— The cybersecurity community during the COVID-19 emergency
Verizon Says Call Volume Soars as Stay-at-Home Becomes the Norm (Nasdaq) Being cooped up in the house because of the coronavirus pandemic is causing people to figuratively "reach out and touch someone." Verizon (NYSE: VZ) said last week that its wireless network was handling twice as many calls on weekdays as it generally sees on Mother's Day, typica
Do Coronavirus SOCs Look Like Zoom War Rooms? (SDxCentral) When a network breach or another cybersecurity incident occurs, enterprises typically rely on their on-site security operations centers (SOCs) to isolate and stop the threat. But what happens when the SOC analysts are working remotely because of, say, the global coronavirus pandemic?
Companies must gear up to combat rising cyber threats amid covid-19 (Livemint) Nearly 91% of cyber attacks start with an email..Phishing, which uses disguised email as the weapon, has emerged in the form of two broad categories
So bleiben Sie auch im Homeoffice sicher (Netzwoche) Aufgrund der Coronakrise haben viele Unternehmen ihre Mitarbeiter ins Homeoffice geschickt. Da dies schnell und ohne grosse Vorbereitungszeit passieren musste, wurde die IT-Security dabei oft vergessen. Wie man trotz Homeoffice sicher arbeiten kann, sagen ISG, PWC, Eset, G Data und das Nationale Zentrum für Cybersicherheit.
Coronavirus as a double-edged sword for cybercriminals: Desperation or opportunity? (Digital Shadows) Digital Shadows has observed threat actors operating on cybercriminal forums and marketplaces expressing their worries and a sense of desperation as to how the pandemic will affect their established business models. Some are urgently trying to adapt their offerings to survive in this vastly changed landscape.
COVID-19 Part 3: Data Tells the Story (PerimeterX) ATO attacks rise in fashion and home goods during pandemic.
Google Offers User Location Data to Health Officials Tackling Coronavirus (Wall Street Journal) Google will help public health officials use its vast storage of data to track people’s movements amid the coronavirus pandemic, in what the company called an effort to assist in “unprecedented times.”
Google to publish user location data to help govts tackle virus (France 24) Google to publish user location data to help govts tackle virus
Analysis | The Cybersecurity 202: Researchers praise Zoom’s quick pledge to fix a slew of security and privacy problems (Washington Post) The coronavirus crisis fueled the online meeting company's huge rise.
Zoom promises to resolve security and privacy issues in its video-conferencing service (Computing) The company says users are utilising the app in myriad unexpected ways
Everybody seems to be using Zoom. But its security flaws could leave users at risk. (Washington Post) Weddings, funerals, company layoffs, kindergarten classes and official government meetings have all been streamed through Zoom since the coronavirus contagion has shut down group gatherings. But the company’s dramatic growth has come with a crisis of its own: An uproar over security, privacy and harassment concerns.
Move Fast & Roll Your Own Crypto: A Quick Look at the Confidentiality of Zoom Meetings (The Citizen Lab) This report examines the encryption that protects meetings in Zoom and finds that they have made their own encryption scheme and has significant weaknesses.
Zoom's security and privacy problems are snowballing (Business Insider) In the past 48 hours, Zoom has been criticized for leaking emails and photos, not having genuine end-to-end encryption, and more.
()
About them Zoom vulns... (Security Boulevard) Today a couple vulnerabilities were announced in Zoom, the popular work-from-home conferencing app. Hackers can possibly exploit these to do evil things to you, such as steal your password. Because of the COVID-19, these vulns have hit the mainstream media.
Zoombombing: How hackers can take over your video calls (The Telegraph) Video conferencing apps like Zoom have seen increasing numbers of calls hijacked by strangers
‘War Dialing’ Tool Exposes Zoom’s Password Problems (KrebsOnSecurity) As the Coronavirus pandemic continues to force people to work from home, countless companies are now holding daily meetings using videoconferencing services from Zoom.
Automated tool can find 100 Zoom meeting IDs per hour (The Verge) The program can also glean information about those meetings.
Zoom's Security and Privacy Woes Violated GDPR, Expert Says (SecurityWeek) Security concerns revolve around the recent discovery of several vulnerabilities taken with the length of time it has taken Zoom to fix earlier vulnerabilities
A Cyber Approach to Coronavirus Containment (Global Security Mag Online) What lessons can be learned from reviewing how we manage cybersecurity and applying it to an anti-Coronavirus campaign? In recent years, some in the cyber world recognize that there is a lot to learn from the biological world when protecting systems against viruses.
Breach Clarity to waive fees for six months (Finextra Research) If a global pandemic and drastically weakened economy weren’t enough stress for financial consumers, an anticipated long tail of resulting financial crime has begun to emerge.
Israeli spyware firm pitches to be Covid-19 saviour (BBC News) A firm being sued by WhatsApp claims its software can help combat the spread of coronavirus.
Coronavirus: NSO Group attempting to woo west with COVID-19 tracking software (Sky News) According to a demonstration of the company's software seen by Sky News, data on citizens would only be held by the authorities.
()
()
Facebook launches fact-checking service on WhatsApp in Italy to fight coronavirus hoaxes (Reuters) Facebook Inc. launched a service in Italy to check the accuracy of information on coronavirus circulating on its messaging platform WhatsApp, the U.S. tech firm said on Thursday.
A message from Maryland Governor Larry Hogan to NSA, U.S. Cyber Comman (National Security Agency Central Security Service) Maryland Governor Larry Hogan addresses NSA, U.S. Cyber Command on the importance of their work during the COVID-19 global pandemic.
Cybersecurity Association of Maryland, Inc. Launches Cyber SWAT Team Hotline (Cyber Security Association of Maryland) Cybersecurity companies combine resources to assist Maryland businesses amidst COVID-19 crisis
()
()
WFH with kids in lockdown (CRN) Dell's Sarah Shields outlines five steps working parents can take to help their children during self-isolation
Cyber Attacks, Threats, and Vulnerabilities
Ransomware strikes 10x Genomics, biotech firm researching possible COVID-19 treatments (CyberScoop) Hackers struck, 10x Genomics, a California-based biotechnology company which makes tools that researchers are using to learn about the coronavirus.
Twitter botnet targeted Turkey while politicizing coronavirus (Medium) Network traces back to anti-Turkey operation originally identified last year
Iranian hackers target email accounts of WHO staff with spear-phishing messages amid coronavirus pandemic (Computing) The attacks began on 2nd March and are continuing
()
DarkHotel hackers exploited flaws in Firefox and IE in attacks on China, Japan (Cybersecurity Help) In the attacks the hackers downloaded the Gh0st RAT on victims' machines.
Italian social service website limping to normalcy after cyber-attack (SC Magazine) The INPS website was attacked while about 339,000 applications for the €600 benefits for VAT-registered and self-employed Italians were being processed
()
Twitter discloses bug that cached private files sent or received via DMs (ZDNet) Private files sent via DMs were cached inside Firefox browsers for as long as a week, even after users logged off.
()
LimeRAT malware is being spread through VelvetSweatshop Excel encryption technique (ZDNet) The old tactic is proving fruitful in a new campaign.
Attackers Leverage Excel File Encryption to Deliver Malware (Dark Reading) Technique involves saving malicious Excel file as read-only and tricking users into opening it, Mimecast says.
()
Over 35,500 coronavirus-related websites reported as scam (Atlas VPN) According to Atlas VPN research, cumulatively, scammers created over 35,500 unique websites related to COVID-19 in the last month. Here, they tried to swindle money by selling masks, hand-sanitizers, or even virus testing kits. Our data is projected based on Chad Anderson’s insights, who is a senior security researcher at DomainTools. Chad Anderson claims that …
44M Digital Wallet Items Exposed in Key Ring Cloud Misconfig (Threatpost) Millions of IDs, charge cards, loyalty cards, gift cards, medical marijuana ID cards and personal information was left exposed to the open internet.
Report: Popular Digital Wallet Exposes Millions to Risk in Huge Data Leak (vpnMentor) Led by Noam Rotem and Ran Locar, vpnMentor’s research team recently discovered a data leak by the popular app Key Ring, that compromised the privacy and
Researcher Finds New Class of Windows Vulnerabilities (SecurityWeek) A security researcher has discovered over 25 different potential vulnerabilities in Windows, including some that could lead to elevation of privileges
Firefox, IE Vulnerabilities Exploited in Attacks on China, Japan (SecurityWeek) Vulnerabilities patched earlier this year in Firefox and Internet Explorer have been exploited by an APT in attacks aimed at China and Japan
Coronavirus Trojan Overwriting the MBR (Security News) SonicWall Capture Labs Threat Research team recently found a new malware taking advantage of the CoViD19 pandemic which makes disks unusable by overwriting the MBR.
BEC scams evolve from ‘Nigerian Prince’ to sophisticated malware (SC Magazine) Nigeria continues to be a hotspot for this particular threat (BEC scams), with SilverTerrier growing into a sophisticated threat group
MakeFrame: Magecart Group 7’s Latest Skimmer Has Claimed 19 Victim Sites (RiskIQ) At RiskIQ, we track many different Magecart groups. We continually observe evolutions in the techniques they employ to skim card data and obfuscate the code that they use for that purpose.
B&R Automation Studio (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.5
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: B&R Automation
Equipment: Automation Studio
Vulnerabilities: Improper Privilege Management, Missing Required Cryptographic Step, Path Traversal
2.
Key Ring App Data Leak Exposes 44 Million Images (Infosecurity Magazine) Researchers find user data of 14 million Key Ring app users on five unsecured Amazon Buckets
'Alcohol is soooo good': Trolls are breaking into AA meetings held on Zoom video calls and harassing recovering alcoholics (Business Insider) "Alcohol is soooo good," an intruder said to recovering alcoholics during a Tuesday AA meeting on Zoom.
IRS warns of coronavirus-related scams targeting financial information (TheHill) The Internal Revenue Service (IRS) on Thursday warned Americans that scammers and hackers were likely to take advantage of the coronavirus crisis to target financial information.
()
London Hit by Quarantine Text Scam (Infosecurity Magazine) Richmond residents warned over fraudulent quarantine fine notification texts
Security Patches, Mitigations, and Software Updates
Zoom Rushes Patches for Zero-Day Vulnerabilities (BankInfo Security) The day after security researcher Patrick Wardle disclosed two zero-day vulnerabilities in the macOS client version of Zoom's teleconferencing platform, the company
Twitter Data Cache on Mozilla Firefox (Twitter) We recently learned that the way Mozilla Firefox stores cached data may have resulted in non-public information being inadvertently stored in the browser's cache.
Google Squashes High-Severity Flaws in Chrome Browser (Threatpost) Google is rolling out the newest Chrome browser version, 80.0.3987.162, in the coming days.
Cyber Trends
An Interview with Bruce Schneier, Renowned Security Technologist (The Politic) Bruce Schneier is an internationally renowned, award-winning public-interest technologist who serves as Chief of Security Architecture at Inrupt, a company working to bring Sir Tim Berners-Lee’s distributed data ownership model into the mainstream. Mr. Schneier is a fellow at the Berkman Klein Center for Internet & Society at Harvard University; a Lecturer in Public Policy at the Harvard…
Marketplace
Security resellers should look to the long-term risk management pitch (MicroscopeUK) Coronavirus might have sparked spending around securing remote workers, but longer term there are more strategic conversations to be had around risk management.
Voatz disputes claims it was 'kicked off' HackerOne (SearchSecurity) HackerOne, providers of a bug bounty platform that allows hackers to fix the bugs of software companies for monetary rewards, has cut ties with mobile voting platform Voatz.
Cybereason Continues its Global Expansion by Launching Regional Middle East Operations (Newswire Today) Cybereason, creators of the leading Cyber Defense Platform, today announced it has launched operations in the Middle East to help enterprises future proof their networks from the ever-evolving threat landscape
Illusive Networks Welcomes Karl J. Mattson to Board of Advisors (Yahoo) Illusive Networks®, the leader in deception-based cyber defense solutions, today announced that security expert Karl Mattson has joined its board of advisors. He brings more than two decades of information security experience, including from his recent role as senior vice president and chief information
Products, Services, and Solutions
Telos and ST Engineering Form Strategic Partnership to Deliver World-Class Cybersecurity, Governance, Risk and Compliance Solutions Throughout Asia and the Middle East (Telos Corporation) Agreement expands the footprint and reach of Telos Ghost® and Xacta® into Asia and the Middle East.
Splunk's new APM solution unlocks real-time observability for cloud infrastructure (Help Net Security) Splunk releases SignalFx Microservices APM, the only APM solution that provides customers complete observability into modern, cloud-native environments.
()
Okta launches Lifecycle Management Workflows to make building identity-centric processes easy (TechCrunch) Okta, the popular identity and access management service, today used its annual (and now virtual) user conference to launch Lifecycle Management Workflows, a new tool that helps IT teams build and manage IFTTT-like automated processes with the help of an easy to use graphical interface. The new ser…
Protecting democracy, especially in a time of crisis (Microsoft on the Issues) Today, Microsoft announces the expansion of its Defending Democracy Program to help democratic processes become more resilient in light of increased cyberthreats, with the relese of Election Security Advisors, which helps secure election systems from cyberattacks, expansion of the AccountGuard threat notification service, and an extension of Microsoft 365 for Campaigns to include state-level campaigns.
()
Technologies, Techniques, and Standards
Hidden Threat – Vulnerability Analysis using the news graph (Vulners Blog) When you face to face a new vulnerability, what is the thought that comes first? Of course, respond as quickly as possible. However, speed is just one of the conditions for an effective fight again…
Cryptography: Why Do We Need It? (Electronic Design) This first article in the “The Cryptography Handbook” addresses the escalating need for cryptography in this ever-more connected world.
How to Protect Your Identity on Social Media (Law Technology Today) Social Media is an integral part of life. It's a way of connecting with other people and sharing con...
Design and Innovation
Okta says it's doing away with passwords entirely (SiliconANGLE) Identity management software provider Okta Inc. said today it’s doing away with passwords with a new feature that will be rolled into its cloud platform.
Research and Development
()
Academia
Online courses are disrupted by hackers as Columbia transitions to Zoom video conferencing platform (Columbia Daily Spectator) Professor Brendan O’Flaherty’s Tuesday afternoon lecture for Principles of Economics was hacked by three individuals who disrupted the class for about six minutes, playing audio containing racial slurs and inappropriate content, hurled insults at the professor, and later called a participant a racial slur, according to a course recording obtained by Spectator.
Legislation, Policy, and Regulation
()
China Rejects U.S. Intelligence Claim It Hid Virus Numbers (Bloomberg) Beijing says response to outbreak was open, transparent. U.S. intelligence community concluded China played down threat.
U.S. Intelligence: China Covered Up Extent of Coronavirus Outbreak (Intelligencer) China’s reporting on COVID-19 cases is intentionally incomplete, the intelligence community reportedly told the White House in a classified report.
Managing Escalation Under Layered Cyber Deterrence (Lawfare) Without a firm grasp on the potential for escalation, the United States will be unable to contain the fallout when assertive operations are conducted.
TRACED Act: Robocall Mitigation FAQ (Neustar) Understand how the TRACED Act affects government enforcement of robocalls, what constitutes an illegal robocall, and the limitations of current measures.
Litigation, Investigation, and Law Enforcement
Federal judge declines to postpone April 7 presidential primaries in Wisconsin (Washington Post) The decision came amid worries that holding elections during the coronavirus pandemic could risk public health and curtail access to the polls.
Class Action Lawsuit Filed Against Marriott Over New Data Breach (SecurityWeek) A class action lawsuit has been filed against Marriott over the recently disclosed data breach that impacted as many as 5.2 million customers.
()
RealPage Can Sue Insurer For $6M Phishing Scheme Loss (Law360) Texas-based property management software company RealPage Inc. can sue a Pennsylvania insurance company over its alleged violation of a Texas law in order to recover $6 million in losses stemming from a $10 million phishing scheme, a Texas federal judge has found.