SBS CyberSecurity - In The Wild 253

 

In The Wild - CyberSecurity Newsletter Welcome to the 253rd issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           {HACKER HOUR} INTRODUCTION TO OPEN SOURCE INTELLIGENCE WITH CYNTHIA HETHERINGTON SBS Educational Resources Date: Wednesday, December 22, 2021 Time: 2:00 - 3:00 PM Join SBS as we invite Cynthia Hetherington to stop by and discuss OSINT and cyber investigations. With over two decades of expertise, Hetherington Group is a leader in due diligence, corporate intelligence, and cyber investigations. Cynthia will be sharing her expertise in this increasingly data-intensive, cyber focused-world. Read Here »   With 18,378 vulnerabilities reported in 2021, NIST records fifth straight year of record numbers ZDNet A record of 18,378 vulnerabilities was reported in 2021, but the number of high severity vulnerabilities was lower than in 2020. Read Here »   U.S. bank regulator urges vigilance as ransomware attacks on the rise Reuters A top U.S. banking regulator is cautioning firms to ensure they have robust policies to protect themselves from cyberattacks, saying it is seeing an uptick in ransomware attacks, it said in a report issued Monday. Read Here »   Are You Guilty of These 8 Network-Security Bad Practices? ThreatPost Tony Lauro, director of Security Technology & Strategy at Akamai, discusses VPNs, RDP, flat networks, BYOD and other network-security bugbears. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » IoT under attack- Security is still not good enough on these edge devices ZDNet Most enterprises don't have visibility into the IoT devices that are being attacked by hackers who want to breach corporate IT networks. Read Here »   SolarWinds hackers have a whole bag of new tricks for mass compromise attacks ars technica The Kremlin-backed hacking outfit's toolbox seems to grow by the month. Read Here »   Amazon explains the cause behind Tuesday’s massive AWS outage BleepingComputer Amazon has published a post-event summary to shed some light on the root cause behind this week's massive AWS outage that took down a long list of high-profile sites and online services, including Ring, Netflix, Amazon Prime Video, and Roku. Read Here »   Delegating shouldn’t be scary. Here’s how to do it right and become a better leader FastCompany Executive coach Frank Faeth says that to delegate effectively, it’s essential to embrace the fundamental truth that your teams can often do it better. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: Canada Charges Its “Most Prolific Cybercriminal”      NPR: Criminal hackers are now going after phone lines, too      CSO: A security practitioner's take on CISA’s Incident and Vulnerability Response Playbooks      TheRecord: Don't panic about cyber insurers pulling up the drawbridge, says Lloyd's      BleepingComputer: New zero-day exploit for Log4j Java library is an enterprise nightmare      BleepingComputer: The Week in Ransomware - December 10th 2021 - Project CODA      ZDNet: CISA releases advisory on five Apache HTTP server vulnerabilities affecting Cisco products      The Hacker News: SonicWall Urges Customers to Immediately Patch Critical SMA 100 Flaws      The Hacker News: Vulnerability Scanning Frequency Best Practices      cnet: Hacks, ransomware and data privacy dominated cybersecurity in 2021