SBS CyberSecurity - In The Wild 303

 

SBS Newsletter header

 

In The Wild - CyberSecurity Newsletter

Welcome to the 303rd issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.

Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!

         

{WEBINAR} NAUGHTY OR NICE - WHICH IS YOUR RISK ASSESSMENT?

SBS Educational Resources

Date: Wednesday, December 14

Time: 2:00-3:00 PM CT

During this season of giving, join SBS for this free webinar. We will boil down all of the guidance surrounding the IT risk assessment to what you need to know; discuss the differences between a compliance-based and risk-based assessment, and demonstrate how our TRAC tool can help make your life easier while helping your institution understand its strengths and weaknesses and how to become more proactive when it comes to cybersecurity.

Read Here »  

Image

80% of SMBs Are Vulnerable — Here’s How to Stay Safe

Tripwire

It would be nice to imagine that when cyber criminals look for their next target, they ignore the small- and medium-sized businesses (SMBs) that simply can’t afford an attack. Unfortunately, that’s not the case. In fact, 43% of cyber attacks are directed at SMBs.

Read Here »  

A picture containing text, clipart

Description automatically generated

U.S. Bans Chinese Telecom Equipment and Surveillance Cameras Over National Security Risk

The Hacker News

The U.S. Federal Communications Commission (FCC) formally announced it will no longer authorize electronic equipment from Huawei, ZTE, Hytera, Hikvision, and Dahua, deeming them an "unacceptable" national security threat.

Read Here »  

5.4 million Twitter users' stolen data leaked online — more shared privately

BleepingComputer

Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum.

Read Here »  

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Image

Warning: This scam starts with a fake invoice. It could end with crooks stealing your data

ZDNet

Social engineering and phony call centers are used to trick victims into installing remote software. Then the gang steals data and threatens to leak it.

Read Here »  

Logo

Description automatically generated

Cyber Due Diligence in M&As Uncovers Threats, Improves Valuations

DARKReading

To get the full picture, companies need to look into the cybersecurity history and practices of the business they're acquiring.

Read Here »  

'iSpoof' service dismantled, main operator and 145 users arrested

BleepingComputer

iSpoof offered cybercriminals so-called "spoofing" servers which allowed them to mask their phone numbers with one belonging to a trusted organization, making it appear to the victims as if their bank called them.

Read Here »  

4 Steps Anyone Can Take To Become a Leader

Entrepreneur

Each one of us has the innate ability to lead. It's how we nurture that ability that determines whether or not we make it as successful leaders.

Read Here »

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

*     ars Technica: Thinking about taking your computer to the repair shop? Be very afraid

*     The Hacker News: Microsoft Warns of Hackers Using Google Ads to Distribute Royal Ransomware

*     The Hacker News: Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike

*     Hackread: 42,000 phishing domains discovered masquerading as popular brands

*     The Wall Street Journal: Hot Market for Cyber Insurance Begins to Stabilize

*     Techspot: A security firm hacked malware operators, locking them out of their own C&C servers

*     CNN Business: The federal government just took another big swipe at illegal robocalls

*     Data Breach Today: Chinese APT Using Google Drive, Dropbox to Drop Malware

*     Cybernews: WhatsApp data leak: 500 million user records for sale

*     CNBC: Microsoft’s latest data on hacks and why you may need new login, passwords fast

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"