SBS CyberSecurity - In The Wild 172

In The Wild - CyberSecurity Newsletter Welcome to the 172nd issue of In The Wild, SBS’ weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. [VIRTUAL CONFERENCE] CyberRiskNOW - Incident Response Edition SBS Educational Resources This virtual conference is designed to provide interactive training on evolving cybersecurity threats and how your organization can build a strong Incident Response Plan that helps protect against these threats. CyberRiskNOW: Incident Response Edition will identify components of a comprehensive Incident Response Plan that enables your organization to identify, protect, detect, respond to, and recover from today’s modern cyber attacks, as well as minimize your risk from these real-world threats. This seminar will also walk you through the anatomy of a modern cyberattack, show you around the Dark Web and how cybercrime-as-a-service works, provide you with security suggestions for Office 365, and discuss how to implement the most impactful controls to mitigate your cyber risk. Read Here »   This Service Helps Malware Authors Fix Flaws in their Code Krebs on Security Almost daily now there is news about flaws in commercial software that lead to computers getting hacked and seeded with malware. But the reality is most malicious software also has its share of security holes that open the door for security researchers or ne’er-do-wells to liberate or else seize control over already-hacked systems. Here’s a look at one long-lived malware vulnerability testing service that is used and run by some of the Dark Web’s top cybercriminals. Read Here »   Silent Night Banking Trojan Charges Top Dollar on the Underground threatpost A descendant of the infamous Zeus banking trojan, dubbed Silent Night by the malware’s author, has emerged on the scene, with a host of functionalities available in a spendy malware-as-a-service (MaaS) model. Custom builds can run as much as $4,000 per month to use, which researchers say is now placing the code out of the range of any but large cybercriminal groups looking to mount mass campaigns. Silent Night is advertised with a host of features, according to a Thursday analysis from Malwarebytes. Read Here »   Hacked Zoom Installers Taking Over PCs - Protect Yourself Now Tom’s Guide Two more corrupted Zoom installers are out there waiting for people to download and run them, Trend Micro researchers reported today (May 21). “These malicious fake installers do not come from Zoom’s official installation distribution channels,” researchers Raphael Centeno and Llallum Victoria said in a blog post. “One of the samples installs a backdoor that allows malicious actors to run malicious routines remotely, while the other sample involves the installation of the Devil Shadow botnet in devices.” Read Here »   Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! » New Unc0ver Jailbreak Released, Works on All Recent iOS Versions ZDNet A team of hackers, security researchers, and reverse engineers have released today a new jailbreak package for iOS devices. Jailbreaks are a type of custom software that works by exploiting bugs in the iOS operating system in order to grant users root access and full control over their device. Earlier this week, the Unc0ver team released Unc0ver 5.0.0, the latest version of their jailbreaking software, which can root and unlock all iOS devices, even those running the most recent iOS release -- iOS v13.5. Read Here »   Ransomware Encrypts from Virtual Machines to Evade Antivirus Bleeping Computer Ragnar Locker is deploying Windows XP virtual machines to encrypt victim’s files while evading detecting from security software installed on the host. Ragnar Locker is a relatively new ransomware launched at the end of December 2019 that targets corporate networks in company-wide attacks. This ransomware is most known for its attack on energy giant Energias de Portugal (EDP), where the attackers asked for a $10.9 million ransom after claiming to have stolen 10 TB of unencrypted files. Read Here »   Microsoft Warns To Look Out for This Massive COVID-19 Excel Phishing Attack KnowBe4 Blog Microsoft this week warned about a massive phishing attack that started on May 12. The campaign sends emails that look like they are from the “Johns Hopkins Center,” and they have an Excel attachment that claims to be US deaths caused by the Coronavirus. If your user opens that infected “Excel doc”, the file downloads a macro and runs the NetSupport Manager Remote Admin Tool. When installed, it allows the bad guys to gain complete control over the infected machine and execute commands on it remotely. Read Here »   4 Habits of Highly Confident People Medium When most people think of the word confidence, they associate it with a lack of fear or self-doubt. They look on in wonder, for example, at that confident coworker who seems to just speak their mind without a care in the world for what other people think. And while it’s true that confident people often feel less anxious than the rest of us, there’s more to the story of highly confident people. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks’ worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:       Krebs on Security: Riding the State Unemployment Fraud ‘Wave’       Krebs on Security: Ukraine Nabs Suspect in 773M Password ‘Megabreach’       Bleeping Computer: ZLoader banking malware is back, deployed in over 100 campaigns       Bleeping Computer: Hackers tried to use Sophos Firewall zero-day to deploy Ransomware       Bleeping Computer: eBay port scans visitors’ computers for remote access programs       The Hacker News: New DNS Vulnerability Lets Attackers Launch Large-Scale DDoS Attacks       The Hacker News: New Bluetooth Vulnerability Exposes Billions of Devices to Hackers       Tech Radar: Beware calls from unknown numbers – Security flaw in Signal has placed millions of iOS and Android users at risk       BankInfoSecurity: Hacked Law Firm May Have Had Unpatched Pulse Secure VPN       threatpost: NSO Group Impersonates Facebook Security Team to Spread Spyware — Report