SBS CyberSecurity - In The Wild 185

 

SBS Newsletter header

 

 

In The Wild - CyberSecurity Newsletter

Welcome to the 185th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions.

Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy.

Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!

         

[VIRTUAL CONFERENCE] CyberRiskNOW: ISO Edition

SBS Educational Resources

Wednesday, August 26, 2020 – 8:30AM – 4:00PM Central: This virtual conference is designed to provide interactive training on evolving cybersecurity threats and the responsibilities that an Information Security Officer (ISO or CISO) has to ensure the security of the organization, customer information, and people.  CyberRiskNOW: ISO Edition will cover the numerous operational and tactical responsibilities of an ISO, including IT Risk Assessment, Vendor Management, Business Impact Analysis/Business Continuity Management, Security Awareness, IT Audit oversight/remediation, and more.

Read Here »  

 

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Krebs on Security

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “vishing” attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic.

Read Here »  

A picture containing drawing

Description automatically generated

How the shift to remote working has impacted cybersecurity

TechRepublic

Cybercriminals have adapted by exploiting improperly secured VPNs, cloud-based services, and business email, says Malwarebytes. Triggered by the coronavirus lockdown, the abrupt transition to a work from home (WFH) venue forced organizations to scramble to support a larger remote workforce. Such a quick shift means that certain security measures and requirements inevitably fell by the wayside. At the same time, cybercriminals found a new opportunity for attack with remote workers and improperly secured connections and technologies. Together, these trends have created a more vulnerable environment affecting the cybersecurity defenses of many organizations.

Read Here »  

How to think about cybersecurity in the era of COVID-19

MIT Management Sloan School

Cybersecurity is more important than ever during the COVID-19 pandemic. Experts lay out new threats and detail ways you should address them. Cyber incidents are consistently ranked at the top of business concerns, and it’s easy to see why: According to one estimate, the global cost of cybercrime will rise to $6 trillion a year by the end of 2021. And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors.

Read Here »  

 

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

 

A picture containing drawing

Description automatically generated

10 cybersecurity myths you need to stop believing

USATODAY

On the Dark Web, you can purchase cybercrime “how-to kits” that gather lists of breached names, account numbers, passwords, and even telephone support lines for the victims to call. It’s not difficult to get on the Dark Web. On the Dark Web, you can purchase cybercrime “how-to kits” that gather lists of breached names, account numbers, passwords, and even telephone support lines for the victims to call. It’s not difficult to get on the Dark Web.

Read Here »  

University of Utah pays $457,000 to ransomware gang

ZDNet

University officials restored from backups, but they had to pay the ransomware gang to prevent them from leaking student data. The incident is the latest in a long string of ransomware attacks where criminal groups steal sensitive files from the hacked companies before encrypting their files; and in case victims refuse to pay, threaten to release the stolen documents as a second extortion scheme.

Read Here »  

The Week in Ransomware - August 21st 2020 - Ransomware Ahoy!

Bleeping Computer

While it wasn't a big week for new ransomware variants, we did learn about some ransomware attacks against very large organizations.

Read Here »  

Grit: A Complete Guide on Being Mentally Tough

James Clear

Let's define grit. Grit is the perseverance and passion to achieve long–term goals. Sometimes you will hear grit referred to as mental toughness. Angela Duckworth, a researcher at the University of Pennsylvania, suggests that grit is a strong predictor of success and ability to reach one's goals.

Read Here »

10 Other Interesting Links From This Week

There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:

*     Krebs on Security: Voice Phishers Targeting Corporate VPNs

*     Krebs on Security: Microsoft Put Off Fixing Zero Day for 2 Years

*     Bleeping Computer: DarkSide: New targeted ransomware demands million dollar ransoms

*     Bleeping Computer: US financial regulator warns of phishing sites impersonating brokers

*     The Hacker News: Former Uber Security Chief Charged Over Covering Up 2016 Data Breach

*     The Hacker News: Hackers Target Defense Contractors' Employees By Posing as Recruiters

*     CPO Magazine: Over a Billion Android Phones Turned Into Perfect Spying Tools by Security Flaws

*     Cybersecurity Lawyer Forum: The Blackbaud Breach – Focus on Vendors

*     ZDNet: Instacart discloses security incident caused by two contractors

*     Bank Info Security: Ransomware Payday: Average Payments Jump to $178,000

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"