SBS CyberSecurity - In The Wild 296

 

In The Wild - CyberSecurity Newsletter Welcome to the 296th issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           FFIEC UPDATE TO CYBERSECURITY RESOURCE GUIDE SBS Educational Resources The Federal Financial Institutions Examination Council (FFIEC) has recently updated the October 2018 Cybersecurity Resource Guide to stay up to date with the changing cybersecurity landscape. Read Here »   Report- Big U.S. Banks Are Stiffing Account Takeover Victims KrebsOnSecurity New data released this week suggests that for some of the nation’s largest banks, reimbursing account takeover victims has become more the exception than the rule. Read Here »   Ransomware attack delays patient care at hospitals across the U.S. NBC News One of the largest hospital chains in the U.S. was hit with a suspected ransomware cyberattack this week, leading to delayed surgeries, hold ups in patient care and rescheduled doctor appointments across the country. Read Here »   Moody's turns up the heat on 'riskiest' sectors for cyberattacks The Register $22 trillion of global rated debt has 'high' or 'very high' cyber-risk exposure. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Microsoft warns of password attacks against Exchange Online, here's what you need to do ZDNet SMTP and IMAP are by far the most common protocols abused by password-spraying attacks. Read Here »   Microsoft struggles to mitigate Exchange Server CVEs as it races to complete patch Cybersecurity Dive Security researchers have repeatedly called out the company on interim measures that were quickly bypassed. Read Here »   Fortinet warns admins to patch critical auth bypass bug immediately BleepingComputer Fortinet has warned administrators to update FortiGate firewalls and FortiProxy web proxies to the latest versions, which address a critical severity vulnerability. Read Here »   Your guide to leadership styles The Ladders In this guide to leadership styles, we’ll take a look at six of the most common styles of leadership. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: Glut of Fake LinkedIn Profiles Pits HR Against the Bots      BleepingComputer: US govt shares top flaws exploited by Chinese hackers since 2020      BleepingComputer: The Week in Ransomware - October 7th 2022 - A 20 year sentence      CyberSecurityDIVE: Security to take an outsized role in IT spending in 2023      CyberSecurityDIVE: CommonSpirit’s ‘IT security incident’ was likely cyberattack, security experts say      The Hacker News: Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities      ZDNet: Ransomware- This is how half of attacks begin, and this is how you can stop them      ZDNet: This sneaky fraud attack looks like an email forwarded by your boss      InfoSecurity: Russian Sanctions Instigator Lloyd's Possibly Hit by Cyber-Attack      Tripwire: CISA orders federal agencies to catalog their networks, and scan for bugs