Cyber Weekly Newsletter

The?weekly?Security, Tech and Cybercrime?newsletter from Riskigy's vCISO Cybersecurity team

Cybersecurity awareness tips and alerts from Riskigy to empower your team to?#BeCyberSmart #CyberAware

This Weeks Need-to-Know News and Alerts

??SEC announced proposed rules?that would require broker-dealers, clearing agencies and other financial services providers to implement procedures to boost their ability to manage cybersecurity risks.?https://buff.ly/3lny2ly

??Proof-of-concept exploits for vulnerabilities in?Netgear Orbi 750 series router and extender satellites have been released, with one flaw a critical severity remote command execution bug.?https://buff.ly/3lq8q7O

??NCUA Finalizes New Cybersecurity Incident Reporting Rule for?Federally Insured Credit Unions. It will take effect September 1, 2023 giving credit unions 6 months to update their data incident response teams, policies, and procedures.?https://buff.ly/3LDmPYK

??A trojanized version of the legitimate?ChatGPT extension for Chrome?is gaining popularity on the Chrome Web Store, accumulating over 9,000 downloads while stealing Facebook accounts.?https://buff.ly/3n99zRw

??Credit card stealing hacking campaign is hiding their malicious code inside the 'Authorize .net' payment gateway?module for WooCommcerce, allowing the breach to evade detection by security scans.?https://buff.ly/40pHm7l

??A severe privacy flaw named 'acropalypse' has also been found to affect the?Windows Snipping Tool, allowing people to partially recover content that was edited out of an image.?https://buff.ly/3TysfpW

??Bitcoin ATM maker General Bytes?disclosed that unidentified threat actors stole cryptocurrency from hot wallets by exploiting a zero-day security flaw in its software.?https://buff.ly/3FDnZ2G

??File-sharing site Zippyshare?has announced they are shutting down the site by the end of March 2023. ZippyShare users have until the end of the month to back up important files.?https://buff.ly/3FxSeI7

??Project Zero, Google's zero-day bug-hunting team, discovered and reported 18 zero-day?vulnerabilities in Samsung’s Exynos chipsets?used in mobile devices, wearables, and cars.?https://buff.ly/3Z9gcAN

??The U.S. Cybersecurity and Infrastructure Security Agency?CISA has released eight Industrial Control Systems ICS advisories?on Tuesday, warning of critical flaws affecting equipment from #Delta Electronics and #Rockwell Automation.?https://buff.ly/40m0Ole

??Cybercriminals are abusing?Adobe Acrobat?Sign, an online document signing service, to distribute info-stealing malware to unsuspecting users.?https://buff.ly/3ZUFe7F

??Follow us on Twitter for more news and alerts!

From Our Blog

How to Make Cybersecurity Tabletop Exercises Worthwhile

We've been doing tabletop exercises for years, and we love them. They're an effective way to test your incident response plan, as well as a great way to work through real scenarios before they happen. But they can also be boring and frustrating, especially if you don't know how to set them up or run them effectively...Read more now!

Reduce CISO Burnout with a Wingman!

The chief information security officer (CISO) plays a key role in maintaining the overall security of an organization’s information systems, consequently exposing the CISO to constant stressors and making the job unsustainable. Nearly half of CISOs are expected to change jobs by 2025 due to stress...Read more now!

Data Breach News?

???Ferrari?has disclosed a data breach following a ransom demand received after attackers gained access to some of the company's IT systems.?https://buff.ly/400swEp

???Hitachi Energy?confirmed it suffered a #databreach after the Clop #ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability.?https://buff.ly/3FuJVwI

???Latitude Financial Services (Latitude)?has disclosed a data #breach after suffering a #cyberattack, causing the company to shut down internal and customer-facing systems.?https://buff.ly/3JHOUf9

???The?NBA (National Basketball Association)?is notifying fans of a data #breach after some of their personal information, "held" by a third-party service, was stolen.?https://buff.ly/3FvncAE

???Fresh produce giant?Dole Food Company?has confirmed threat actors behind a February #ransomware attack have accessed the information of an undisclosed number of employees.?https://buff.ly/40pprxy

Cybersecurity Resources

Ready for some Exercise?

Tabletop Exercises?are similar to a boardgame or escape room. Training is a critical step in compliance and being prepared to respond to disasters and cybersecurity incidents.?

Our team created Tabletop Exercise scenarios containing real-world events based on our experiences, a cyberattack description and the potential impact which may occur to the organization. We also provide a list of goals and lessons to learn from the scenario outcomes.

Click here to see the full library, check back often for updates and email us to learn more about our proactive approach to cybersecurity.

Cybersecurity Is Complex! We Are Here To Help!

e: [email protected] | p: 888.333.6553