Faith-Based Security Headlines
These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.
Volume 6, Issue 3
March-2024
Stories in this month’s newsletter include:
- Keeping Your WordPress Website Secure
This story includes security measures for the popular web content management system and common indicators that your WordPress site has been hacked.
- Considerations for the Use of Security Cameras
The benefits of security cameras and planning considerations for cameras are discussed in this story.
The newsletter also Spotlights the FB-ISAO Community Meeting (21 March at 12pm ET).
The newsletter also covers the FB-ISAO Advisory Board, current Threat Levels, how to join FB-ISAO, and upcoming FB-ISAO events.
The March 2024 Newsletter has been directly distributed to members and may be accessed here.
Want this newsletter delivered directly to your inbox each month? Membership in FB-ISAO is open to all Faith-Based Organizations including Houses of Worship, Charities, Faith-Based Schools and their affiliated organizations. Join FB-ISAO!
The 2024 Sophos Threat Report: Cybercrime on Main Street
Based on that data and Sophos threat research, we see that ransomware continues to have the greatest impact on smaller organizations. But other threats also pose an existential threat to small businesses:
- Data theft is the focus of most malware targeting small and medium businesses-password stealers, keyboard loggers, and other spyware made up nearly half of malware detections. Credential theft through phishing and malware can expose small businesses’ data on cloud platforms and service providers, and network breaches can be used to target their customers as well.
- Attackers have stepped up the use of web-based malware distribution-through malvertising or malicious search engine optimization (“SEO poisoning”)-to overcome difficulties created by the blocking of malicious macros in documents, in addition to using disk images to overwhelm malware detection tools.
- Unprotected devices connected to organizations’ networks-including unmanaged computers without security software installed, improperly configured computers and systems running software fallen out of support by manufacturers-are a primary point of entry for all types of cybercrime attacks on small businesses.
- Attackers have turned increasingly to abuse of drivers-either vulnerable drivers from legitimate companies or malicious drivers that have been signed with stolen or fraudulently obtained certificates-to evade and disable malware defenses on managed systems.
- Email attacks have begun to move away from simple social engineering toward more active engagement with targets over email, using a thread of emails and responses to make their lures more convincing.
- Attacks on mobile device users, including social engineering-based scams tied to the abuse of third-party services and social media platforms, have grown exponentially, affecting individuals and small businesses. These range from business email and cloud service compromise to pig butchering scams.
Analyst Comments:
Sophos reports on cyber threats to small and medium businesses. Many Faith-Based Organizations (FBO) can be thought of as small or medium businesses. As such, the information in the Sophos report can be useful to FBOs.
Also, FB-ISAO’s 06 October 2023 Daily Awareness Post contains many cybersecurity resources.
As always, Faith-Based ISAO’s website provides resources in the Resource Library, including information on Protecting Digital Assets.
Get the Daily Awareness Post Delivered to your Email!
More Faith-Based Stories
CA: Man arrested following pepper spray attack at Novato mosque during 1st night of Ramadan
Teen shot at birthday party outside Fort Worth church’s rented building
NYPD Searching for Assailant in Antisemitic Assault of a Child
NJ: Police ask for public’s help after vandalism at Montclair Unity Church
Nazi Symbol Discovered in Jewish Subdivision in Florida
White Supremacist, Tracked by COE, Arrested on Vandalism Charges in Missouri
North Texas church youth volunteer arrested, faces child sexual assault charges: records
Hackers Try to Take AI to Church
Orthodox Church says 3 monks killed in St. Mark monastery in armed attack in South Africa
Boy, 13, stabbed in horrifying Glasgow attack ‘moments after leaving mosque’
Lisbon city council warns of safety issues near mosques
Nigerian Islamic police arrest non-fasting Muslims during Ramadan
Select All-Hazards Stories
On popular online platforms, predatory groups coerce children into self-harm and There Are Dark Corners of the Internet. Then There’s 764.
Putin warns the West: Russia is ready for nuclear war
Haiti security mission in limbo as urgency grows
Four People Arrested Over Planned Terrorist Attack on Brussels’ La Botanique
Election officials’ homes ‘swatted’ as presidential race heats up
Vandalism with reported swastikas found inside high rise on Chicago’s North Side
Winter Storm Developing in the Central U.S. with Areas of Heavy Snow, Severe Thunderstorms, and Fire Weather National Weather Service
Chicago and Arizona report more measles cases
Mpox continues to spread in Africa and threatens global health security
What to Know About the Proposed TikTok Legislation
Driving fast or braking hard? Your connected car may be telling your insurance company
Malwarebytes: Ransomware review: March 2024
The 10 Most Common Website Security Attacks (and How to Protect Yourself)
More Security-focused Content
The FB-ISAO’s sponsor Gate 15 publishes a free daily newsletter called the SUN. Curated from their open source intelligence collection process, the SUN informs leaders and analysts with the critical news of the day and provides a holistic look at the current global, all-hazards threat environment. Ahead of the daily news cycle, the SUN allows current situational awareness into the topics that will impact your organization. To sign-up for The SUN, please sign up below.
