SBS CyberSecurity - In the Wild 269

 


SBS Newsletter header

 

In The Wild - CyberSecurity Newsletter

Welcome to the 269th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.

Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!

         

CYBER INCIDENT REPORTING FOR CRITICAL INFRASTRUCTURE ACT OF 2022

SBS Educational Resources

On March 15, 2022, President Biden signed the Consolidated Appropriations Act, 2022, H.R. 2471, which is the fiscal year 2022 omnibus spending bill. Of special interest in the bill is the Cyber Incident Reporting for Critical Infrastructure Act of 2022.

Read Here »  

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

KrebsOnSecurity

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death.

Read Here »  

Image

Ransomware Payments Hit New Records in 2021 as Dark Web Leaks Climbed, According to New Report from Palo Alto Networks Unit 42

Palo Alto Networks

Average ransom demand rose 144% to $2.2 million. Average payment rose 78% percent to $541,010. Posts on name-and-shame Dark Web leak sites climbed 85%.

Read Here »  

American Express down in outage: users report login and payment issues

BleepingComputer

Yesterday, American Express users across the world including US, UK, and Europe, experienced widespread outages lasting hours. And, the payment services giant advises that some users may continue to experience issues online or over the phone.

Read Here »  

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Image

Court denies SolarWinds bid to throw out breach lawsuit

SC Media

A Texas judge has dismissed claims that former SolarWinds CEO Kevin Thompson was personally liable for deceiving investors about the company’s cybersecurity, but otherwise will allow a class-action lawsuit filed against the company, its executives and investors in the wake of the 2020 Orion breach to proceed.

Read Here »  

FBI: Ransomware attacks are piling up the pressure on public services

ZDNet

Cyber criminals are targeting healthcare, emergency services and local government because they know people's everyday lives rely on these critical services.

Read Here »  

Russian Wiper Malware Likely Behind Recent Cyberattack on Viasat KA-SAT Modems

The Hacker News

The cyberattack aimed at Viasat that temporarily knocked KA-SAT modems offline on February 24, 2022, the same day Russian military forces invaded Ukraine, is believed to have been the consequence of wiper malware, according to the latest research from SentinelOne.

Read Here »  

Image

11 Ways Business Leaders Can Approach Practicing Mindfulness

Newsweek

To help leaders learn how to take it easy, 11 Newsweek Expert Forum members share advice on how one can simply approach practicing mindfulness while also operating a successful business.

Read Here »

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

*     KrebsOnSecurity: Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

*     The Hacker News: CISA Warns of Ongoing Cyber Attacks Targeting Internet-Connected UPS Devices

*     The Hacker News: Chinese Hackers Target VMware Horizon Servers with Log4Shell to Deploy Rootkit

*     DARKReading: What You Need to Know About PCI DSS 4.0's New Requirements

*     BleepingComputer:The Week in Ransomware - April 1st 2022 - 'I can fight with a keyboard'

*     BleepingComputer: LockBit victim estimates cost of ransomware attack to be $42 million

*     Venture Beat: Hive ransomware group claims to steal California health plan patient data

*     CSO: 5 old social engineering tricks employees still fall for, and 4 new gotchas

*     The Washington Post: How Ukraine’s Internet still works despite Russian bombs, cyberattacks

*     ZDNet: Cybersecurity managers with a direct line to executive boards set the tone for investment: Study

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"