Cybersecurity Newsletter

You have a lot going on, so join the thousands of other leaders and let me do the work and provide you with curated cybersecurity content. It would be my honor to do so.

NOTES: If you want to ensure you get this newsletter every week, please add my "from" address to your contact list. If you would like to Unsubscribe scroll to the bottom and select "unsubscribe". Thank you.

In this week's edition:

• Cyber Bits & Bytes
• Early Warning - Trend: Universities and colleges cope silently with ransomware attacks
• Cyber Quote - Ginni Rometty - Cybercrime
• Free Cybersecurity Resources - eBooks, tools, apps & services
• Trending Story - The Age of AI Hacking Is Closer Than You Think
• Cybersecurity News Highlights
• Cyber Scam of the Week - Is ChatGPT Your Next Financial Advisor?
• Social Posts of the Week

Cyber Bits & Bytes

How the Best CISOs Drive Operational Resilience - Cyberattacks have exposed a myriad of vulnerabilities in our healthcare infrastructure, and will continue to do so as new and innovative medical technologies are developed. Read more in this Security Week article.

LA housing authority discloses data breach after ransomware attack reported in Bleepin Computer. The Housing Authority of the City of Los Angeles (HACLA) is warning of a "data security event" after the LockBit ransomware gang targeted the organization and leaked data stolen in the attack. HACLA is a state-chartered agency that provides affordable housing to low-income individuals and families in Los Angeles, California.

Microsoft Warns On Quickening Pace Of Business Email Compromise Attacks - Article from Cybersecurity Ventures.

Does Your Help Desk Know Who's Calling? is the title of a really good read on The Hacker News. There has been a revival of the old-school technique of vishing, which, like phishing online, involves using social engineering over the phone to steal sensitive information. Vishing attacks have been on the rise as a result, with 69% of companies experiencing them in 2021.

Early Warning

Trend: Universities and colleges cope silently with ransomware attacks

Excerpt: Ransomware gangs like Vice Society target colleges and universities like every other sector, but they try hard to keep that information quiet.

A spate of recent ransomware attacks makes it feel like the scourge is continuing at the same, or even an elevated, pace. Nowhere is this more apparent than in the higher education sector, with at least eight colleges and universities in North America reporting ransomware attacks since December 2022.

However, It is impossible to know how many higher education institutions have become victims of ransomware attacks or whether these incidents are increasing because the institutions are more reluctant than most organizations to reveal the attacks or discuss any other aspect of cybersecurity.

Read more in this CSO Online Article

Cyber Quote

Free Resources

• eBook: "9 Things Leaders Should Know About Cyber Insurance"

• CISA Releases ESXiArgs Ransomware Recovery Script

• SANS Security Policy Templates

• Web Security Academy - Free, online web security training

• CISA - Free Cybersecurity Tools and Services

• At Bay - Free Cyber risk Calculator

Trending Story

The Age of AI Hacking Is Closer Than You Think

Algorithms struggle to understand human ambiguity. But such quirks are a flimsy shield against the threat of artificially intelligent hackers.

WIREDCondé Nast

Other Bytes

6 reasons why your anti-phishing strategy isn’t working

Phishing is such a successful scam that appears to be here to stay — and only get more effective. From over-reliance on technology to confusing and counterproductive training, here are six reasons why your anti-phishing strategy might be failing.

CSO OnlineLinda Rosencrance

Microsoft Warns of Outlook Zero-Day Exploitation, Patches 80 Security Vulns

Microsoft warns of vulnerability (CVE-2023-23397) that could lead to exploitation before an email is viewed in the Preview Pane.

SecurityWeekRyan Naraine

Cyber Scam of the Week

Is ChatGPT Your Next Financial Advisor?

ChatGPT, an artificial intelligence (AI) chatbot created by OpenAI, has risen in popularity since its release last year. Now, cybercriminals are using ChatGPT’s popularity to lure you into phishing scams. In one of these scams, cybercriminals try to trick you with a fake new ChatGPT feature.

The scam starts with a phishing email informing you that ChatGPT has a new feature to help you invest in the stock market. If you click the link in the email, you’ll be taken to a spoofed ChatGPT website and prompted to enter your contact information. Then, a representative will call you and request that you submit a payment to open your investment account. Unfortunately, if you submit a payment, that money won't help you invest in the stock market. Instead, cybercriminals will steal it to invest in their own malicious pursuits.

Follow the tips below to stay safe from similar scams:

Before you click a link, hover your mouse over it. Make sure that the link leads to a legitimate, safe website that corresponds with the content in the related email.
Be cautious of unexpected investment opportunities. Remember, if something seems too good to be true, it probably is!
Never submit payments to a bank account provided in an email, text message, or phone conversation. Instead, navigate to the organization’s official website to submit a secure payment.

This Cyber Scam is provided by our sponsors: Netsync & KnowBe4

Cybersecurity Social

Just a couple of interesting social posts

Did someone forward this email to you? Awesome! You can sign up here and not miss a week of the Morning Boot curated cybersecurity newsletter from Mark Lynd

You received this email because you signed up on our website, attended one of our events, or made a purchase from us. If you do not wish to receive this newsletter anymore, you can unsubscribe here.