SBS CyberSecurity - In The Wild 166

SBS Newsletter header
 

In The Wild - CyberSecurity Newsletter

Welcome to the 166th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.
Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!
         
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

CyberRiskNOW Virtual Conference

SBS Educational Resources

This virtual conference is designed to provide interactive training on evolving cybersecurity threats and what your bank should do to build a strong Information Security Program that helps protect against these threats. We will identify components of a comprehensive Information Security Program that enables successful IT Examinations and minimizes your risk against real-world threats. This seminar will walk you through various FFIEC, FDIC, and OCC resources, as well as other industry best practices.  We will also review some timely hot-stove topics, including Pandemic Preparedness, Managed Service Providers, and creating a Culture of Security at your institution.

cid:image007.jpg@01D5D46F.318DE9A0

New IRS Site Could Make it Easy for Thieves to Intercept Some Stimulus Payments

Krebs on Security

The U.S. federal government is now in the process of sending Economic Impact Payments by direct deposit to millions of Americans. Most who are eligible for payments can expect to have funds direct-deposited into the same bank accounts listed on previous years’ tax filings sometime next week. Today, the Internal Revenue Service (IRS) stood up a site to collect bank account information from the many Americans who don’t usually file a tax return. The question is, will those non-filers have a chance to claim their payments before fraudsters do?

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

The Hacker News

Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200 million daily users from an average of 10 million in December — along with a 535 percent increase in daily traffic to its download page in the last month — but it's also seen a massive uptick in Zoom's problems, all of which stem from sloppy design practices and security implementations.

FBI Anticipates Rise in COVID-19 Pandemic BEC Schemes

FBI.gov

Fraudsters will take advantage of any opportunity to steal your money, personal information, or both. Right now, they are using the uncertainty surrounding the COVID-19 pandemic to further their efforts. Business email compromise (BEC) is a scam that targets anyone who performs legitimate funds transfers. Recently, there has been an increase in BEC frauds targeting municipalities purchasing personal protective equipment or other supplies needed in the fight against COVID-19.

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Learning From The CyrusOne Ransomware Attack

Data Center Dynamics

Ransomware attacks continue to plague companies of all stripes. Organizations of any size and sector can be vulnerable to attacks that encrypt files and render entire IT estates inoperable. Threat actors then demand ransom payments in return for decrypting the files and making the resources available again. Rather than go through a long recovery process or attempt to use decryption tools, many organizations will simply pay the fee, despite official advice from the FBI and many cybersecurity companies warning that this only encourages attackers and propagates the problem.

San Francisco International Airport Discloses Data Breach After Hack

Bleeping Computer

San Francisco International Airport (SFO) disclosed a data breach after two of its websites, SFOConnect.com and SFOConstruction.com, were hacked during March 2020. According to a notice of data breach sent to all SFO Airport commission employees via an internal memo, the attackers may have gained access to the login credentials of users registered on the two breached sites.

Google and Apple Plan to Turn Phones into COVID-19 Contact-Tracking Devices

The Hacker News

Tech giants Apple and Google have joined forces to develop an interoperable contract-tracing tool that will help individuals determine if they have come in contact with someone infected with COVID-19. As part of this new initiative, the companies are expected to release an API that public agencies can integrate into their apps. The next iteration will be a built-in system-level platform that uses Bluetooth low energy (BLE) beacons to allow for contact tracing on an opt-in basis.

9 Things the Most Productive WFH People So 30 Minutes Before Logging Off

The Ladders

As the world is adapting to what is now the “new normal,” Fairygodboss wants to be there for you every step of the way. Keep reading for timely advice and join our Navigating the New Normal group for continued support. One of the biggest complaints you’ll hear from people working from home? The struggle to bring their workday to a definitive close.


10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:



Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"