SBS CyberSecurity - In The Wild 174

 

In The Wild - CyberSecurity Newsletter Welcome to the 174th issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the Internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. [BLOG] Six Controls to Dramatically Reduce Cyber Risk of Incidents SBS Educational Resources This article comes from a Digital Forensics and Incident Response (DFIR) thread conversation during SBS CyberSecurity's recent CyberRiskNow Virtual Conference event on April 15, 2020. Two questions were asked during the conference: "What is your single biggest suggestion for everyone to better prepare for a cybersecurity issue/incident?" and "What's your stance on traditional A/V vs. next-gen, behavioral-based A/V like Cylance or Carbon Black?" Those two questions sparked a conversation about controls that we've seen over the last three years of being an active participant in many organizations' incident response activities to live hacking incidents. Read Here »     REvil Ransomware Gang Starts Auctioning Victim Data Krebs on Security The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. The move marks an escalation in tactics aimed at coercing victims to pay up — and publicly shaming those who don't. But it may also signal that ransomware purveyors are searching for new ways to profit from their crimes as victim businesses struggle just to keep the lights on during the unprecedented economic slowdown caused by the COVID-19 pandemic. Read Here »   Remote Working and Geography Reveal Gulfs in Safe Data Practices CPO Magazine As workers the world over begin adjusting to remote working, a whole host of security risks loom behind the scenes. This is evidenced by a new report published by email security firm Tessian, which reveals that nearly half of employees are less likely to follow safe data practices when working from home, and that US workers tend to more nonchalant about their data security than their counterparts in the UK. Read Here »   DOD Officials, Cybersecurity Accreditation Partners Struggle with the China Question Nextgov The Defense Department and the accreditation body charged with implementing its Cybersecurity Maturity Model Certification aren't clear on a plan to deal with contractors that have a significant portion of their supply chains based in China, according to a DOD official. The department launched the CMMC to ensure the contractors it buys goods and services from adhere to specific cybersecurity requirements that must be verified by an independent third-party auditor. As officials develop the program, they're tackling the hot-button issue of suppliers' country of origin. Read Here »     Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »   Google: Phishing Attacks Targeted Trump, Biden Campaigns BankInfoSecurity Separate state-sponsored phishing attacks unsuccessfully attempted to infiltrate the campaign offices of President Donald Trump and former Vice President Joe Biden, according to Google's Threat Analysis Group, which warned both candidates of the incidents and provided details to law enforcement officials. An advanced persistent threat group linked to the Chinese government attempted to phish Biden's presidential campaign staff, while an Iranian-backed hacking group targeted Trump's re-election offices, according to Google. Read Here »   US Aerospace Services Provider Breached by Maze Ransomware Bleeping Computer The Maze Ransomware gang breached and successfully encrypted the systems of VT San Antonio Aerospace, as well as stole and leaked unencrypted files from the company's compromised devices in April 2020. VT San Antonio Aerospace (VT SAA) is a leading North American aircraft MRO (maintenance, repair, and overhaul) service provider specialized in airframe maintenance repair and overhaul, line maintenance, aircraft modifications, and aircraft engineering services. Read Here »   Shift Your Cybersecurity Mindset to Maintain Cyber Resilience Security Intelligence As the business world navigates the ups and downs of today's economy, a mindset shift is required to maintain cyber resilience. Cybersecurity, often an afterthought in a strong economy, must not be neglected in responding to shifts in the business landscape. As more companies expand their remote workforce, the number of endpoints with access to corporate resources is proliferating. Hackers are seizing the opportunities this presents: Phishing email click rates have risen from around 5 percent to over 40 percent in recent months, according to Forbes. Read Here »   How To Get Your Most Important Work Done Today Medium Productivity is the art of doing what's most worth your time. That means in order to truly have a productive day, you need to get your most important work done. Here are a few things you can do to make that happen… Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:       Krebs on Security: Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion       Krebs on Security: Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service       Bleeping Computer: Fake ransomware decryptor double-encrypts desperate victims' files       Bleeping Computer: uBlock Origin for Chrome now blocks port scans on most sites       ZDNet: IBM releases toolkit aimed at keeping data encrypted even while in use       The Hacker News: New USBCulprit Espionage Tool Steals Data From Air-Gapped Computers       The Hacker News: Two Critical Flaws in Zoom Could've Let Attackers Hack Systems via Chat       Security Intelligence: How Zero Trust Will Change Your Security Design Approach       Computer Business Review: IT Services Giant Conduent Suffers Ransomware Attack, Data Breach       CPO Magazine: How to Monitor Employees While Respecting Data Privacy