SBS CyberSecurity - In The Wild 303

 

In The Wild - CyberSecurity Newsletter Welcome to the 303rd issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           {WEBINAR} NAUGHTY OR NICE - WHICH IS YOUR RISK ASSESSMENT? SBS Educational Resources Date: Wednesday, December 14 Time: 2:00-3:00 PM CT During this season of giving, join SBS for this free webinar. We will boil down all of the guidance surrounding the IT risk assessment to what you need to know; discuss the differences between a compliance-based and risk-based assessment, and demonstrate how our TRAC tool can help make your life easier while helping your institution understand its strengths and weaknesses and how to become more proactive when it comes to cybersecurity. Read Here »   80% of SMBs Are Vulnerable — Here’s How to Stay Safe Tripwire It would be nice to imagine that when cyber criminals look for their next target, they ignore the small- and medium-sized businesses (SMBs) that simply can’t afford an attack. Unfortunately, that’s not the case. In fact, 43% of cyber attacks are directed at SMBs. Read Here »   U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk The Hacker News The U.S. Federal Communications Commission (FCC) formally announced it will no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an "unacceptable" national security threat. Read Here »   5.4 million Twitter users' stolen data leaked online — more shared privately BleepingComputer Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Warning: This scam starts with a fake invoice. It could end with crooks stealing your data ZDNet Social engineering and phony call centers are used to trick victims into installing remote software. Then the gang steals data and threatens to leak it. Read Here »   Cyber Due Diligence in M&As Uncovers Threats, Improves Valuations DARKReading To get the full picture, companies need to look into the cybersecurity history and practices of the business they're acquiring. Read Here »   'iSpoof' service dismantled, main operator and 145 users arrested BleepingComputer iSpoof offered cybercriminals so-called "spoofing" servers which allowed them to mask their phone numbers with one belonging to a trusted organization, making it appear to the victims as if their bank called them. Read Here »   4 Steps Anyone Can Take To Become a Leader Entrepreneur Each one of us has the innate ability to lead. It's how we nurture that ability that determines whether or not we make it as successful leaders. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      ars Technica: Thinking about taking your computer to the repair shop? Be very afraid      The Hacker News: Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware      The Hacker News: Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike      Hackread: 42,000 phishing domains discovered masquerading as popular brands      The Wall Street Journal: Hot Market for Cyber Insurance Begins to Stabilize      Techspot: A security firm hacked malware operators, locking them out of their own C&C servers      CNN Business: The federal government just took another big swipe at illegal robocalls      Data Breach Today: Chinese APT Using Google Drive, Dropbox to Drop Malware      Cybernews: WhatsApp data leak: 500 million user records for sale      CNBC: Microsoft’s latest data on hacks and why you may need new login, passwords fast