SBS CyberSecurity - In The Wild 149

In The Wild - CyberSecurity Newsletter Welcome to the 149th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information you may find helpful. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. [Blog] Top 25 Threat Actors - 2019 Edition SBS Educational Resources Hacking at the end of 2019 is a lot different than the “hackers” of the mid-2000s, and certainly a far cry from a 15-year old kid in his mom’s basement eating Cheetos and “hacking the planet” many people have in their minds. Today, hacking – in whatever form you choose to label it (cybercrime, threat actors, espionage, etc.) – is modern warfare or big business; sometimes both. Some hacking groups, aka “threat actors,” have stood out by their actions, their longevity, their methods, or a combination of all three. Read Here »   The Great $50M African IP Address Heist Krebs on Security A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers. The allegations stemmed from a three-year investigation by a U.S.-based researcher whose findings shed light on a murky area of Internet governance that is all too often exploited by spammers and scammers alike. Read Here »   VISA Warns of Gas Pump POS Malware across North America ZDNet Payments processor VISA says North American merchants who operate gas stations and gas pumps are facing a rash of attacks from cybercrime groups wanting to deploy point-of-sale (POS) malware on their networks. In two security alerts published in November and December, respectively, VISA said its security team investigated at least five incidents of the sort. Read Here »   Lessons Learned from 7 Big Breaches in 2019 Dark Reading 2019 is on track to be the worst year ever for data breaches. Over 7.9 billion (with a "b") data records were exposed in the first nine months of this year alone from a total of 5,183 breaches, according to Risk Based Security Compared to the same period last year, the total number of breaches in 2019 is higher by over 33%. Six breaches exposed over 100 million records, with hacking being the top reason for most compromises. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Has Your Password Been Stolen? Here’s How To Find Out Forbes Passwords are a necessary evil as far as our increasingly connected lives are concerned. Yet with data breaches exposing more than 4 billion records, including passwords, during the first six months of 2019, they are also a weak link when it comes to security. There is a booming criminal trade across dark web markets in compromised login data. Which should come as no surprise as password reuse is rife. It was recently revealed that more than 44 million Microsoft account holders had been found using recycled passwords. Read Here »   New Orleans Suffers Ransomware Attack, Emergency Services Intact Bleeping Computer The City of New Orleans, Louisiana, has suffered a ransomware attack that has led to the shut down of the city's servers and computers, but the city states emergency services remain intact. According to a press conference held by Mayor LaToya Cantrell, it was confirmed that the city was hit by a ransomware attack, but that no ransom demands have been found at this time. Read Here »   The State of Ransomware in the US: Report and Statistics 2019 Emsisoft In 2019, the U.S. was hit by an unprecedented and unrelenting barrage of ransomware attacks that impacted at least 948 government agencies, educational establishments, and healthcare providers at a potential cost in excess of $7.5 billion. The impacted organizations included: 103 federal, state and municipal governments and agencies; 759 healthcare providers; and 86 universities, colleges and school districts, with operations at up to 1,224 individual schools potentially affected. Read Here »   Effective Managers Go to War With Problem Priorities Medium I prayed at an altar of certain words as a manager because they made such a huge difference in my career. Priority was one of those words. If there is such a thing as a philosophy of management, priority is one of the first principles. Effective leaders and managers are effective in part because they understand: the process of prioritizing; how to prioritize; how often to prioritize; which priorities to embrace, and which ones to reject. Priority is value. Prioritization is a discipline. Priorities focus and organize actions that get results. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:       MSSP Alert: National Council to Trump - US Unprepared for Cyber Threats on Critical Infrastructure       Bleeping Computer: Attackers Terrify Homeowners After Hacking Ring Devices       Bleeping Computer: Ryuk Ransomware Likely Behind New Orleans Cyberattack       The Hacker News: New Zeppelin Ransomware Targeting Tech and Health Companies       The Hacker News: Snatch Ransomware Reboots Windows in Safe Mode to Bypass Antivirus       The New York Times: Florida City Mum on Ransom Demands by Cyberattackers       Defense.gov: Cybersecurity Requirements Likely for Defense Contracts by June 2020       Forbes: The World’s Top 100 Worst Passwords Ranked       Security Boulevard: 18 Cybersecurity Statistics and Research Figures Summarizing 2019       KnowBe4 Blog: 5 Things You May Not Know About Security Awareness Training