SBS CyberSecurity - In The Wild 284

 

In The Wild - CyberSecurity Newsletter Welcome to the 284th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Hacker Hour: Beyond Baseline - Revisiting the FFIEC Cybersecurity Assessment Tool SBS Educational Resources Date: July 20th Time: 2:00-3:00 PM CT Join SBS as we revisit how you can get the most out of your FFIEC CAT data and discuss the most common missed questions that prevent organizations from moving from baseline to evolving maturity. Read Here »   Experian, You Have Some Explaining to Do KrebsOnSecurity Twice in the past month KrebsOnSecurity has heard from readers who had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. Read Here »   LendingTree denies connection to data breach affecting 200,000, but confirms a different one The Record Reports emerged in recent weeks of cybercriminals selling sensitive information purporting to be from applications originating from LendingTree, which connects customers to lenders. Read Here »   A ransomware attack on a debt collection firm is one of 2022’s biggest health data breaches Tech Crunch A ransomware attack on a little-known debt collection firm that serves hundreds of hospitals and medical facilities across the U.S. could be one of the biggest data breaches of personal and health information this year. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » What these two companies learned from their cyberattack experiences ZDNet Some form of cyberattack at your company is almost inevitable these days. Here's what two organizations learned from their experiences. Read Here »   Cyberinsurers looking for new risk assessment models Tech Republic As ransomware attacks increase, a number of difficulties have risen for cyberinsurers that will need to be addressed swiftly. Read Here »   CISA orders agencies to patch new Windows zero-day used in attacks BleepingComputer CISA has added an actively exploited local privilege escalation vulnerability in the Windows Client/Server Runtime Subsystem (CSRSS) to its list of bugs abused in the wild. Read Here »   Use These Strategies to Dominate Your Scattered Brain Lifekhacker All the tricks you need for decluttering your brain and organizing your thoughts. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: Microsoft Patch Tuesday, July 2022 Edition      Ars Technica: Ongoing phishing campaign can hack you even when you’re protected with MFA      CNBC: ‘Hackers love it’ when you make these 6 biggest password mistakes, says security expert      Motherboard: Complaints to Government Show Americans’ Slow Descent Into Madness Over Spam Calls      The Guardian: ‘Lives are at stake’ - hacking of US hospitals highlights deadly risk of ransomware      ZDNet: Ransomware is hitting one sector particularly hard, and the impact is felt by everyone      DarkReading: How Hackers Create Fake Personas for Social Engineering      The Hacker News: North Korean Hackers Targeting Small and Midsize Businesses with H0lyGh0st Ransomware      BleepingComputer: Microsoft investigates July updates breaking Access applications      DARKReading: Why Browser Vulnerabilities Are a Serious Threat — and How to Minimize Your Risk