SBS CyberSecurity - In The Wild 168

SBS Newsletter header
 



In The Wild - CyberSecurity Newsletter

Welcome to the 168th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.
Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!
         
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

Threat Advisory - COVID-19 Exploited by Malicious Cyber Actors

SBS Educational Resources

As COVID-19 continues to affect the world, and everyone is adapting to a global pandemic, cybercriminals, and Advanced Persistent Threat (APT) hacking groups are adapting as well. Both VISA and NCSA are seeing a growing use of COVID-19 related themes by malicious cyber actors. A massive increase in remote working has also led to organizations being more vulnerable to cyber-attacks on numerous fronts, including the use of VPN and RDP from home users to access corporate networks, outdated or insecure equipment and devices being used on home networks, and fewer restrictions on web browsing for home users.

cid:image007.jpg@01D5D46F.318DE9A0

When in Doubt: Hang Up, Look Up, & Call Back

Krebs on Security

Many security-conscious people probably think they’d never fall for a phone-based phishing scam. But if your response to such a scam involves anything other than hanging up and calling back the entity that claims to be calling, you may be in for a rude awakening. Here’s how one security and tech-savvy reader got taken for more than $10,000 in an elaborate, weeks-long ruse.

Cybersecurity Snubbed in Stimulus Package

SC Magazine

Aid for states is not the only thing that didn’t make it into the $480 billion stimulus package President Trump signed last week – funding for cybersecurity also was notably missing, something that security experts, policymakers, and security experts hope Congress will rectify in future stimulus bills, particularly around election security.

Zoom Adds Data Center Routing, Security Updates

ZDNet

Teleconferencing app Zoom announced Wednesday that it has implemented data center routing capabilities for account administrators -- a key step in the company's efforts to improve Zoom's security posture. With data center routing, admins can choose which data center region their account-hosted meetings and webinars use for real-time traffic. The feature is meant to allay fears that Zoom chats and encryption keys were being sent to Chinese servers, where the data could be hijacked by Chinese intelligence.

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Nintendo Confirms 160,000 Nintendo Accounts Accessed in Hacking Attempts

The Verge

Nintendo is disabling the ability to log into a Nintendo Account through a Nintendo Network ID (NNID), after 160,000 accounts have been affected by hacking attempts. Nintendo says login IDs and passwords “obtained illegally by some means other than our service,” have been used since the beginning of April to gain access to the accounts. Nicknames, date of birth, country, and email addresses may have been accessed during the breach, and some accounts have experienced fraudulent purchases. Nintendo is now recommending that all users enable two-factor authentication. That’s something you should be using for all of your online accounts.

Researchers: 30,000% Increase in Pandemic-Related Threats

Bleeping Computer

An increase of 30,000% in pandemic-related malicious attacks and malware was seen in March by security researchers at cloud security firm Zscaler when compared to the beginning of 2020 when the first threats started using COVID-19-related lures and themes. On any given day, Zscaler's cloud security products are processing more than 100 billion transactions from over 4,000 enterprise customers, with 400 of them being on Forbes' Global 2000 list of the world’s largest public companies.

Where Does the US Rank in the Global Data Privacy Landscape?

CPO Magazine

As data regulations surge across the globe, our team formulated a Global Data Residency Regulation Report in which we analyzed 128 countries with specific laws around profile, finance, health, employee, and payment data. In our report, we found that amongst all the countries, the U.S. ranks in the middle –  below nations like India and South Korea.

To Change Your Habits, First Change Your Routine

Lifehacker

A lot of us have had to put together new daily routines now that we’re working from home, parenting from home, working and parenting from home or simply... um... staying home. We’re also now at the point where parts of these new routines have started to become habits—which means it’s time to ask ourselves whether we’re happy with our new habits, or we need to do the work of creating a different kind of routine.


10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"