SBS CyberSecurity - In The Wild 242

 

In The Wild - CyberSecurity Newsletter Welcome to the 242nd issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           {DOWNLOAD} 5 KEY QUESTIONS TO CONSIDER WHEN RESEARCHING A VCISO SOLUTION SBS Educational Resources Consistent breaches, demand for information security consulting, and a limited supply of qualified specialists all support the idea of outsourcing the key information security officer position as a viable option. This guide outlines questions to ask when researching a vCISO solution. Plus, get an insider’s list of questions for potential providers. Read Here »   NIST Issues Cybersecurity Framework for Ransomware Risk Management The National Law Review The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) recently issued a Ransomware Profile identifying steps organizations can take to prevent, respond to and recover from ransomware events. Read Here »   Canadian VoIP provider held for ransom by DDoS attack IT World Canada A Canadian voice-over-IP provider called VoIP.ms is being held to ransom by what it called a “massive” and sustained DDoS attack, which could cause the company to lose business. Read Here »   Hackers leak LinkedIn 700 million data scrape: TheRecord A collection containing data about more than 700 million users, believed to have been scraped from LinkedIn, was leaked online this week after hackers previously tried to sell it earlier this year in June. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Iowa farm services provider hit with BlackMatter ransomware and $5.9 million ransom ZDNet Security researchers leaked conversations between New Cooperative negotiators and BlackMatter operators. Read Here »   5 Tips for Achieving Better Cybersecurity Risk Management ThreatPost Casey Ellis, founder, CTO and chairman of Bugcrowd, discusses a roadmap for lowering risk from cyberattacks most effectively. Read Here »   Hackers exploiting critical VMware vCenter CVE-2021-22005 bug BleepingComputer Exploit code that could be used for remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 has been released today and attackers are already using it. Read Here »   COVID-19 vs. flu symptoms: As delta variant spreads, keep these CDC pages handy for early signs Fast Company Flu season is upon us, and the CDC has a page dedicated to the differences and similarities between the flu and COVID-19. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: Does Your Organization Have a Security.txt File?      KrebsOnSecurity: Trial Ends in Guilty Verdict for DDoS-for-Hire Boss      BleepingComputer: Netgear fixes dangerous code execution bug in multiple router      BleepingComputer: Microsoft rushes to register Autodiscover domains leaking credentials      BoingBoing: Project Veritas scammed out of $165,000 by a phishing email      Scientific American: Social Security Numbers Aren’t Secure: What Should We Use Instead?      ZDNet: After ransomware attack, company finds 650+ breached credentials from NEW Cooperative employees      ZDNet: This ransomware-dropping malware has swapped phishing for a sneaky new attack route      The Hacker News: SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices      The Hacker News: Cisco Releases Patches 3 New Critical Flaws Affecting IOS XE Software