SBS CyberSecurity - In The Wild 172

SBS Newsletter header
 



In The Wild - CyberSecurity Newsletter

Welcome to the 172nd issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.
Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!
         
Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

[VIRTUAL CONFERENCE] CyberRiskNOW - Incident Response Edition

SBS Educational Resources

This virtual conference is designed to provide interactive training on evolving cybersecurity threats and how your organization can build a strong Incident Response Plan that helps protect against these threats. CyberRiskNOW: Incident Response Edition will identify components of a comprehensive Incident Response Plan that enables your organization to identify, protect, detect, respond to, and recover from today’s modern cyber attacks, as well as minimize your risk from these real-world threats. This seminar will also walk you through the anatomy of a modern cyberattack, show you around the Dark Web and how cybercrime-as-a-service works, provide you with security suggestions for Office 365, and discuss how to implement the most impactful controls to mitigate your cyber risk.

cid:image007.jpg@01D5D46F.318DE9A0

This Service Helps Malware Authors Fix Flaws in their Code

Krebs on Security

Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals.

Silent Night Banking Trojan Charges Top Dollar on the Underground

threatpost

A descendant of the infamous Zeus banking trojan, dubbed Silent Night by the malware’s author, has emerged on the scene, with a host of functionalities available in a spendy malware-as-a-service (MaaS) model. Custom builds can run as much as $4,000 per month to use, which researchers say is now placing the code out of the range of any but large cybercriminal groups looking to mount mass campaigns. Silent Night is advertised with a host of features, according to a Thursday analysis from Malwarebytes.

Hacked Zoom Installers Taking Over PCs - Protect Yourself Now

Tom’s Guide

Two more corrupted Zoom installers are out there waiting for people to download and run them, Trend Micro researchers reported today (May 21). “These malicious fake installers do not come from Zoom’s official installation distribution channels,” researchers Raphael Centeno and Llallum Victoria said in a blog post. “One of the samples installs a backdoor that allows malicious actors to run malicious routines remotely, while the other sample involves the installation of the Devil Shadow botnet in devices.”

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

New Unc0ver Jailbreak Released, Works on All Recent iOS Versions

ZDNet

A team of hackers, security researchers, and reverse engineers have released today a new jailbreak package for iOS devices. Jailbreaks are a type of custom software that works by exploiting bugs in the iOS operating system in order to grant users root access and full control over their device. Earlier this week, the Unc0ver team released Unc0ver 5.0.0, the latest version of their jailbreaking software, which can root and unlock all iOS devices, even those running the most recent iOS release -- iOS v13.5.

Ransomware Encrypts from Virtual Machines to Evade Antivirus

Bleeping Computer

Ragnar Locker is deploying Windows XP virtual machines to encrypt victim’s files while evading detecting from security software installed on the host. Ragnar Locker is a relatively new ransomware launched at the end of December 2019 that targets corporate networks in company-wide attacks. This ransomware is most known for its attack on energy giant Energias de Portugal (EDP), where the attackers asked for a $10.9 million ransom after claiming to have stolen 10 TB of unencrypted files.

Microsoft Warns To Look Out for This Massive COVID-19 Excel Phishing Attack

KnowBe4 Blog

Microsoft this week warned about a massive phishing attack that started on May 12. The campaign sends emails that look like they are from the “Johns Hopkins Center,” and they have an Excel attachment that claims to be US deaths caused by the Coronavirus. If your user opens that infected “Excel doc”, the file downloads a macro and runs the NetSupport Manager Remote Admin Tool. When installed, it allows the bad guys to gain complete control over the infected machine and execute commands on it remotely.

4 Habits of Highly Confident People

Medium

When most people think of the word confidence, they associate it with a lack of fear or self-doubt. They look on in wonder, for example, at that confident coworker who seems to just speak their mind without a care in the world for what other people think. And while it’s true that confident people often feel less anxious than the rest of us, there’s more to the story of highly confident people.

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"