SBS CyberSecurity - In The Wild Vol 129


 
 

In The Wild - CyberSecurity Newsletter

Welcome to the 129th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information you may find helpful.
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

[Hacker Hours] Critical Responsibilities of an Information Security Officer

SBS Educational Resources

The past 5-10 years have brought such big changes to the roles and responsibilities of the information security officer (ISO) that many small to medium-sized organizations struggle to define the most critical responsibilities. Guidance tells us that management should designate at least one ISO to be responsible and accountable for implementing and monitoring the information security program. But what does that mean? Join SBS as we discuss the most critical responsibilities of the ISO and share some insight on what small to medium size organizations can do to fulfill the ISO's most critical responsibilities.

What You Should Know About the Equifax Data Breach Settlement

Krebs on Security

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans. Here’s a brief primer that attempts to break down what this settlement means for you, and what it says about the value of your identity.

Why Cities Have Become Such a Big Target for Cyberattacks

ZDNet

Ransomware once seemed to be on the decline, but it's now gained a new lease of life -- and additional notoriety -- after crooks identified a lucrative new set of targets for their file-encrypting malware. Once content to target individuals' PCs, cybercriminals have extended their reach upwards after realizing that they can make tens of thousands of dollars a time by encrypting the entire networks of small and medium-sized businesses and other organizations and holding them to ransom.

Should Fintechs Be Regulated Like Banks?

BAI

More than a few bankers believe fintechs (and would-be fintechs) should play by the same rules they do. And they’re certainly not alone. Just hours—literally—after Facebook announced its intention to launch the Libra cryptocurrency, members of both parties in Congress expressed alarm and annoyance. Thus began the avalanche of public scrutiny, which in short order spotlighted: a) how the Facebook employee who thought up Libra was 26 and has barely more than two years with the company; b) Facebook isn’t exactly known for keeping user data safe; and c) this is, after all, the social media company that coined the infamous motto “Move fast and break things.” Like a stable U.S. financial system, perhaps?
Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »


Russia Targeted Election Systems in All 50 States, Report Finds

The New York Times

The Senate Intelligence Committee concluded Thursday that election systems in all 50 states were targeted by Russia in 2016, an effort more far-reaching than previously acknowledged and one largely undetected by the states and federal officials at the time. But while the bipartisan report’s warning that the United States remains vulnerable in the next election is clear, its findings were so heavily redacted at the insistence of American intelligence agencies that even some key recommendations for 2020 were blacked out.

BlueKeep RCE Exploit Module Added to Penetration Testing Tool

Bleeping Computer

Security outfit Immunity has included a fully working BlueKeep exploit in their CANVAS automated pentesting utility with the release of version 7.23, on July 23. While the news of a publicly available RCE exploit for BlueKeep might give some Windows admins WannaCry-style nightmares, the fact that an Immunity CANVAS subscription with early updates start at $32,480 should put their mind at ease. Slightly.

No Jail Time for WannaCry 'Killer' Marcus Hutchins, a.k.a. MalwareTech

The Hacker News

The frequency of business email compromise (BEC) scams has increased year over year, and so did the value of attempted thefts, reaching a monthly average of more than $300 million. The number is drawn from the suspicious activity reports (SARs) received every month since 2016, which increased from 500 to more than 1,100 in 2018.

17 Positive Mantras That Will Make You Feel Powerful

Thrive Global

We all have those instances when frustration, stress, or negative rumination threaten to ruin our day — and it’s up to us to course-correct and reclaim our mood and productivity. Sometimes, all it takes is a simple positive mantra to act as that little reminder that everything will be OK. Like with meditation, there is plenty of research to back up the power of a mantra on our bodies and minds. According to one 2015 study, mantras can be effective even if people don’t regularly meditate.

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"