A couple of good reads to start for anyone that has cyber insurance. Be sure you are doing your part so that you don’t put your ability to make a claim at risk. Also, NIST provides new guidance on passwords that is surprising to many. Finally, an HR malware scam is both clever and scary!
General
- Strategies to Avoid Cyber Insurance Claim Challenges: Part I
- Strategies to Avoid Cyber Insurance Claim Challenges: Part II
- NIST Drops Password Complexity, Mandatory Reset Rules – It is important to note that you should follow ALL the NIST guidance. Only picking a subset could leave you more vulnerable.
Cyber Attacks
- GenAI Writes Malicious Code to Spread AsyncRAT – GenAI can make writing code easy! Unfortunately, you may get more “functionality” than you bargained for…
- Dell Hit by Third Data Leak in a Week Amid Cyberattacks – it is unfortunate, but this is far too common. Especially if the organization rushes to restore services.
- Cybercriminals target transportation companies with malware via BEC – Another Business Email Compromise (BEC) where attackers gain access to a legitimate email account and then abuse it to scam partners of that business.
- Dallas suburb working with FBI to address attempted ransomware attack
- Kuwait Health Ministry restoring systems after attack takes down hospitals, app
- Crucial Texas hospital system turning ambulances away after ransomware attack
- Dutch Police: ‘State actor’ likely behind recent data breach
- Detroit-area government services impacted by cyberattack
Vulnerabilities, Malware, & Patches
- Avast Antivirus users should patch immediately
- Attackers Targeting Recruiters With More_Eggs Backdoor – Threat actors posing as job applicants and delivering their payloads via fake resumes.
Phishy Phirewalls – the lighter side of IT!
From the Horse’s Mouth: Cybersecurity Pros’ Favorite InfoSec Quotes – This week, a link to Information Security quotes! A couple of my favorites:
- “Don’t pet strange dogs.” In other words, if you do not KNOW that link is safe, don’t click on it.
- “Given the choice between dancing pigs and security, users will pick dancing pigs every time.”
HopeNet (HopeNetCISO.com) reviews a variety of security news sources so you do not have to! This list is curated specifically for churches, nonprofits, and other Organizations of Hope. The headlines and our added comments are meant to provide enough to get an overview of recent happenings, but links are also provided for readers that want to explore certain topics deeper.
If this was shared with you and you would like to receive a copy directly to your email, please subscribe at HopeNetCISO.com. Also, check out the Services section of our site for ways we can help! Thanks for reading!