SBS CyberSecurity - In The Wild 168

In The Wild - CyberSecurity Newsletter Welcome to the 168th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Threat Advisory - COVID-19 Exploited by Malicious Cyber Actors SBS Educational Resources As COVID-19 continues to affect the world, and everyone is adapting to a global pandemic, cybercriminals, and Advanced Persistent Threat (APT) hacking groups are adapting as well. Both VISA and NCSA are seeing a growing use of COVID-19 related themes by malicious cyber actors. A massive increase in remote working has also led to organizations being more vulnerable to cyber-attacks on numerous fronts, including the use of VPN and RDP from home users to access corporate networks, outdated or insecure equipment and devices being used on home networks, and fewer restrictions on web browsing for home users. Read Here »   When in Doubt: Hang Up, Look Up, & Call Back Krebs on Security Many security-conscious people probably think they’d never fall for a phone-based phishing scam. But if your response to such a scam involves anything other than hanging up and calling back the entity that claims to be calling, you may be in for a rude awakening. Here’s how one security and tech-savvy reader got taken for more than $10,000 in an elaborate, weeks-long ruse. Read Here »   Cybersecurity Snubbed in Stimulus Package SC Magazine Aid for states is not the only thing that didn’t make it into the $480 billion stimulus package President Trump signed last week – funding for cybersecurity also was notably missing, something that security experts, policymakers, and security experts hope Congress will rectify in future stimulus bills, particularly around election security. Read Here »   Zoom Adds Data Center Routing, Security Updates ZDNet Teleconferencing app Zoom announced Wednesday that it has implemented data center routing capabilities for account administrators -- a key step in the company's efforts to improve Zoom's security posture. With data center routing, admins can choose which data center region their account-hosted meetings and webinars use for real-time traffic. The feature is meant to allay fears that Zoom chats and encryption keys were being sent to Chinese servers, where the data could be hijacked by Chinese intelligence. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Nintendo Confirms 160,000 Nintendo Accounts Accessed in Hacking Attempts The Verge Nintendo is disabling the ability to log into a Nintendo Account through a Nintendo Network ID (NNID), after 160,000 accounts have been affected by hacking attempts. Nintendo says login IDs and passwords “obtained illegally by some means other than our service,” have been used since the beginning of April to gain access to the accounts. Nicknames, date of birth, country, and email addresses may have been accessed during the breach, and some accounts have experienced fraudulent purchases. Nintendo is now recommending that all users enable two-factor authentication. That’s something you should be using for all of your online accounts. Read Here »   Researchers: 30,000% Increase in Pandemic-Related Threats Bleeping Computer An increase of 30,000% in pandemic-related malicious attacks and malware was seen in March by security researchers at cloud security firm Zscaler when compared to the beginning of 2020 when the first threats started using COVID-19-related lures and themes. On any given day, Zscaler's cloud security products are processing more than 100 billion transactions from over 4,000 enterprise customers, with 400 of them being on Forbes' Global 2000 list of the world’s largest public companies. Read Here »   Where Does the US Rank in the Global Data Privacy Landscape? CPO Magazine As data regulations surge across the globe, our team formulated a Global Data Residency Regulation Report in which we analyzed 128 countries with specific laws around profile, finance, health, employee, and payment data. In our report, we found that amongst all the countries, the U.S. ranks in the middle –  below nations like India and South Korea. Read Here »   To Change Your Habits, First Change Your Routine Lifehacker A lot of us have had to put together new daily routines now that we’re working from home, parenting from home, working and parenting from home or simply... um... staying home. We’re also now at the point where parts of these new routines have started to become habits—which means it’s time to ask ourselves whether we’re happy with our new habits, or we need to do the work of creating a different kind of routine. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:       Krebs on Security: Unproven Coronavirus Therapy Proves Cash Cow for Shadow Pharmacies       Bleeping Computer: Phishing attacks target US Payroll Protection Program Loans       Bleeping Computer: Phishing uses lay-off Zoom meeting alerts to steal credentials       The Hacker News: Hackers Trick 3 British Private Equity Firms Into Sending Them $1.3 Million       ZDNet: SBA reveals potential data breach impacting 8,000 emergency business loan applicants       ZDNet: Ransomware is now the biggest online menace you need to worry about - here's why       cyberscoop: FBI enlists internet domain registries in fight against coronavirus scams       techradar: Beware - that email from HR might be a cyber scam       naked security: Patch now! Microsoft issues unexpected Office fix       SC Magazine: More CFOs feeling the heat with ransomware