SBS CyberSecurity - In The Wild 298

 

In The Wild - CyberSecurity Newsletter Welcome to the 298th issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Hacker Hour: Cybersecurity Awareness Month Round Table SBS Educational Resources Date: Wednesday, October 26 Time: 2:00 - 3:00 PM CT We would like to invite you to join SBS in celebrating National Cybersecurity Awareness Month with a security awareness round table. Join us as we share the greatest tips and tricks to train employees, customers, senior management/board, and your family. Read Here »   Majority of Board Members Feel Their Organization Is at Risk of a Cyber Attack, but Almost Half Feel They Are Unprepared CPO Magazine Cybersecurity firm Proofpoint’s “2022 Board Perspective” finds that while most executive boards are now aware of the risks to their companies from cyber attacks, a worrying amount remain unprepared. Read Here »   4 tips to protect IT employees from phishing attacks Cybersecurity Dive No one is perfect, and that includes your IT professionals. Here’s what security experts say could help mitigate human error. Read Here »   After the Sullivan Verdict: A CISO's Guide to Avoiding Jail infoRiskToday Guilty Verdict for Breach Cover-Up a Reminder to Maintain Playbooks, Legal Cover. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » This sneaky kind of cybercrime rules them all The Washington Post As ransomware steals the headlines, another kind of cybercrime is quietly making off with far, far more money — and there are signs it’s on the rise, too. Read Here »   Experts Warn of Stealthy PowerShell Backdoor Disguising as Windows Update The Hacker News Details have emerged about a previously undocumented and fully undetectable (FUD) PowerShell backdoor that gains its stealth by disguising itself as part of a Windows update process. Read Here »   Hackers exploit critical VMware flaw to drop ransomware, miners BleepingComputer Security researchers observed malicious campaigns leveraging a critical vulnerability in VMware Workspace One Access to deliver various malware, including the RAR1Ransom tool that locks files in password-protected archive. Read Here »   5 Ways To Effectively Manage Business Crises According To Darrell Johnson Influencive Crisis management expert Darrell Tracy Johnson explains what business crises entail and five ways to manage them effectively. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      KrebsOnSecurity: How Card Skimming Disproportionally Affects Those Most In Need      KrebsOnSecurity: Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn      DARKReading: List of Common Passwords Accounts for Nearly All Cyberattacks      DARKReading:Microsoft Data-Exposure Incident Highlights Risk of Cloud Storage Misconfiguration      BleepingComputer: Exploited Windows zero-day lets JavaScript files bypass security warnings      BleepingComputer: The Week in Ransomware - October 21st 2022 - Stop the Presses      Ars Technica: VMware bug with 9.8 severity rating exploited to install witch’s brew of malware      infoRiskToday: US CISA Official: - 'Forcefully Nudge' Users to Adopt MFA      The Hacker News: Hackers Started Exploiting Critical "Text4Shell" Apache Commons Text Vulnerability      Security Intelligence: What Experts Had To Say About the 2022 Cost of a Data Breach Report