SBS CyberSecurity - In The Wild 276

 

SBS Newsletter header

 

In The Wild - CyberSecurity Newsletter

Welcome to the 276th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.

Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!

         

Blog: The Golden Rule Of Email

SBS Educational Resources

Because of the mass amounts of phishing emails targeting victims every day, it is more important now than ever to remember The Golden Rule of Email.

Read Here »  

Image

7 Key Findings from the 2022 SaaS Security Survey Report

The Hacker News

The 2022 SaaS Security Survey Report, in collaboration with CSA, examines the state of SaaS security as seen in the eyes of CISOs and security professionals in today's enterprises. The report gathers anonymous responses from 340 CSA members to examine not only the growing risks in SaaS security but also how different organizations are currently working to secure themselves.

Read Here »  

Image

Weak Security Controls and Practices Routinely Exploited for Initial Access

Cybersecurity & Infrastructure Security Agency (CISA)

CISA encourages organizations to review Weak Security Controls and Practices Routinely Exploited for Initial Access and apply the recommended mitigations.

Read Here »  

Image

Water companies are increasingly uninsurable due to ransomware, industry execs say

CyberScoop

Insurers are increasingly requiring water utilities to meet stringent cybersecurity requirements to even consider insuring them.

Read Here »  

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Microsoft emergency updates fix Windows AD authentication issues

BleepingComputer

Microsoft has released emergency out-of-band (OOB) updates to address Active Directory (AD) authentication issues after installing Windows Updates issued during the May 2022 Patch Tuesday on domain controllers.

Read Here »  

Phishing Attacks for Initial Access Surged 54% in Q1

DARKReading

For the first time in a year, security incidents involving email compromises surpassed ransomware incidents, a new analysis shows.

Read Here »  

Patch these vulnerable VMware products or remove them from your network, CISA warns federal agencies

ZDNet

Similar VMware flaws came under attack almost immediately last month, warns US security authority - so act fast.

Read Here »  

Image

5 reasons why focusing on the middle will get you to the top

Fast Company

Middle managers can help you stem the resignation tide if you focus on these strategies, according to Comcast Cable’s Steve White.

Read Here »

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

*     KrebsOnSecurity: Senators Urge FTC to Probe ID.me Over Selfie Data

*     KrebsOnSecurity: When Your Smart ID Card Reader Comes With Malware

*     CISA: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control

*     CISA: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

*     GovInfoSecurity: DOJ Revises Policy for Good-Faith Security Researchers

*     The Record: Russian government procured powerful botnet to shift social media trending topics

*     Fedscoop: Pentagon updates timeline for CMMC cybersecurity initiative

*     BleepingComputer: Conti ransomware shuts down operation, rebrands into smaller units

*     BleepingComputer: The Week in Ransomware - May 20th 2022 - Another one bites the dust

*     ZDNet: This phishing attack delivers three forms of malware. And they all want to steal your data

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"