SBS CyberSecurity - In The Wild 164

In The Wild - CyberSecurity Newsletter Welcome to the 164th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. CyberRiskNow Virtual Conference SBS Educational Resources This virtual conference is designed to provide interactive training on evolving cybersecurity threats and what your bank should do to build a strong Information Security Program that helps protect against these threats. We will identify components of a comprehensive Information Security Program that enables successful IT Examinations and minimizes your risk against real-world threats. This seminar will walk you through various FFIEC, FDIC, and OCC resources, as well as other industry best practices.  We will also review some timely hot-stove topics, including Pandemic Preparedness, Managed Service Providers, and creating a Culture of Security at your institution. Read Here »   Russians Shut Down Huge Card Fraud Ring Krebs on Security Federal investigators in Russia have charged at least 25 people accused of operating a sprawling international credit card theft ring. Cybersecurity experts say the raid included the charging of a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the past decade. Read Here »   Cyber Insurer Chubb Had Data Stolen in Maze Ransomware Attack TechCrunch Chubb, a major cybersecurity insurance provider for businesses hit by data breaches, has itself become a target of a data breach. The insurance giant told TechCrunch it was investigating a “security incident” involving the unauthorized access to data belonging to an unnamed third-party. Chubb spokesperson Jeffrey Zack said the company had “no evidence” the incident affected Chubb’s own network and that its network “remains fully operational.” Read Here »   Cybersecurity Tactics for the Coronavirus Pandemic McKinsey The COVID-19 pandemic has presented CISOs and their teams with two immediate priorities. One is securing work-from-home arrangements on an unprecedented scale now that organizations have told employees to stop traveling and gathering, and government officials in many places have advised or ordered their people to stay home as much as possible. The other is maintaining the confidentiality, integrity, and availability of consumer-facing network traffic as volumes spike—partly as a result of the additional time people are spending at home. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » 667% Spike in Phishing Attacks Due to Coronavirus Fears TechRepublic As much of the world grapples with the new coronavirus, COVID-19, and how to handle it, attackers are preying on people's emotions and taking advantage of the widespread discussion of COVID-19 in emails and across the web. There has been a steady increase in the number of coronavirus COVID-19-related email attacks since January, according to security firm Barracuda Networks, but researchers have observed a recent spike in this type of attack, up a whopping 667% since the end of February. Read Here »   US Small Business Administration Grants Used as Phishing Bait Bleeping Computer Attackers are attempting to deliver Remcos remote access tool (RAT) payloads on the systems of small businesses via phishing emails impersonating the U.S. Small Business Administration (U.S. SBA). They are taking advantage of the financial problems experienced by SMBs during the current COVID-19 pandemic to lure them into opening malicious attachments camouflaged as disaster assistance grants and testing center vouchers. Read Here »   What You Should Know About Online Tools During the COVID-19 Crisis Electronic Frontier Foundation A greater portion of the world’s work, organizing, and care-giving is moving onto digital platforms and tools that facilitate connection and productivity: video conferencing, messaging apps, healthcare, and educational platforms, and more. It’s important to be aware of the ways these tools may impact your privacy and security during the COVID-19 crisis. Here are a few things you should know to make informed decisions about what works best for you and your communities, and ways you can use security and privacy best practices to protect yourself and others. Read Here »   18 Ways To Make Use Of The Extra Time On Your Hands Darius Foroux The way I see it, there’s only one silver lining in the coronavirus crisis we’re currently facing: We have a lot of extra time on our hands. While it’s in no one’s interest that the world is on its back, on an individual level, we now have the opportunity of a lifetime if we’re healthy. Look at it this way. ALL your plans for the next 3-6 months are canceled. You only have today. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:       Krebs on Security: US Government Sites Give Bad Security Advice       Bleeping Computer: FBI - Hackers Sending Malicious USB Drives & Teddy Bears via USPS       Bleeping Computer: Google Warned Users of 40,000 State-Sponsored Attacks in 2019       The Hacker News: Hackers Used Local News Sites to Install Spyware On iPhones       ZDNet: Google says no APP users have been phished to date       BankInfoSecurity: Microsoft to Pause Non-Essential Software Updates       The Verge: How to stop trolls from taking over your Zoom call       CPO Magazine: Over a Billion Android Devices No Longer Supported by Security Updates       Forbes: Your Social Security Number Costs $4 On The Dark Web, New Report Finds       ars technica: New attack on home routers sends users to spoofed sites that push malware