SBS CyberSecurity - In The Wild 263

 

In The Wild - CyberSecurity Newsletter Welcome to the 263rd    issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Kerberoasting – The Potential Dangers of SPN Accounts SBS Educational Resources SBS CyberSecurity’s network security team performs hundreds of internal penetration tests each year. Over time, our clientele has consistently improved their security posture. However, some old tried and true attacks never seem to go away. Read Here »   CISA Adds Nine Known Exploited Vulnerabilities to Catalog Cybersecurity & Infrastructure Security Agency CISA has added nine new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. Read Here »   CISA creates new online resource hub The Record The Cybersecurity and Infrastructure Security Agency (CISA) on Friday launched a new hub that organizations can use to discover free public and private sector resources to strengthen their cybersecurity. Read Here »   Hackers slip into Microsoft Teams chats to distribute malware BleepingComputer Security researchers warn that some attackers are compromising Microsoft Teams accounts to slip into chats and spread malicious executables to participants in the conversation. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » US officials prep big banks and utilities for potential Russian cyberattacks as Ukraine crisis deepens CNN Despite predictions in the early days of the pandemic that firms would rein in outsourcing strategies, the third-party ecosystem continues to grow. Read Here »   FBI and Secret Service warn about ransomware-as-a-service gang Washington Examiner Cyberattackers are using BlackByte, a ransomware-as-a-service group, to target critical infrastructure in the United States, including government facilities, financial institutions, and the agriculture industry, according to a recent advisory from the FBI and Secret Service. Read Here »   Trickbot abuses top brands including Bank of America, Wells Fargo in attacks against customers ZDNet The malware is said to pose a "great danger" to the customers of 60 finance and tech giants. Read Here »   We interviewed 50 ‘bad bosses’ to learn it only takes a few toxic behaviors for everything to go FastCompany Micromanaging can be a slippery slope. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      ABC7News: Zelle scam- Wells Fargo customers lose thousands after scammers pose as bank employees      Threatpost: Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers      Threatpost: Ukrainian DDoS Attacks Should Put US on Notice–Researchers      BleepingComputer: Iranian hackers target VMware Horizon servers with Log4j exploits      BleepingComputer: The Week in Ransomware - February 18th 2022 - Mergers & Acquisitions      ZDNet: Ransomware attacks more than doubled last year – these cybersecurity basics can protect you      ZDNet: Singapore bank gives customers 'kill switch' to freeze accounts in case of fraud      The Hacker News: Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm      The Hacker News: 4 Cloud Data Security Best Practices All Businesses Should Follow Today      DarkReading: NSA Issues Guidance for Selecting Strong Cisco Password Types