SBS CyberSecurity - In The Wild 185

 

 

In The Wild - CyberSecurity Newsletter Welcome to the 185th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           [VIRTUAL CONFERENCE] CyberRiskNOW: ISO Edition SBS Educational Resources Wednesday, August 26, 2020 – 8:30AM – 4:00PM Central: This virtual conference is designed to provide interactive training on evolving cybersecurity threats and the responsibilities that an Information Security Officer (ISO or CISO) has to ensure the security of the organization, customer information, and people.  CyberRiskNOW: ISO Edition will cover the numerous operational and tactical responsibilities of an ISO, including IT Risk Assessment, Vendor Management, Business Impact Analysis/Business Continuity Management, Security Awareness, IT Audit oversight/remediation, and more. Read Here »     FBI, CISA Echo Warnings on ‘Vishing’ Threat Krebs on Security The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “vishing” attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic. Read Here »   How the shift to remote working has impacted cybersecurity TechRepublic Cybercriminals have adapted by exploiting improperly secured VPNs, cloud-based services, and business email, says Malwarebytes. Triggered by the coronavirus lockdown, the abrupt transition to a work from home (WFH) venue forced organizations to scramble to support a larger remote workforce. Such a quick shift means that certain security measures and requirements inevitably fell by the wayside. At the same time, cybercriminals found a new opportunity for attack with remote workers and improperly secured connections and technologies. Together, these trends have created a more vulnerable environment affecting the cybersecurity defenses of many organizations. Read Here »   How to think about cybersecurity in the era of COVID-19 MIT Management Sloan School Cybersecurity is more important than ever during the COVID-19 pandemic. Experts lay out new threats and detail ways you should address them. Cyber incidents are consistently ranked at the top of business concerns, and it’s easy to see why: According to one estimate, the global cost of cybercrime will rise to $6 trillion a year by the end of 2021. And this was before the COVID-19 pandemic disrupted businesses worldwide and offered new opportunities for hackers and bad actors. Read Here »     Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »   10 cybersecurity myths you need to stop believing USATODAY On the Dark Web, you can purchase cybercrime “how-to kits” that gather lists of breached names, account numbers, passwords, and even telephone support lines for the victims to call. It’s not difficult to get on the Dark Web. On the Dark Web, you can purchase cybercrime “how-to kits” that gather lists of breached names, account numbers, passwords, and even telephone support lines for the victims to call. It’s not difficult to get on the Dark Web. Read Here »   University of Utah pays $457,000 to ransomware gang ZDNet University officials restored from backups, but they had to pay the ransomware gang to prevent them from leaking student data. The incident is the latest in a long string of ransomware attacks where criminal groups steal sensitive files from the hacked companies before encrypting their files; and in case victims refuse to pay, threaten to release the stolen documents as a second extortion scheme. Read Here »   The Week in Ransomware - August 21st 2020 - Ransomware Ahoy! Bleeping Computer While it wasn't a big week for new ransomware variants, we did learn about some ransomware attacks against very large organizations. Read Here »   Grit: A Complete Guide on Being Mentally Tough James Clear Let's define grit. Grit is the perseverance and passion to achieve long–term goals. Sometimes you will hear grit referred to as mental toughness. Angela Duckworth, a researcher at the University of Pennsylvania, suggests that grit is a strong predictor of success and ability to reach one's goals. Read Here » 10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      Krebs on Security: Voice Phishers Targeting Corporate VPNs      Krebs on Security: Microsoft Put Off Fixing Zero Day for 2 Years      Bleeping Computer: DarkSide: New targeted ransomware demands million dollar ransoms      Bleeping Computer: US financial regulator warns of phishing sites impersonating brokers      The Hacker News: Former Uber Security Chief Charged Over Covering Up 2016 Data Breach      The Hacker News: Hackers Target Defense Contractors' Employees By Posing as Recruiters      CPO Magazine: Over a Billion Android Phones Turned Into Perfect Spying Tools by Security Flaws      Cybersecurity Lawyer Forum: The Blackbaud Breach – Focus on Vendors      ZDNet: Instacart discloses security incident caused by two contractors      Bank Info Security: Ransomware Payday: Average Payments Jump to $178,000