Now More Than Ever, the Cybersecurity Community Needs to Be Vigilant
Dealing with a new wave of cyberthreats and risks during a global health crisis presents complex challenges. The number of employees working in remote environments using unfamiliar technologies and networks has grown exponentially in recent weeks as a side effect of the COVID-19 pandemic. And attackers are actively targeting and exploiting these new vulnerabilities to inflict damage on people, businesses, organizations, and nations. Recent headlines illustrate a sudden increase of cyber-attacks and new risks across the globe:
REUTERS –Elite Hackers Target WHO as Coronavirus Cyberattacks Spike
“There has been a big increase in targeting of the WHO and other cybersecurity incidents. There are no hard numbers,but such compromise attempts against us and the use of (WHO) impersonations to target others have more than doubled.” WHO Chief Information- Security Officer Flavio Aggio
TECHCRUNCH – Microsoft Says Hackers are Attacking Windows Users with a New Unpatched Bug
Microsoft says attackers are exploiting a previously undisclosed security vulnerability found in all supported versions of Windows, including Windows 10.
FBI- Kwampirs Malware Targets Healthcare Sector
The FBI has released a private industry notification for the Kwampirs malware. Kwampirs, also known as “Orangeworm,” has been used to target different industries in the past, and according to this latest update, is now also being used to target the healthcare sector. Likely the work of nation state linked attackers, Kwampirs uses the software supply chain to spread.
US DEPT OF JUSTICE– Criminals Actively Exploiting COVID-19 To Commit Fraud And Theft
The FBI has issued a warning of an increase in COVID-19-related fraud schemes. The announcement urges people to be alert to phony messages from the Centers for Disease Control (CDC), phishing emails and offers of phony COVID-19 treatment.
SC MAGAZINE– Spyware Disguised as COVID-19 Tracker App Actually Keeps Track of Users
Hackers have weaponized a legitimate COVID-19 tracking map to deliver spyware. Known as SpyMax, the malware can exfiltrate logs for texts and phone calls, and allows the attackers to activate microphones and cameras.
In these unprecedented times, cyber attackers are ramping up their activities, leveraging the uncertainty brought on by the COVID-19 pandemic to find new points of entry and launch malicious attacks while defenses are low.
Organizations cannot afford to remain on the sidelines. SANS hands-on training and GIAC certifications are available across a broad spectrum of focus areas, including:
• Threat intelligence and Incident response
• Critical infrastructure security
Train & Certify with the World’s Best Instructors Improve your organization’s resiliency by building the technical skills required to defend your networks and systems.
In these unprecedented times, cyber attackers are ramping up their activities, leveraging the uncertainty brought on by the COVID-19 pandemic to find new points of entry and launch malicious attacks while defenses are low. SANS Online Training provides access to the same world-class training. Self-paced OnDemand courses or scheduled live-streamed sessions are now available to accommodate the learning needs of any student. Choose the best option for you:
SANS Live Online events provide a live in-person class remotely. These interactive streaming sessions are delivered directly from your course instructor in real-time on a variety of schedules and include recorded sessions that provide you with the flexibility to balance training alongside your other commitments.
The in-person SANS training experience – from anywhere.
On top of the above benefits, attending a Live Online class with SANS also comes with a wide range of additional benefits:
- Attend SANS@MIC talks which are scheduled to match up with Live Online training events.
- Enhance your skills with amazing free workshops, Capture The Flag (CTF) and NetWars tournaments.
- Network and interact with your peers through class-dedicated and event-shared Slack channels.
- Win coveted SANS Course Coins via Capstone Challenges or CTFs (for applicable courses).
SANS OnDemand training from SANS Institute gives you self-paced training, OnDemand 24/7, Completed in up-to 4-months. Employees take the SANS course at their pace; at home, on the job, or on deployment. More than 45 of SANS’ most popular courses are available via OnDemand, and all are taught by SANS top instructors. Explore the list of courses available via OnDemand and begin studying as quickly as you like.
GIAC certifications validate the knowledge and training of your team members, ensuring you have the critical skills available to combat any threat. For more information about GIAC certification visit: www.giac.org
Boldly address today’s threats with the most trusted cybersecurity training in the world!
• Register for an Online Course today at sans.org/online
• Get certified with a GIAC Certification today at giac.org
• Schedule a meeting with a SANS Training Advisor to architect the perfect roadmap for your organization at sans.org/cyber-security-workforce-development
*** This is a Security Bloggers Network syndicated blog from SANS Blog authored by SANS Blog. Read the original post at: http://feedproxy.google.com/~r/SANSForensics/~3/L7A9QYOs-wU/now-more-than-ever-the-cybersecurity-community-needs-to-be-vigilant
