SBS CyberSecurity - In The Wild 300

 

SBS Newsletter header

 

In The Wild - CyberSecurity Newsletter

Welcome to the 300th issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.

Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!

         

LOG4J Status Update

SBS Educational Resources

Remember Log4j… that December 2021 vulnerability that had us all doing deep dives into our applications to seek out the critical vulnerability? Heading into late 2022 we can rest easy knowing that has been put to rest, right? Well, not really.

Read Here »  

Logo

Description automatically generated

The Top 4 Mistakes in Security Programs to Avoid

DARKReading

Overlooking even just a single security threat can severely erode a company’s community and consumer confidence, tarnish reputation and brand, negatively impact corporate valuations, provide competitors with an advantage, and create unwanted scrutiny.

Read Here »  

Image

US Treasury- Financial institutions reported $1.2 billion in ransomware losses in 2021

The Record

In all, the cost of incidents reported last year under the Bank Secrecy Act jumped to $1.2 billion, from $416 million the year before.

Read Here »  

Phishing-as-a-Service Platform Offers MFA Bypass for $1500

infoRiskToday

Phishing-as-a-Service platform Robin Banks is offering a cookie-stealing feature that cybercriminals can purchase as an add-on to the phishing kit in order to bypass multi-factor authentication in attacks.

Read Here »  

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Image

FBI and CISA: Here's what you need to know about DDoS attacks

ZDNet

Agencies say guidance will help organizations to understand and respond to DDoS attacks.

Read Here »  

Image

FTC slams Chegg for chronic, ‘careless security’

Cybersecurity Dive

Chegg, which the FTC accused of “careless security,” is the second firm to be held accountable by the federal agency for cybersecurity shortcomings in the last week.

Read Here »  

New Crimson Kingsnake gang impersonates law firms in BEC attacks

BleepingComputer

A business email compromise (BEC) group named 'Crimson Kingsnake' has emerged, impersonating well-known international law firms to trick recipients into approving overdue invoice payments.

Read Here »  

Image

12 Best Foods to Eat for Brain Health

CNET

Keep your brain healthy and happy with these nutrient-rich foods.

Read Here »

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

*     KrebsonSecurity: LinkedIn Adds Verified Emails, Profile Creation Dates

*     KrebsonSecurity: Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

*     CyberScoop: Insurance giant settles NotPetya lawsuit, signaling cyber insurance shakeup

*     CISA: Implementing Phishing-Resistant MFA

*     CISA: Implementing Number Matching in MFA Applications

*     Cybersecurity Dive: What is phishing-resistant multifactor authentication? It’s complicated.

*     Cybersecurity Dive: U.S. Bank data breach impacts 11K customers

*     DarkReading: Microsoft Warns on Zero-Day Spike as Nation-State Groups Shift Tactics

*     BleepingComputer: Microsoft rolls out fix for Outlook disabling Teams Meeting add-in

*     Spiceworks: Managing Data Lifecycle for Financial Services Companies

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"