SBS CyberSecurity - In the Wild 157

SBS Newsletter header
 

In The Wild - CyberSecurity Newsletter

Welcome to the 157th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information you may find helpful.
Related image
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

[Blog]: 7 Steps to Building an Incident Response Playbook

SBS Educational Resources

Hopefully, your organization has never experienced a major cybersecurity incident, and hopefully you never will. However, for those that have experienced an incident and did not have a strong Incident Response Plan (IRP) that helped prepare the organization to deal with incidents ahead of time, one of the biggest regrets is not having taken the time to sit down and walk through different and highly impactful incidents. Enter, the Incident Response Playbook.
Read Here »  
cid:image007.jpg@01D5D46F.318DE9A0

When Your Used Car is a Little Too ‘Mobile’

Krebs on Security

Many modern vehicles let owners use the Internet or a mobile device to control the car’s locks, track location and performance data, and start the engine. But who exactly owns that control is not always clear when these smart cars are sold or leased anew. Here’s the story of one former electric vehicle owner who discovered he could still gain remote, online access to his old automobile years after his lease ended.
Read Here »  

Mysterious New Ransomware Targets Industrial Control Systems

Wired

Only a few times in the history of hacking has a piece of malicious code been spotted attempting to meddle directly with industrial control systems, the computers that bridge the gap between digital and physical systems. Those rare specimens of malware have destroyed nuclear enrichment centrifuges in Iran and caused a blackout in Ukraine. Now, a malware sample has surfaced that uses specific knowledge of control systems to target them with a far blunter, and more familiar, tactic: Kill the target's software processes, encrypt the underlying data, and hold it hostage.
Read Here »  

US Finance Sector Hit with Targeted Backdoor Campaign

threatpost

The financial services sector in the U.S. found itself under a barrage of cyberattacks last month, all bent on delivering a powerful backdoor called Minebridge. The attack chain employed a known method called “VBS Stomping” to avoid detection. The campaigns, aimed at enabling further malware infections and espionage efforts, were initiated via phishing emails with attached documents containing malicious macros. The emails were coming from fake domains that were geared to add legitimacy to the messages, resulting in a convincing theme running throughout the proceedings.
Read Here »  
Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Ransomware Suspected After CUNA Knocked Offline

Tech Crunch

The Credit Union National Association, a major lobbyist and trade association for credit unions, is recovering after its systems were knocked offline earlier this week following a “cyber incident.” CUNA, headquartered in Washington, DC, represents state and federally chartered credit unions across the U.S. and provides lobbying, advocacy and other trade association services.
Read Here »  

Microsoft Detects 77,000 Active Web Shells on a Daily Basis

ZDNet

In a blog post promoting the capabilities of its commercial security platform -- the Microsoft Defender ATP -- Microsoft said that on a daily basis, the company's security team detects and tracks on average around 77,000 active web shells, spread across 46,000 infected servers. But while the Microsoft blog post goes on to promote Defender ATP's industry-recognized detection capabilities, the nugget in Microsoft's recent marketing material is the 77,000 and 46,000 daily statistics.
Read Here »  

The App That Broke the Iowa Caucus

The New York Times

A transformative piece of technology is supposed to “disrupt” the unwieldy ways that came before it. On Monday evening, an app built to deliver quicker caucus results took the Silicon Valley term of art literally, contributing to massive delays in reporting the results in Iowa. Hours after the caucuses ended, the state Democratic Party, citing inconsistencies in the reporting data, still has not publicly reported any results. It stressed there was no “hack or intrusion.”
Read Here »  

15 Ideas to Help Create Your Best Morning Routine

Lifehack

Your best morning routine is more than the ideal start to your day. It’s an opportunity to reset; to forget about what happened yesterday, develop a positive mindset about the day ahead, and to take care of yourself before stressors have a chance to crop up. While most of us want to get the same things out of our morning routine, we go about starting our day in different ways. Some people love to get up early and exercise. Others are happy to lie in bed until the last minute. Some drink coffee, others drink only water, and some skip straight to breakfast.
Read Here »

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:
*      Krebs on Security: Dangerous Domain Corp.com Goes Up for Sale
*      Bleeping Computer: Emotet Hacks Nearby Wi-Fi Networks to Spread to New Victims
*      Bleeping Computer: BEC Scammers’ Interest in the Real Estate Sector Rises
*      The Hacker News: Flaw in Philips Smart Light Bulbs Exposes Your WiFi Network to Hackers
*      The Hacker News: This WhatsApp Bug Could Have Let Attackers Access Files On Your PCs
*      ZDNet: FBI is investigating more than 1,000 cases of Chinese theft of US technology
*      ZDNet: Ransomware installs Gigabyte driver to kill antivirus products
*      TechRepublic: 1 in 10 vehicles will be autonomous by 2030
*      Forbes: Powerful Cyber Attack Takes Down 25% Of Iranian Internet
*      Information Age: Attacks on web applications up by 52% in 2019, says SonicWall report

Comments

Post a Comment

Popular posts from this blog

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"

Image
Eric Howes , KnowBe4 Principal Lab Researcher, found out about another insidious bad guy trick: " If you work in IT there has undoubtedly come a dark moment when you wondered to yourself just who among your employee users would be gullible enough to click through a phishing email and potentially bring down your organization. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/when-users-add-their-names-to-a-wall-of-shame
Read more

Krebs - NY Charges First American Financial for Massive Data Leak

Image
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection with the incident, charges that could bring steep financial penalties. First American Financial Corp. Santa Ana, Calif.-based  First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2 billion in 2019 . As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. The docum
Read more

SBS CyberSecurity - In The Wild 166

Image
  In The Wild - CyberSecurity Newsletter Welcome to the 166 th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. CyberRiskNOW Virtual Conference SBS Educational Resources This virtual conference is designed to provide interactive training on evo
Read more