SBS CyberSecurity - In The Wild 170

In The Wild - CyberSecurity Newsletter Welcome to the 170th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. FFIEC Releases New Cloud Computing Security Guidance SBS Educational Resources Do you ever find yourself thinking about cloud computing on a weekday afternoon, wondering if you have considered the appropriate risks? Do you worry that the contracts or vendor due diligence with the cloud vendors might not be enough? If only you had more comprehensive guidance that could point you in the right direction. Well, you are in luck! The Federal Financial Institutions Examination Council (FFIEC) issued a Joint Statement on April 30, 2020, titled “Security in a Cloud Computing Environment.” Read Here »   Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware Krebs on Security Fresenius, Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues. Read Here »   Next Round of Zoom Updates Targets Consumer Security Computer Weekly Consumer users of Zoom’s free Basic service will get access to enhanced cyber security protections from Saturday, May 9, in a new update activating additional default safeguards across the platform. The upcoming changes will see passwords required by default for all Zoom sessions, including new and previously scheduled sessions, and for those using personal meeting IDs, or PMIs. Also, Waiting Rooms for users with PMIs will now be switched on by default, and screen-sharing privileges will be made Host Only be default. Read Here »   2020 NIST Ransomware Recovery Guide: What You Need to Know Infosec Institute Over the past decade, a destructive piece of malware has grown from a novel concept into a digital epidemic. Now ransomware is causing a serious impact on organizations’ assets. The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) introduced a project to help organizations to detect and respond effectively to data integrity attacks across multiple industries. This project includes a wide range of design rules and technologies to develop a best fit solution that can help the market fight this emergent threat. Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » Hacker Group Tried to Hijack 900,000 WordPress Sites Last Week ZDNet A hacker group has attempted to hijack nearly one million WordPress sites in the last seven days, according to a security alert issued today by cyber-security firm Wordfence. The company says that since April 28, this particular hacker group has engaged in a hacking campaign of massive proportions that caused a 30x uptick in the volume of attack traffic Wordfence has been tracking. Read Here »   Sodinokibi Ransomware Can Now Encrypt Open and Locked Files Bleeping Computer The Sodinokibi (REvil) ransomware has added a new feature that allows it to encrypt more of a victim’s files, even those that are opened and locked by another process. Some applications, such as database or mail servers, will lock files that they have open so that other programs cannot modify them. These file locks prevent the data from being corrupted by two processes writing to a file at the same time. When a file is locked, this also prevents ransomware applications from encrypting them without first shutting down the process that locked the file. Read Here »   Half of Businesses Have Had Remote Working Security Scares TechRepublic Nearly half of businesses have encountered a cybersecurity scare as a result of the rapid shift to remote working, new research suggests. A study of 1,000 businesses by IT security firm Barracuda Networks discovered that 46% had experienced at least one security incident since the start of the COVID-19 lockdown, with more than half (51%) recording an increase in the number of email phishing attacks. Read Here »   68 Bits of Unsolicited Advice The Technium It’s my birthday. I’m 68. I feel like pulling up a rocking chair and dispensing advice to the young ‘uns. Here are 68 pithy bits of unsolicited advice which I offer as my birthday present to all of you. [Jon: this is one of the best and most important lists of great advice for navigating life I’ve ready in a while. Great read!] Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:       Krebs on Security: Meant to Combat ID Theft, Unemployment Benefits Letter Prompts ID Theft Worries       Bleeping Computer: Hacker group floods dark web with data stolen from 11 companies       Bleeping Computer: North Korean hackers infect real 2FA app to compromise Macs       Bleeping Computer: Black Hat and DEF CON security conferences go virtual due to pandemic       The Hacker News: Warning: Citrix ShareFile Flaw Could Let Attackers Steal Corporate Secrets       The Hacker News: DigitalOcean Data Leak Incident Exposed Some of Its Customers Data       ZDNet: Cognizant expects to lose between $50m and $70m following ransomware attack       ZDNet: Logistics giant Toll Group hit by ransomware for the second time in three months       ZDNet: Samsung patches 0-click vulnerability impacting all smartphones sold since 2014       TechRepublic: How to combat cyberattacks that exploit Microsoft’s Remote Desktop Protocol