SBS CyberSecurity - In The Wild 142


SBS Newsletter header
 

In The Wild - CyberSecurity Newsletter

Welcome to the 142nd issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information you may find helpful.
Related image
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.
Image result for sbs cybersecurity twitter

[Blog] Safe Social Media Usage

SBS Educational Resources

We, as a society, use the internet, and especially social media, more with each day. We share everything, including travel itineraries, political views, and, sometimes, even what we had for lunch. However, we don’t often think about the consequences of the things we post on the internet. A quick Google search can tell you many cautionary tales around why we shouldn’t share too much information on social media, but that’s not what this blog post is about. This blog post is about being safe when you do overshare online.
Read Here »  

Avast, NordVPN Breaches Tied to Phantom User Accounts

Krebs on Security

Antivirus and security giant Avast and virtual private networking (VPN) software provider NordVPN each today disclosed months-long network intrusions that — while otherwise unrelated — shared a common cause: Forgotten or unknown user accounts that granted remote access to internal systems with little more than a password.
Read Here »  

How to Protect Your Company's Backups from Ransomware

Emsisoft

Backups are an essential part of any ransomware disaster recovery plan. In the event that an organization is hit with ransomware, it can simply use its backups to recover the system without paying a cent to the bad guys. There’s just one problem: backups are not immune to ransomware. Increasingly advanced ransomware strains contain mechanisms that are designed to seek out and encrypt backups that are stored both locally and in the cloud. And, if a company’s backups get encrypted, it may have no other choice but to pay the ransom.
Read Here »  

AIG Is the Latest Insurer to Back Away from Cyber Insurance Coverage

CPO Magazine

There is a growing precedent within the global insurance industry for insurers to back away from their cyber insurance policies, usually in the face of potentially massive losses. The latest insurance company to dispute the legal definition of terms included in its cyber insurance policies is insurance giant AIG, which is disputing a breach of contract lawsuit filed in August. The company says its cyber insurance plans do not cover “criminal acts,” which is the way that it is characterizing a cyber incident involving nearly $6 million in losses at multi-billion-dollar financial technology company SS&C Technologies.
Read Here »  
Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »


NIST to Improve MSP Cybersecurity Guidelines

MeriTalk

he National Institute of Standards and Technology (NIST) is tackling managed service provider (MSPs) cybersecurity by developing a customizable reference model that MSPs can adapt to fit their program needs. The first draft of the guidance, Improving Cybersecurity of Managed Service Providers, is open for public feedback until Nov. 8. Once the draft is finalized, the leaders of the project at the National Cybersecurity Center of Excellence (NCCoE) will outline solutions that align with the NIST Cybersecurity framework and industry best practices.
Read Here »  

Verizon, AT&T, Sprint, T-Mobile to replace SMS with RCS in 2020

The Hacker News

Mobile carriers in the United States will finally offer a universal cross-carrier communication standard for the next-generation Rich Communications Service (RCS) messaging service that is meant to replace SMS and has the potential to change the way consumers interact with brands for years to come. All major United States mobile phone carriers, including AT&T, Verizon, T-Mobile, and Sprint, have joined forces to launch a new initiative that will replace SMS with RCS mobile messaging standard.
Read Here »  

Here's How to Stop Your ISP From Spying On You

Fast Company

The federal government has authorized your internet service provider to spy on you. The right was enshrined by a 2017 act of Congress that canceled anti-spying regulations enacted by the Obama-era Federal Communications Commission. Today, your ISP can log every place you go online and use that data any way it wants, such as building user profiles for its own or other companies’ advertising platforms.
Read Here »  

5 Questions Interesting People Always Ask in Conversations

Inc.com

You've been there countless times. You walk into a networking event or social function, and the first extroverted person drops the suspect questions we've all heard ad nauseam: What do you do? Where are you from? Predictable and exhausting. As you run through the scripted answer in your head, you wonder, "Is this is someone I really want to talk to?" The problem is, most of us are guilty of asking those dreaded, superficial questions that lead nowhere beyond the small talk.
Read Here »

Image result for sbs cybersecurity twitter

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:
*      Krebs on Security: Cachet Financial Reeling from MyPayrollHR Fraud
*      Krebs on Security: Ransomware Hits B2B Payments Firm Billtrust
*      Bleeping Computer: Hacker Plants Keylogger Devices on Company Systems Faces 12yr in Jail
*      Bleeping Computer: How to Get the Windows 10 November 2019 Update Now
*      naked security: Firefox Privacy Protection makes website trackers visible
*      ars technica: Man sues AT&T after fraudulent SIM swap led to $1.8M cryptocurrency theft
*      ZDNet: These 17 iPhone apps have been removed from the Apple App Store for delivering malware
*      ZDNet: City of Johannesburg held for ransom by hacker gang
*      BankInfoSecurity: Here's Why 'Raccoon' Infostealer Is Popular With Criminals
*      threatpost: U.N., UNICEF, Red Cross Under Ongoing Mobile Attack

Comments

Post a Comment

Popular posts from this blog

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

Image
Eric Howes , KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: " If you work in IT there has undoubtedly come a dark moment when you wondered to yourself just who among your employee users would be gullible enough to click through a phishing email and potentially bring down your organization. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/when-users-add-their-names-to-a-wall-of-shame
Read more

Krebs - NY Charges First American Financial for Massive Data Leak

Image
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties. First American Financial Corp. Santa Ana, Calif.-based  First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2 billion in 2019 . As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. The docum
Read more

SBS CyberSecurity - In The Wild 166

Image
  In The Wild - CyberSecurity Newsletter Welcome to the 166 th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. CyberRiskNOW Virtual Conference SBS Educational Resources This virtual conference is designed to provide interactive training on evo
Read more