Top Stories for this Week

VMware Releases Global Incident Response Threat Report Detailing Surge In Sophisticated Cyberattacks As ECrime Groups Grow More Powerful

New Known Breaches in the Past Week

Dickey’s BBQ data breach compromises millions of credit card records

More than 100 Dickey’s Barbeque Restaurants across the U.S. were involved in a data breach that spanned more than a year. KrebsOnSecurity reported that one of the dark web’s most popular stores for selling stolen credit card information was offering card numbers belonging to customers of Dickey’s Barbeque Restaurants. By Sarah D. Young | October 16, 2020

Data breaches hit thousands of K-12 students, federal watchdog reports

Thousands of K-12 students were affected by 99 reported data breaches in the United States over the last four years, according to a Government Accountability Office analysis published this week. By Nicole Gaudiano | October 16, 2020

U-M says health of 1,000 patients may have been exposed in data breach

Michigan Medicine says it is notifying 1,062 patients about an email that may have exposed their email addresses and health information to others. By WWJ NEWSRADIO 950 | October 17, 2020

Broadvoice Leak Exposes 350M Records, Personal Voicemail Transcripts

Broadvoice, a well-known VoIP provider that serves small- and medium-sized businesses, has leaked more than 350 million customer records related to the company’s “b-hive” cloud-based communications suite. By Tara Seals | October 15, 2020

Barnes & Noble confirms cyberattack, suspected customer data breach

Barnes & Noble has confirmed a cyberattack impacting Nook services and potentially exposing customer data. By Charlie Osborne | October 15, 2020

General Cybersecurity News

The Importance of Teaching Kids About Cybersecurity and Privacy

Educational institutions have switched to online learning as well to combat the ongoing pandemic. With an unprecedented amount of reliance on smart devices and online applications from people of all ages, basic cyber awareness is now more important than ever. By Zoho | Oct 15, 2020

Most cybersecurity pros believe automation will make their jobs easier

Despite 88% of cybersecurity professionals believing automation will make their jobs easier, younger staffers are more concerned that the technology will replace their roles than their veteran counterparts. By Help Net Security | October 19, 2020

Cybersecurity Awareness Month: Advice from five experts

Halfway through Cybersecurity Awareness Month, private and public sector organizations worldwide are thumbing through suggestions from experts for the annual observation, trying either to get some energy into tired training or getting ideas for their first efforts. By Howard Solomon | October 16, 2020

3 cybersecurity best practices to reduce risk online

There are three important factors to be vigilant in protecting yourself in cyberspace, which is: the use of a password manager and multifactor authentication, identifying phishing attacks and changing default passwords. These three actions can help reduce and mitigate risk in cyberspace. By Justin Arias | October 21, 2020

Research reveals automation key to future of cybersecurity but younger generations fear jobs being replaced by tech

Despite 88% of cybersecurity professionals believing automation will make their jobs easier, younger staffers are more concerned that the technology will replace their roles than their veteran counterparts, according to new research by Exabeam. By PCR Online.biz | October 19, 2020

CISA Lays Out Plan for Enhancing Cybersecurity

The Cybersecurity and Infrastructure Security Agency is focusing on improving data sharing and dashboards in the next fiscal year. By Phil Goldstein | October 20, 2020

Small Business Cybersecurity Concerns

Protect Your Files: 3 Simple Tips for Small BusinessesProtect Your Files: 3 Simple Tips for Small Businesses

File protection has become a top priority for small companies. While most newsworthy stories centre on data breaches at big companies like Adobe, eBay, and LinkedIn, smaller organizations are definitely not immune to the activities of cyber criminals. By Itai Elizur | Oct 15, 2020

Cybercriminals can put you out of business in a heartbeat

It is estimated that cybercrime damages will cost $6 trillion globally by 2021 and ransomware damage costs are predicted to be 57 times higher in 2021, reaching $20 billion compared to 2015, according to Nadicent. By Bill Bittar | October 19, 2020

Cyber Insurance News

US cyber insurance market at exciting crossroad

In this evolving environment, which has been complicated by the COVID-19 pandemic, the US cyber insurance marketplace is still enjoying significant growth. By Bethan Moorcraft | October 16, 2020

U.S. Treasury Warns Cyber Liability Insurers Against Paying Ransomware Demands  

The U.S. Treasury Department is warning that individuals or businesses that help facilitate ransomware payments may be violating anti-money laundering and sanctions regulations. By Andrew G. Simpson | October 19, 2020

Watch Out For These Scary Insurance Scams

This Halloween, you’re likely to encounter vampires, zombies and ghouls. But don’t worry about them—they just want a candy bar. What you really need to be on the lookout for are hackers, scammers, bandit tow truck drivers and other fraudsters looking to separate you from your hard earned money. By Jason Metz | October 20, 2020

Survey Finds 78% of Risk Managers Now Buying Cyber Insurance 

The tenth year of the Zurich North America and Advisen Cyber Survey reveals that 78% of risk managers now purchase some level of cyber insurance — compared to only 34% in 2011. By Insurance Journal | October 20, 2020

MSP News

Managed it service providers market increased international trade opening new opportunities 2021

The global market for managed IT services reached $149.1 billion in 2016. This market is estimated to reach $256.5 billion in 2021 from $166.7 billion in 2017 at a compound annual growth rate (CAGR) of 11.5% for 2017-2021. By Euro Wire | October 19, 2020

CVE Announcements This Week

Microsoft issues two emergency Windows patches 

Microsoft has rushed out fixes for two security vulnerabilities affecting Microsoft Windows Codecs Library and Visual Studio Code. The security flaws are classified as Remote Code Execution (RCE) vulnerabilities and if successfully exploited could allow threat actors to take over an affected system entirely. By Amer Owaida | October 19, 2020

Government Spooks Urge Firms to Patch SharePoint Bug

Government experts are warning SharePoint customers to urgently patch a remote code execution (RCE) vulnerability fixed by Microsoft last week. By Phil Muncaster | October 19, 2020

GravityRAT malware also targets Android and macOS

Researchers from Kaspersky Lab have spotted new variants of the GravityRAT malware that now can be also used to infect Android and macOS devices. By Pierluigi Paganini | October 19, 2020

NSA publishes list of top vulnerabilities currently targeted by Chinese hackers

The US National Security Agency has published today an in-depth report detailing the top 25 vulnerabilities that are currently being consistently scanned, targeted, and exploited by Chinese state-sponsored hacking groups. By Catalin Cimpanu | October 20, 2020

New Critical Patches for October 2020

So far in 2020, 11 zero-day attacks have been seen in the wild and the vendors have released patches for them. Those CVEs are:

• • Firefox (CVE-2019-17026)
  • Internet Explorer (CVE-2020-0674)
  • Chrome (CVE-2020-6418)
  • Trend Micro OfficeScan (CVE-2020-8467 & CVE-2020-8468)
  • Firefox (CVE-2020-6819 & CVE-2020-6820)
  • Google Tag (CVE-2020-0983, CVE-2020-1020 & CVE-2020-1027)
  • Sophos XG Firewall (CVE-2020-12271)

Regulations, Frameworks, and Controls

Critical National Infrastructure Cyber Security Market Bigger Than Expected

The ‘Critical National Infrastructure Cyber Security market’ research report added by Report Ocean, is an in-depth analysis of the latest developments, market size, status, upcoming technologies, industry drivers, challenges, regulatory policies, with key company profiles and strategies of players. By iCrowd Newswire | Oct 21, 2020