Top News

• COVID-19 Scam Roundup – April 6, 2020

"Digital fraudsters have seized upon coronavirus 2019 (COVID-19) as a lure for their new scams and attack campaigns. Together, these malicious operations constitute nothing short of a deluge. Barracuda revealed that it spotted 9,116 coronavirus-themed spear-phishing emails between March 1 and March 23, 2020—a 667% increase over the 1,188 attacks detected a month earlier. By comparison, the security firm spotted just 137 coronavirus-themed email campaigns in January."

Link

TLP¹ : Green

• Bug Bounty Programs Are Being Used to Buy Silence

"Investigative report on how commercial bug-bounty programs like HackerOne, Bugcrowd, and SynAck are being used to silence researchers:"

Link

TLP¹ : Green

• New York City schools won't be using Zoom anymore because of security concerns

"Schools in New York City are moving away from using the video conference app Zoom after a review of security concerns.
The city's Department of Education is directing schools to "move away from using Zoom as soon as possible," Danielle Filson, a department spokeswoman, told CNN in a statement."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

"Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing"

Link

TLP¹ : Green

• Hacking iPhone or MacBook devices by tricking into visiting a site

"Bad news for Apple iPhone or MacBook users, attackers could hack their device’s camera by tricking them into visiting a website."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Open Cloud Database Exposes 200 Million Americans

"Experts revealed that an unauthorized party compromised more than 200 million user records hosted somewhere within the U.S. in a Google Cloud database. "

Link

TLP¹ : Green

• Marriott Was Hacked -- Again

"Marriott announced another data breach, this one affecting 5.2 million people"

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Firefox zero day in the wild: patch now!

"Mozilla just pushed out an update for its Firefox browser to patch a security hole that was already being exploited in the wild. If you’re on the regular version of Firefox, you’re looking to upgrade from 74.0 to 74.0.1 and if you’re using the Extended Support Release (ESR), you should upgrade from ESR 68.6.0 to ESR 68.6.1."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• White House strategy paper to secure 5G envisions America leading global 5G development

"With curiously little fanfare, the White House released last week a six-page document called the National Strategy to Secure 5G, a blueprint that was mandated by the Secure 5G and Beyond Act."

Link

TLP¹ : Green

• BEST PRACTICES: Mock attacks help local agencies, schools prepare for targeted cyber scams

"Lucy Security, a security training company based in Zug, Switzerland that works with many smaller public entities, has been in the thick of this onslaught. The company’s software is used to run public servants and corporate employees through mock cyberattack training sessions. There’s an obvious reason smaller public entities have become a favorite target of cybercriminals: most are run on shoestring budgets and corners tend to get cut in IT security, along with everything else operationally."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• An Introduction to the Cybersecurity Maturity Model Certification (CMMC)

"A recent study predicted that business losses due to cybercrime will exceed $5 trillion by 2024. The threat to the Defense Industrial Base (DIB) is especially alarming due to current cyber warfare activities by cybercriminals and state-sponsored actors. A cyber attack within the DIB supply chain could result in devastating losses of intellectual property and controlled unclassified information (CUI). To bolster cybersecurity posture within the DIB supply chain, SEI researchers have spent the last year helping the federal government develop the Cybersecurity Maturity Model Certification (CMMC). "

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp