SBS CyberSecurity - In The Wild 275

 

In The Wild - CyberSecurity Newsletter Welcome to the 275th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Hacker Hour: Introduction to Zero Trust SBS Educational Resources Tuesday, May 17  |  2:00-3:00 PM CT Join SBS as we break down the principles of building a zero trust environment and how this framework can prevent data breaches, limit internal lateral movement, and improve an organization’s security posture. Read Here »   Microsoft Patch Tuesday, May 2022 Edition KrebsOnSecurity Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software. This month’s patch batch includes fixes for seven “critical” flaws, as well as a zero-day vulnerability that affects all supported versions of Windows. Read Here »   Capital One Data Breach $190M Class Action Settlement Top Class Actions The settlement benefits around 98 million Capital One customers whose information was compromised as part of the 2019 data breach. Read Here »   Beware of state actors stepping up attacks on managed service providers ZDNet Cyber agencies advise users to check contracts to ensure providers have sufficient security controls in place. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » The Week in Ransomware - May 13th 2022 - A National Emergency BleepingComputer While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide. Read Here »   CISA Urges Organizations to Patch Actively Exploited F5 BIG-IP Vulnerability The Hacker News The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the recently disclosed F5 BIG-IP flaw to its Known Exploited Vulnerabilities Catalog following reports of active abuse in the wild. Read Here »   Colonial Pipeline facing $1,000,000 fine for poor recovery plans Naked Security by Sophos Now, Colonial looks set to be hit by a further demand for money, this time in the form of a $986,400 civil penalty proposed by the US Department of Transportation. Read Here »   Everything You Need to Know About ‘Managing Up’ – And How To Do It Right Hive Managing down is all about being a good boss to your team. Managing up is all about being a good report to your boss. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: DEA Investigating Breach of Law Enforcement Data Portal      WeLiveSecurity: Common LinkedIn scams- Beware of phishing attacks and fake job offers      Yahoo!Finance: A US college is shutting down for good following a ransomware attack      The Register: Software patching must work like car safety recalls, says US cyber boss      Federal News Network: Tabletop exercises to put CMMC 2.0 through the paces      BleepingComputer: SonicWall ‘strongly urges’ admins to patch SSLVPN SMA1000 bugs      BleepingComputer: Eternity malware kit offers stealer, miner, worm, ransomware tools      The Hacker News: Android and Chrome Users Can Soon Generate Virtual Credit Cards to Protect Real Ones      ZDNet: How to delete yourself from internet search results and hide your identity online      ZDNet: Cybersecurity has a desperate skills crisis. Rural America could have the answer