SBS CyberSecurity - In The Wild 170

SBS Newsletter header
 

In The Wild - CyberSecurity Newsletter

Welcome to the 170th issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.
Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!
         
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

FFIEC Releases New Cloud Computing Security Guidance

SBS Educational Resources

Do you ever find yourself thinking about cloud computing on a weekday afternoon, wondering if you have considered the appropriate risks? Do you worry that the contracts or vendor due diligence with the cloud vendors might not be enough? If only you had more comprehensive guidance that could point you in the right direction. Well, you are in luck! The Federal Financial Institutions Examination Council (FFIEC) issued a Joint Statement on April 30, 2020, titled “Security in a Cloud Computing Environment.”

cid:image007.jpg@01D5D46F.318DE9A0

Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware

Krebs on Security

Fresenius, Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems. The company said the incident has limited some of its operations, but that patient care continues.

Next Round of Zoom Updates Targets Consumer Security

Computer Weekly

Consumer users of Zoom’s free Basic service will get access to enhanced cyber security protections from Saturday, May 9, in a new update activating additional default safeguards across the platform. The upcoming changes will see passwords required by default for all Zoom sessions, including new and previously scheduled sessions, and for those using personal meeting IDs, or PMIs. Also, Waiting Rooms for users with PMIs will now be switched on by default, and screen-sharing privileges will be made Host Only be default.

2020 NIST Ransomware Recovery Guide: What You Need to Know

Infosec Institute

Over the past decade, a destructive piece of malware has grown from a novel concept into a digital epidemic. Now ransomware is causing a serious impact on organizations’ assets. The National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) introduced a project to help organizations to detect and respond effectively to data integrity attacks across multiple industries. This project includes a wide range of design rules and technologies to develop a best fit solution that can help the market fight this emergent threat.

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

Hacker Group Tried to Hijack 900,000 WordPress Sites Last Week

ZDNet

A hacker group has attempted to hijack nearly one million WordPress sites in the last seven days, according to a security alert issued today by cyber-security firm Wordfence. The company says that since April 28, this particular hacker group has engaged in a hacking campaign of massive proportions that caused a 30x uptick in the volume of attack traffic Wordfence has been tracking.

Sodinokibi Ransomware Can Now Encrypt Open and Locked Files

Bleeping Computer

The Sodinokibi (REvil) ransomware has added a new feature that allows it to encrypt more of a victim’s files, even those that are opened and locked by another process. Some applications, such as database or mail servers, will lock files that they have open so that other programs cannot modify them. These file locks prevent the data from being corrupted by two processes writing to a file at the same time. When a file is locked, this also prevents ransomware applications from encrypting them without first shutting down the process that locked the file.

Half of Businesses Have Had Remote Working Security Scares

TechRepublic

Nearly half of businesses have encountered a cybersecurity scare as a result of the rapid shift to remote working, new research suggests. A study of 1,000 businesses by IT security firm Barracuda Networks discovered that 46% had experienced at least one security incident since the start of the COVID-19 lockdown, with more than half (51%) recording an increase in the number of email phishing attacks.
Kevin Kelly (@kevin2kelly) | Twitter

68 Bits of Unsolicited Advice

The Technium

It’s my birthday. I’m 68. I feel like pulling up a rocking chair and dispensing advice to the young ‘uns. Here are 68 pithy bits of unsolicited advice which I offer as my birthday present to all of you. [Jon: this is one of the best and most important lists of great advice for navigating life I’ve ready in a while. Great read!]

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:


Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"