SBS CyberSecurity - In The Wild 270

 

In The Wild - CyberSecurity Newsletter Welcome to the 270th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           #ASKSBS: TIME BOMB RANSOMWARE SBS Educational Resources Question: I'm hearing a lot of ransomware is now "time bombed" for 90 days to 6 months. How can we assure we aren't backing up ransomware? Read Here »   Actions Target Russian Govt. Botnet, Hydra Dark Market KrebsOnSecurity The U.S. Federal Bureau of Investigation (FBI) says it has disrupted a giant botnet built and operated by a Russian government intelligence unit known for launching destructive cyberattacks against energy infrastructure in the United States and Ukraine. Read Here »   Broader investment in cybersecurity beginning to pay dividends The Register Improved defenses give organizations more room to negotiate but won't protect from lawsuits, says law firm. Read Here »   Every Step to Simple Online Security NYT Wirecutter Just a few simple steps are enough to drastically reduce your risks online. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » New Android banking malware remotely takes control of your device BleepingComputer A new Android banking malware named Octo has appeared in the wild, featuring remote access capabilities that allow malicious operators to perform on-device fraud. Read Here »   VMware warns of critical remote code execution bug in Workspace ONE Access ZDNet VMware is urging customers to update their software to resolve critical vulnerabilities, including a remote code execution (RCE) bug in Workspace ONE Access. Read Here »   Into the Breach: Breaking Down 3 SaaS App Cyber Attacks in 2022 The Hacker News This blog will review the three breaches based on publicly disclosed information and suggest best practices to minimize the risk of such attacks succeeding against your organization. Read Here »   There are 4 types of bosses. Here’s the one you want to work for—and why experts say they’re the most successful CNBC Make It To better understand what the best managers do to develop employees in today’s busy work environment, we surveyed 5,000 managers from around the world in different functions. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: The Original APT: Advanced Persistent Teenagers      BleepingComputer: FIN7 hacking group 'pen tester' sentenced to 5 years in prison      BleepingComputer: Microsoft: Windows 10 20H2 reaches end of service next month      Ars technica: WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers      USA Today: Over 8 million Cash App users possibly affected by data breach from a former employee      Newstack: The Okta Mess Is Even Worse Than It Appears      The Hacker News: First Malware Targeting AWS Lambda Serverless Platform Discovered      Cyber Scoop: FBI - Cybercrime reports saw 'unprecedented' rise last year, costing nearly $7B      ZDNet: Java Spring4Shell flaw exploit attempts: These are the industries most affected      ZDNet: Thousands of Android users downloaded this password-stealing malware disguised as anti-virus from Google Play