SBS CyberSecurity - In the Wild 271

 


SBS Newsletter header

 

In The Wild - CyberSecurity Newsletter

Welcome to the 271st issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.

Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!

         

Behind the Hack: How Employee Handling of Phishing Emails Can Allow a Hacker Inside Your Network

SBS Educational Resources

During a recent social engineering assessment, an SBS CyberSecurity network security engineer was able to gain internal network access from a phishing email. Here’s a brief overview of how the issue was identified and controls that could have helped secure the network.

Read Here »  

Microsoft Patch Tuesday, April 2022 Edition

KrebsOnSecurity

Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National Security Agency (NSA).

Read Here »  

Image

CISA orders agencies to fix actively exploited VMware, Chrome bugs

BleepingComputer

The Cybersecurity and Infrastructure Security Agency (CISA) has added nine more security flaws to its list of actively exploited bugs, including a VMware privilege escalation flaw and a Google Chrome zero-day that could be used for remote code execution.

Read Here »  

Cybercriminals do their homework for latest banking scam

The Register

What could be safer than sending money to yourself through your own bank?

Read Here »  

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software

The Hacker News

Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller (WLC) that could be abused by an unauthenticated, remote attacker to take control of an affected system.

Read Here »  

The high price of free Wi-Fi: Here's why you never connect to an insecure network

ZDNet

If you work on the go, the last thing you should do is connect to an insecure wireless network. Jack Wallen explains.

Read Here »  

Image

Hospital robot system gets five critical security holes patched

Naked Security

Researchers at healthcare cybersecurity company Cynerio just published a report about five cybersecurity holes they found in a hospital robot system called TUG.

Read Here »  

Image

Leadership Bias: 12 cognitive biases to become a decisive leader

EHL Insights

This article uncovers 12 types of cognitive leadership biases that will help make your decisions and judgement more accurate and relevant in your place of work.

Read Here »

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

*     KrebsOnSecurity: RaidForums Gets Raided, Alleged Admin Arrested

*     KrebsOnSecurity: Double-Your-Crypto Scams Share Crypto Scam Host

*     Bleeping Computer: Karakurt revealed as data extortion arm of Conti cybercrime syndicate

*     BleepingComputer: Microsoft: Office 2013 will reach end of support in April 2023

*     ZDNet: Clueless hackers spent months inside a network and nobody noticed. But then a ransomware gang turned up

*     ZDNet: Terrible cloud security is leaving the door open for hackers. Here's what you're doing wrong

*     DARK Reading: Creating a Security Culture Where People Can Admit Mistakes

*     Cyber Scoop: DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii

*     The Hacker News: U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware

*     Threat Post: SSRF Flaw in Fintech Platform Allowed for Compromise of Bank Accounts

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"