SBS CyberSecurity - In The Wild 285

 

In The Wild - CyberSecurity Newsletter Welcome to the 285th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Blog: The Golden Rule Of Email SBS Educational Resources Because of the mass amounts of phishing emails targeting victims every day, it is more important now than ever to remember The Golden Rule of Email. Read Here »   Massive Losses Define Epidemic of ‘Pig Butchering’ KrebsOnSecurity U.S. state and federal investigators are being inundated with reports from people who’ve lost hundreds of thousands or millions of dollars in connection with a complex investment scam known as “pig butchering,” wherein people are lured by flirtatious strangers online into investing in cryptocurrency trading platforms that eventually seize any funds when victims try to cash out. Read Here »   New Cyber Safety Review Board Report: Log4j Vulnerability Is “Endemic,” Expect It To Be Exploited Into the 2030s CPO Magazine The Cyber Safety Review Board, a cybersecurity incident review panel staffed by members from both federal agencies and the private sector, has completed a 40-page study of the Log4j vulnerability that suggests it will be a problem for organizations for a very long time. Read Here »   NIST Updates Guidance for Health Care Cybersecurity National Institute of Standards and Technology (NIST) In an effort to help health care organizations protect patients’ personal health information, the National Institute of Standards and Technology (NIST) has updated its cybersecurity guidance for the health care industry. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » The biggest cyber-crime threat is also the one that nobody wants to talk about ZDNet The FBI warns that $43 billion has been lost to these attacks alone, so why is this threat so often forgotten? Read Here »   The Kronos Ransomware Attack: What You Need to Know So Your Business Isn't Next DARKReading Identify your business's security posture and head off ransomware attacks with third-party risk management and vendor security assessments. Read Here »   Massive Microsoft 365 outage caused by faulty ECS deployment BleepingComputer In a preliminary post-incident report, Microsoft has revealed that this week's 5-hour-long Microsoft 365 worldwide outage was triggered by a faulty Enterprise Configuration Service (ECS) deployment that led to cascading failures and availability impact across multiple regions. Read Here »   3 Principles of People-First Leadership Entrepreneur Success in business hinges on your people and putting them first. Here's how to do it. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: A Deep Dive Into the Residential Proxy Service ‘911      BleepingComputer: Digital security giant Entrust breached by ransomware gang      BleepingComputer: Hackers steal 50,000 credit cards from 300 U.S. restaurants      VentureBeat: Hackers leaked two billion usernames and passwords in 2021      CNN: FBI investigation determined Chinese-made Huawei equipment could disrupt US nuclear arsenal communications      Politico: Why suspected Chinese spy gear remains in America’s telecom networks      CISA: Updated Advisory on Cyber Actors Continued Exploitation of Log4Shell in VMware Horizon Systems      HP Threat Research Blog: The Evolution of Cybercrime- Why the Dark Web is Supercharging the Threat Landscape and How to Fight Back      9To5Mac: Twitter data breach exposes contact details for 5.4M accounts; on sale for $30k      The Hacker News: SonicWall Issues Patch for Critical Bug Affecting its Analytics and GMS Products