SBS CyberSecurity - In The Wild 260

 

In The Wild - CyberSecurity Newsletter Welcome to the 260th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           {THREAT ADVISORY} LOCKBIT 2.0 RANSOMWARE GROUP ATTACKING FINANCIAL INSTITUTIONS SBS Educational Resources The LockBit 2.0, formerly LockBit, ransomware group was very active in Q2 2021. After a slight dip in activity in August, the group is back now with its Ransomware-as-a-Service (RaaS) affiliate model. Read Here »   Scary Fraud Ensues When ID Theft & Usury Collide KrebsOnSecurity What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Read Here »   22 cybersecurity myths organizations need to stop believing in 2022 CSO Security teams trying to defend their organizations need to adapt quickly to new challenges. Yesterday’s buzzwords and best practices have become today’s myths. Read Here »   How CISOs are preparing to tackle 2022 Microsoft To continually understand the priorities and concerns of our community, we run research with security leaders every six months. … The top five challenges shown below, as reported by survey takers, are very consistent with what I’m hearing in my regular interactions with customers and partners. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Bosses think that security is taken care of: CISOs aren't so sure ZDNet The World Economic Forum warns about a significant gap in understanding between C-suites and information security staff - but it's possible to close the gap. Read Here »   Report: DHS Fears Russian Cyberattack If US Acts on Ukraine BankInfoSecurity Officials Believe Russia Would Consider 'Cyberattack on Homeland' If Provoked. Read Here »   Windows vulnerability with new public exploits lets you become admin BleepingComputer A security researcher has publicly disclosed an exploit for a Windows local privilege elevation vulnerability that allows anyone to gain admin privileges in Windows 10. Read Here »   8 phrases that make you sound weak at work and what to say instead to be a stronger communicator Business Insider Our words matter to how we are perceived. Think about how you want to sound before you speak. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams      KrebsOnSecurity: Who Wrote the ALPHV/BlackCat Ransomware Strain?      ProPublica: A Former Hacker’s Guide to Boosting Your Online Security      ZDNet: 'We're losing control of our data' as breaches reach an all-time high      Engadget: White House tells agencies to adopt the 'Zero Trust' security model      FEDSCOOP: NIST releases automation-friendly security and privacy assessment procedures      CISA: Infographic on Layering Network Security Through Segmentation      ThreatPost: 2FA App Loaded with Banking Trojan Infests 10K Victims via Google Play      ThreatPost: New Year, New Threats:-4 Tips to Activate Your Best Cyber-Defense      BleepingComputer: Lazarus hackers use Windows Update to deploy malware