SBS CyberSecurity - In The Wild 293

 

In The Wild - CyberSecurity Newsletter Welcome to the 293rd issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           {DOWNLOAD} MICROSOFT 365 SECURITY SUGGESTIONS SBS Educational Resources Are you concerned about the security of Microsoft 365? Follow these suggestions to improve the overall security of your instance. Read Here »   Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday KrebsOnSecurity This month’s Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Read Here »   Critical zero-days make September's Patch Tuesday a 'Patch Now' release Computerworld Microsoft focused on Windows with this month's big patch release, pushing out 63 updates affecting the operating system, Microsoft Office and the Visual Studio and .NET platforms. The release came amid reports of three publicly exploited vulnerabilities. Read Here »   LastPass says hackers had internal access for four days BleepingComputer LastPass says the attacker behind the August security breach had internal access to the company's systems for four days until they were detected and evicted. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Uber security breach 'looks bad', potentially compromising all systems ZDNet Hacker is believed to have breached Uber's entire network in a social engineering attack, which one security vendor says is more extensive than the company's 2016 global data breach and access logs potentially altered. Read Here »   5 Ways to Mitigate Your New Insider Threats in the Great Resignation The Hacker News High employee turnover increases security risks, and companies are more vulnerable to attacks from human factors worldwide. Read Here »   Zoom outage left users unable to sign in or join meetings BleepingComputer According to an incident posted on Zoom's service status page, the company confirmed issues starting and joining meetings and video sessions. Read Here »   101 Time Management Tips to Make You the Most Productive Boss Ever Calendar Here are 101 tips that will help every leader master their time management skills so that they can become the most productive boss ever. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: Say Hello to Crazy Thin ‘Deep Insert’ ATM Skimmers       KrebsOnSecurity: Botched Crypto Mugging Lands Three U.K. Men in Jail      Computerworld: Sadly, IT can no longer trust geolocation for much of anything      Bleeping Computer: Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs      The Salt Lake Tribune: $1.13M stolen from Eagle Mountain City in ‘organized cybercrime’ scheme      Tripwire: Top Phishing and Social Media Threats: Key Findings from the Quarterly Threat Trends & Intelligence Report      The Record: Texas hospital still bringing systems back online after Sept 1 ransomware attack      The Hacker News: Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks      SecurityIntelligence: New Report Finds Businesses Still Introducing Security Risk into Cloud Environments      DARKReading: DDoS Attack Against Eastern Europe Target Sets New Record