SBS CyberSecurity - In The Wild 304

SBS Newsletter header

 

In The Wild - CyberSecurity Newsletter

Welcome to the 304th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.

Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!

         

{WEBINAR} NAUGHTY OR NICE - WHICH IS YOUR RISK ASSESSMENT?

SBS Educational Resources

Date: Wednesday, December 14

Time: 2:00-3:00 PM CT

During this season of giving, join SBS for this free webinar. We will boil down all of the guidance surrounding the IT risk assessment to what you need to know; discuss the differences between a compliance-based and risk-based assessment, and demonstrate how our TRAC tool can help make your life easier while helping your institution understand its strengths and weaknesses and how to become more proactive when it comes to cybersecurity.

Read Here »  

Banks Plan to Start Reimbursing Some Victims of Zelle Scams

The New York Times

A rule change planned for early next year would shift liability for some losses onto the banks, not their customers.

Read Here »  

A picture containing text, clipart

Description automatically generated

LastPass Suffers Another Security Breach; Exposed Some Customers Information

The Hacker News

Popular password management service LastPass said it's investigating a second security incident that involved attackers accessing some of its customer information.

Read Here »  

FBI: Cuba ransomware raked in $60 million from over 100 victims

BleepingComputer

FBI has observed Cuba ransomware actors continuing to target U.S. entities in the following five critical infrastructure sectors: Financial Services, Government Facilities, Healthcare and Public Health, Critical Manufacturing, and Information Technology.

Read Here »  

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Darknet markets generate millions in revenue selling stolen personal data

ars Technica

It is common to hear news reports about large data breaches, but what happens once your personal data is stolen? Our research shows that, like most legal commodities, stolen data products flow through a supply chain consisting of producers, wholesalers, and consumers.

Read Here »  

Logo

Description automatically generated

A Risky Business: Choosing the Right Methodology

DARKReading

Rather than regarding risk assessment as a negative exercise, consider it one that benefits your organization's aims, and then translate the risk level to its impact on operations, reputation, or finances.

Read Here »  

Image

Rackspace rocked by ‘security incident’ that has taken out hosted Exchange services

The Register

Warns recovery could take several days and pledges better support after customer complaints.

Read Here »  

Image

The Four Foundational Principles of Leadership

Newsweek

Now that we've defined what a leader is, let's take it a step further with the four foundational principles of leadership.

Read Here »

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

*     KrebsonSecurity: ConnectWise Quietly Patches Flaw That Helps Phishers

*     KrebsonSecurity: U.S. Govt. Apps Bundled Russian Code With Ties to Mobile Malware Developer

*     DARKReading: One Year After Log4Shell, Most Firms Are Still Exposed to Attack

*     DARKReading: How Banks Can Upgrade Security Without Affecting Client Service

*     Hackread: Critical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs

*     ars Technica: Never-before-seen malware is nuking data in Russia’s courts and mayors’ offices

*     The New York Times: How a Cyberattack Plunged a Long Island County Into the 1990s

*     BleepingComputer: The Week in Ransomware - December 2nd 2022 - Disrupting Health Care

*     Cybernews: ZIP and RAR named most prevalent malware carrier

*     CybersecurityDIVE: As companies tighten tech spend, demand for cybersecurity services grows

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"