SBS CyberSecurity - In The Wild 196

 

In The Wild - CyberSecurity Newsletter Welcome to the 196th  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!           {THREAT ADVISORY} BUSINESS EMAIL COMPROMISE SBS Educational Resources We are in the middle of business email compromise (BEC) season and there is a new tactic that is currently running rampant. Read Here »

	Why Paying to Delete Stolen Data is Bonkers Krebs on Security Companies hit by ransomware often face a dual threat: Even if they avoid paying the ransom and can restore things from scratch, about half the time the attackers also threaten to release sensitive stolen data unless the victim pays for a promise to have the data deleted. Read Here »
	Think 3,2,1 to Protect Your Business Against Ransomware CPO Magazine The war on ransomware is real. In the past few years, this form of attack has become a valid threat to businesses. We have seen huge attacks that have rendered multinational organizations, even governments, vulnerable and unable to continue mission-critical operations. Read Here »
	Don’t Torpedo Your Data Security Program: 5 Best Practices to Consider Security Intelligence If you are like most security leaders responsible for protecting your company’s crown jewels, you’ve certainly asked: Can malicious insiders access my organization’s sensitive and mission-critical data?. Read Here »

Do you know which SBS Institute Certification Programs are coming up? Check out the Certification Calendar and share with your clients. Find Out Here! »

	These software bugs are years old. But businesses still aren't patching them ZDNet Many organizations still haven't applied security patches issued years ago, putting them at risk from common cyberattacks. Read Here »
	50% of Ransomware Attacks Lead to Data Exfiltration; Payments Hit $234K HealthITSecurity Ransom demands rose 31 percent from Q2 to Q3 2020, with an average of $234,000, while hackers threaten victims with extortion using exfiltrated data in nearly 50 percent of ransomware attacks. Read Here »
	How Ryuk Ransomware operators made $34 million from one victim BleepingComputer One hacker group that is targeting high-revenue companies with Ryuk ransomware received $34 million from one victim in exchange for the decryption key that unlocked their computers. Read Here »
	According to Bill Gates, Asking These 2 Questions Will Make You a Better Leader Inc. Leading a business is hard. Leading anything, for that matter, is especially complicated right now. Read Here »
	10 Other Interesting Links From This Week There were too many fantastic reads from this past weeks' worth of cybersecurity and technology news, so here are a few additional quick-hit links for your reading pleasure:      Krebs on Security: Two Charged in SIM Swapping, Vishing Scams      CNBC: Cybersecurity threats to corporate America are present now ‘more than ever,’ SEC chair says      Cybersecurity Lawyer Forum: What Businesses Need to Know About the New California Privacy Rights Act of 2020      ZDNet: Hackers are exploiting unpatched VoIP flaws to compromise business accounts      ZDNet: As Maze retires, clients turn to Sekhmet ransomware spin-off Egregor      BleepingComputer: Blackbaud sued in 23 class action lawsuits after ransomware attack      BleepingComputer: The Week in Ransomware - November 6th 2020 - Video Games and Liquor!      HealthITSecurity: Army National Guard Deployed to UVM to Assist Ransomware Recovery      LAW.COM: Common Law Negligence and Ransomware Attacks: An Old Tool for a New Job      DARKReading: Online Users Feel Safe, But Risky Behavior Abounds