SBS CyberSecurity - In The Wild 289

 

In The Wild - CyberSecurity Newsletter Welcome to the 289th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Hacker Hour: Locking Down Microsoft 365 Date: Tuesday, August 30 Time: 2:00 - 3:00 PM CT SBS Educational Resources If your organization has implemented or researched Microsoft 365, you know there are various licensing options available, including Outlook, Teams, SharePoint, Intune, and more. It is essential to understand default controls and which controls need to be modified to lock down the security posture of your environment. Join SBS as we identify and understand basic and advanced Microsoft 365 features and how they can impact your security. Read Here »   When Efforts to Contain a Data Breach Backfire KrebsOnSecurity Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. The missive alleged that an auction on the site for data stolen from 10 million customers of Mexico’s second-largest bank was fake news and harming the bank’s reputation. Read Here »   People Ignore Fear-Based Security Rules; Let's Protect Them Anyway PC Magazine Cybersecurity solutions that require everyone to change their behavior just don’t work. Instead, we should work to reduce the harm done to and by those who won’t give up risky behaviors. Read Here »   Ransomware attacks are hitting small businesses. These are experts' top defense tips NPR In 2021, U.S. government officials, academics, and members of think-tanks and the private sector formed the Ransomware Task Force. Its latest report was published in early August with the help of the Center for Internet Security. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Google - Here's how we blocked the largest web DDoS attack ever ZDNet Google Cloud says it protected one customer from a Mēris botnet attack that peaked at 46 million requests per second. Read Here »   Malicious Browser Extensions Targeted Over a Million Users So Far This Year The Hacker News More than 1.31 million users attempted to install malicious or unwanted web browser extensions at least once, new findings from cybersecurity firm Kaspersky show. Read Here »   The Week in Ransomware - August 19th 2022 - Evolving extortion tactics BleepingComputer This week saw the return of the BlackByte ransomware operation, which launched a new data leak site using extortion tactics similar to LockBit 3.0. Read Here »   3 Things You Will Never Hear a Good Leader Say Inc. Actions speak louder than words, but how you address your team can still define your leadership. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: PayPal Phishing Scam Uses Invoices Sent Via PayPal       CISA: Seven Known Exploited Vulnerabilities Added to Catalog      ZDNet: Hackers are finding ways around multi-factor authentication. Here's what to watch for      ZDNet: Safeguard your iPhones, iPads and Macs: Apply these security updates now      Cybernews: Mailchimp admits to being hijacked      BleepingComputer: LockBit claims ransomware attack on security giant Entrust, leaks data      CNET: Capital One $190 Million Data Breach Settlement: Are You Eligible for a Payment?      Threat Post: Google Patches Chrome’s Fifth Zero-Day of the Year      Threat Post: Black Hat and DEF CON Roundup      DARKReading: Easing the Cyber-Skills Crisis With Staff Augmentation