Hey Cyber friends,
Start your work week off at full speed with actionable intel on the top 3 cybersecurity news stories from last week for each audience you need to engage (end users, peers, executives).
If you like what you see and think others might get value, forward this email to them.
FOR YOUR END-USERS
Microsoft Office Mail Scam
Cybersecurity consultant Martin Pitman received a call from his mother, letting him know that a neighbor had received what appeared to be an Office 365 product in the mail, with a USB stick to install the productivity suite.
HOW YOU CAN USE THIS!
Notify your end users for their own knowledge and to share with friends and family that unsolicited USB drives received in the mail is an attack vector and bad guys sending them out to ultimately rob people. DO NOT PLUG IN USB DRIVES YOU GET IN THE MAIL.
Hear my live analysis on this story here.
Get the CISO Series full article here.
FOR YOUR PEERS
Over 9,000 VNC servers exposed online without a password
Researchers from Cyble have discovered at least 9,000 internet-exposed VNC (virtual network computing) endpoints that can be accessed without authentication.
HOW YOU CAN USE THIS!
Scan your external IP ranges or use Shodan.io and validate only approved remote access points are accessible, and that ALL require some type of credential.
Hear my live analysis on this story here.
Get the CISO Series full article here.
FOR YOUR EXECUTIVES
A new version of BlackByte ransomware uses LockBit inspired extortion techniques
Along with the release of Version 2.0, the BlackByte ransomware gang is offering some novelties to its extortion service. These include allowing victims to pay $5,000 to postpone the leaking of their data by 24 hours, download the data for $200,000, or destroy all the data by paying a $300,000 ransom.
HOW YOU CAN USE THIS!
Ransomware awareness should be a top line issue for your executives already. Share with your leadership this evolution of the extortion crime and to revisit any protect or recovery budget, plans, and controls in place or need to be put in place.
Hear my live analysis on this story here.
Get the CISO Series full article here.
Thanks to the CISO Series podcast and you can subscribe to Cyber Security Headlines here: https://cisoseries.com/category/podcast/cyber-security-headlines/
Let’s make this utility valuable to our entire community!
I've got nearly 2 decades of industry experience and how I would operationalize this news, I'm sharing it as my thoughts the same I would over a coffee.
Thank you so much and see you next Monday!
Gerry
Want to get this content in your Monday morning email, so its the most timely. Click the button below to get it!