SBS CyberSecurity - In The Wild 292

 

In The Wild - CyberSecurity Newsletter Welcome to the 292nd  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           THREAT ADVISORY: ONLINE BANKING ADVANCED SOCIAL ENGINEERING SBS Educational Resources SBS CyberSecurity has been made aware of an attack on customer online banking accounts. Read Here »   Unhappy about excluding nation-state attacks from cyberinsurance? Get ready to pay The Register Lloyd's defends stance as critics say policy tweaks make it less worthwhile to spend on premiums. Read Here »   Healthcare fintechs targeted by cybercriminals Cybersecurity Dive Cybersecurity professionals say healthcare payments processing firms are particularly vulnerable to information technology breaches and ransom demands. Read Here »   Ransomware gangs switching to new intermittent encryption tactic BleepingComputer A growing number of ransomware groups are adopting a new tactic that helps them encrypt their victims’ systems faster while reducing the chances of being detected and stopped. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » The second-biggest school district in the US was hit with ransomware ZDNet School opened as planned on Tuesday, while LA Unified worked with local law enforcement and a number of federal agencies to respond to the attack. Read Here »   6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged The Hacker News Security threats are always a concern when it comes to APIs. API security can be compared to driving a car. You must be cautious and review everything closely before releasing it into the world. Read Here »   GIFShell attack creates reverse shell using Microsoft Teams GIFs BleepingComputer A new attack technique called ‘GIFShell’ allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs. Read Here »   5 Reasons Why The Best Leaders Do This When They Make A Mistake Forbes They know the best thing to do when you make a mistake is to be accountable and own it immediately. Here are five reasons why: Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: Transacting in Person with Strangers from the Internet      The Register: US school year opens with reading, writing, and ransomware      The Register: LockBit gang hit by DDoS attack after threatening to leak Entrust ransomware data      Bleeping Computer: FBI warns of Vice Society ransomware attacks on school districts      Tripwire: How to Correctly Classify Your Data in 2022      Tripwire: How Penetration Testing can help prevent Ransomware Attacks      The Record: Four vulnerabilities discovered in popular infusion pumps, WiFi batteries      The Hacker News: Microsoft Warns of Ransomware Attacks by Iranian Phosphorus Hacker Group      The Hacker News: Prynt Stealer Contains a Backdoor to Steal Victims' Data Stolen by Other Cybercriminals      DARKReading: Microsoft, Cloud Providers Move to Ban Basic Authentication