SBS CyberSecurity - In The Wild 267

 

SBS Newsletter header

 

In The Wild - CyberSecurity Newsletter

Welcome to the 267th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.

Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!

         

Hacker Hour: Top 5 IT Exam Recommendations

SBS Educational Resources

IT audits or exams are a vital measurement for an organization. They ensure that the company continues to mature and achieve compliance but, more importantly, adopt a proactive security mindset. SBS is fortunate to work with thousands of institutions and we see a wide range of exam/audit findings. This session will cover the top five exam recommendations and open the discussion about what other findings are popping up around the country. Please join us and share your experience with hundreds of other security professionals.

Read Here »  

Biden signs cyber incident reporting bill into law

The Record

President Joe Biden on Tuesday signed into law a $1.5 trillion government funding bill that includes legislation mandating critical infrastructure owners report if their organization has been hacked or made a ransomware payment.

Read Here »  

Facing the Knowledge Gap

Jeffer Mangels Butler & Mitchell LLP

Complying with privacy mandates, and preparing for and defending against a data breach, requires knowledge – it requires visibility.

Read Here »  

Image

The Golden Hour of Incident Response

The Hacker News

As a CSIRT consultant, I cannot overemphasize the importance of effectively managing the first hour in a critical incident.

Read Here »  

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

New Unix rootkit used to steal ATM banking data

BleepingComputer

Threat analysts following the activity of LightBasin, a financially motivated group of hackers, report the discovery of a previously unknown Unix rootkit that is used to steal ATM banking data and conduct fraudulent transactions

Read Here »  

CISA and FBI warning: Hackers used these tricks to dodge multi-factor authentication and steal email from NGO

ZDNet

Russian state-sponsored hackers have used a clever technique to disable multi-factor authentication (MFA) and exploit a Windows 10 printer spooler flaw to compromise networks and high-value domain accounts. The goal? Accessing the victim's cloud and email.

Read Here »  

Agencies Warn on Satellite Hacks & GPS Jamming Affecting Airplanes, Critical Infrastructure

ThreatPost

The warning came in tandem with a separate alert from the FBI and the U.S. Cybersecurity Infrastructure and Security Agency (CISA) that hackers could be targeting satellite communications networks in general.

Read Here »  

How Emotionally Intelligent People Use the 'Blue Dolphin' Rule to Control Negative Thoughts

Inc.

Psychology's 'ironic process theory' says it's hard to suppress unwanted thoughts. Enter the blue dolphin.

Read Here »

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

*     KrebsOnSecurity:Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

*     KrebsOnSecurity: Lawmakers Probe Early Release of Top RU Cybercrook

*     BleepingComputer: The Week in Ransomware - March 18th 2022 - Targeting the auto industry

*     BleepingComputer: Hackers claim to breach TransUnion South Africa with 'Password' password

*     DARKReading: 6 Reasons Not to Pay Ransomware Attackers

*     Cybersecurity Dive: Kronos ransomware attack raises questions of vendor liability

*     Cybersecurity and Infrastructure Security Agency: CISA Adds 15 Known Exploited Vulnerability to Catalog

*     ZDNet: 'Everyone loses': This new ransomware threatens to wipe Windows PCs if its victims don't pay up

*     The Hacker News: Nearly 34 Ransomware Variants Observed in Hundreds of Cyberattacks in Q4 2021

*     The Hacker News: FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"