDNet There's been a huge uptick in the proportion of malware using TLS or the Transport Layer Security to communicate without being spotted, cybersecurity firm Sophos reports. Read Here »   Ransomware gang offers traders inside scoop on attack victims so they can short sell their stocks SCMagazine Brazen ransomware groups are continuing to seek out new avenues to rake in profits and ratchet up pressure on victims. In one of the latest such developments, the DarkSide ransomware group is openly coaxing stock traders to reach out and receive the inside scoop on the gang’s latest corporate victims, so they can short sell their stock before any data is leaked and the news goes public. Read Here »   Exchange Online down: Microsoft 365 outage affects email delivery BleepingComputer A Microsoft 365 outage is preventing Exchange Online users from sending and receiving emails, with messages being stuck in transit and not reaching the recipients' inboxes. Read Here »   Avoiding Leadership Burnout ThriveGlobal As a leader, especially through a global pandemic, you must be proactive about managing your stress. When stress is left unchecked, it can lead to burnout. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      Krebs on Security: Note to Self- Create Non-Exhaustive List of Competitors      SecurityIntelligence: A Checklist for Offboarding Remote Employees Securely      ThreatPost: REvil’s Big Apple Ransomware Gambit Looks to Pay Off      CPO: What Hospitals Need to Know about the Dark Web and Post-Pandemic Threats      BankInfoSecurity: Analysts Uncover More Servers Used in SolarWinds Attack      BleepingComputer: Passwordstate password manager hacked in supply chain attack      BleepingComputer: A ransomware gang made $260,000 in 5 days using the 7zip utility      The Hacker News: Lazarus APT Hackers are now using BMP images to hide RAT malware      The Hacker News: What are the different roles within cybersecurity?      ZDNet: SolarWinds hack analysis reveals 56% boost in command server footprint