A quick Saturday digest of cybersecurity news articles from other sources.
CISA Releases Two SBOM Documents
04/21/2023 12:30 PM EDT
Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM documents and Minimum Requirements for Vulnerability Exploitability eXchange (VEX).
The Types of SBOM document summarizes common types of SBOMs that tools may create in the industry today, along with the data typically presented for each type of SBOM. As software goes from planning to source to build to deployed and used, tools may be able to detect subtle differences in the underlying components. These types will allow for better differentiation of tools and in the broader marketplace.
The Minimum Requirements for VEX document specifies the minimum elements to create a VEX document. This will allow interoperability between different implementations and data formats of VEX. It will also help promote integration of VEX into novel and existing security tools. This document also specifies some optional VEX elements.
Led by CISA, both publications were debated and drafted by a community of industry and government experts with the goal to offer some common guidance and structure for the large and growing global SBOM community.
For Certification: OSI Model Cheat Sheet
If you want to understand the Open Systems Interconnection (OSI) reference model or need to brush up on what OSI means, we’ve prepared this OSI model cheat sheet for you. It briefly overviews the seven layers in the OSI reference model, expands on each layer, and compares the OSI model against the TCP/IP reference model.
Once you’ve finished reading this comprehensive OSI reference model cheat sheet and know what it entails, you can apply it properly when challenged, such as in IT and cyber security troubleshooting.
Ransomware attacks increased 91% in March, as threat actors find new vulnerabilities
Ransomware attacks skyrocketed last month according to the new monthly cybersecurity report by NCC Group. New threat group Cl0p is behind the increase as it exploited vulnerabilities in GoAnywhere file transfer manager.
Attackers Continue to Leverage Signed Microsoft Drivers
In December of last year, Microsoft worked with SentinelOne, Mandiant, and Sophos to respond to an issue in which drivers certified by Microsoft’s Windows Hardware Developer Program were being used to validate malware. Unfortunately, the problem hasn’t gone away.
Keep yourself safe from new fraud scams
Remember to stay calm and be skeptical of banking update requests. By following these tips, you can keep yourself safe from potential scams:
- Don’t click on anything in an unsolicited email or text message asking you to update or verify account information.
- Never send funds to a merchant until you can confirm that the request to change a payment destination is legitimate, like a statement from them or a verified customer service phone number.
- Don’t rely only on caller ID to confirm someone’s identity, as scammers can compromise that too.
- Look up the company’s phone number through a legitimate source like a statement provided by the company, and don’t use the number a potential scammer is providing.
- Take your time. A legitimate Capital One associate will never pressure you to immediately make a decision. They’ll provide you with all the necessary information and specific time frames to make your decision.
- When in doubt, hang up the phone and call your Capital One service team directly. You may call us at the number listed on the back of your debit or credit card and bank statement.
We’ll keep you updated as we learn more about how these scams evolve. It’s all part of how Capital One is looking out for your financial safety every day.
Here are some additional resources to learn more about avoiding potential scams and fraud:
Help avoid falling victim to business email compromise (BEC)
How to avoid and prevent different types of phishing
Cybersecurity and Infrastructure Security Agency (CISA) guidance
If you have any questions or need assistance, give us a call at 800‑655‑2265, 8 a.m.‑11 p.m. ET, 7 days a week. We’ll be happy to help you.
Google wins court order to force ISPs to filter botnet traffic
CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more.
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com