SBS CyberSecurity - In the Wild 165

SBS Newsletter header
 



In The Wild - CyberSecurity Newsletter

Welcome to the 165th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.
Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!
         
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

CyberRiskNOW Virtual Conference

SBS Educational Resources

This virtual conference is designed to provide interactive training on evolving cybersecurity threats and what your bank should do to build a strong Information Security Program that helps protect against these threats. We will identify components of a comprehensive Information Security Program that enables successful IT Examinations and minimizes your risk against real-world threats. This seminar will walk you through various FFIEC, FDIC, and OCC resources, as well as other industry best practices.  We will also review some timely hot-stove topics, including Pandemic Preparedness, Managed Service Providers, and creating a Culture of Security at your institution.

cid:image007.jpg@01D5D46F.318DE9A0

‘War Dialing’ Tool Exposes Zoom’s Password Problems

Krebs on Security

As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom. But without the protection of a password, there’s a decent chance your next Zoom meeting could be “Zoom bombed” — attended or disrupted by someone who doesn’t belong. And according to data gathered by a new automated Zoom meeting discovery tool dubbed “zWarDial,” a crazy number of meetings at major corporations are not being protected by a password.

How to Prevent Zoom-Bombing

PC Magazine

Video calling app Zoom has seen a flood of activity recently, as people across the world shifted to remote work and schooling, due to novel coronavirus. More activity means more bad actors looking for vulnerabilities and other ways to exploit the app. That's how the term Zoom-bombing came to be. In a few instances of Zoom-bombing, according to a report from Inside Higher Education, students exploited a screen sharing feature that hadn't been locked by the instructor to put up pornographic and racist content for everyone on the call to see.

Watch Out for the New Wave of COVID-19 Scams, Warns IRS

naked security

Fellow US taxpayers, are you eager to get your hands on the $1,200 bailout money you’ve been hearing about? … so eager you’re open to offers to help get it faster? If you answered ‘Yes,’ then please, take heed. Any offer to help you get your COVID-19 economic impact payment is coming from a scammer trying to get their hands on your personally identifying information (PII). That’s just one of a rash of coronavirus-themed tax fraud attacks the Internal Revenue Service (IRS) is seeing, it warned on Tuesday.

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Beazley: Ransomware attacks on clients 'skyrocketed' in 2019

Search Security

Insurance giant Beazley saw a huge spike in ransomware attacks in 2019, reporting a 131% increase in client incidents, according to new research from the company. The 2020 Beazley Breach Briefing, which drew data from 775 ransomware incidents reported to Beazley Breach Response (BBR) Services, disclosed an increase in attacks, severity, disruption, and payment demands last year. Unlike the increases in reported ransomware attacks in 2018 and 2017, which were 20% and 9% respectively, last year's reported incidents "skyrocketed," according to Beazley.

FBI Warns of Attacks on Remote Work, Distance Learning Platforms

Bleeping Computer

FBI's Internet Crime Complaint Center (IC3) issued a public service announcement today about the risk of attacks exploiting the increased usage of online communication platforms for remote working and distance learning caused by the SARS-CoV-2 pandemic. The FBI says that it's expecting an acceleration of exploitation attempts of virtual communication environments used by government agencies, private organizations, and individuals as a direct result of the COVID-19 outbreak.

Marriott Suffers Second Breach Exposing Data of 5.2 Million Hotel Guests

The Hacker News

International hotel chain Marriott today disclosed a data breach impacting nearly 5.2 million hotel guests, making it the second security incident to hit the company in recent years. "At the end of February 2020, we identified that an unexpected amount of guest information may have been accessed using the login credentials of two employees at a franchise property," Marriott said in a statement. "We believe this activity started in mid-January 2020. Upon discovery, we confirmed that the login credentials were disabled, immediately began an investigation, implemented heightened monitoring, and arranged resources to inform and assist guests."

3 Strategies To Get Motivated

Darius Foroux

So you commit to improving your health, career, or relationships, and after two days, you give up. “I’m not motivated.” We often say those kinds of things without knowing what motivation is. Motivation is simply the reason (or reasons) for acting or behaving the way you do. The problem is that most of our motivation is short-lived. Some days we feel motivated in the evening, but when the alarm goes off in the morning, all our reasons will go out the window.


10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"