Template:PSW649NewsLee Neely

From Security Weekly Wiki
Jump to navigationJump to search

COVID-19 Stories

  1. Scammers pounce as stimulus checks start flowing Be vigilant - Scammers are on the lookout for scammers looking to access the COVID-19 related relief checks - IBM claims 6000 percent rise in phishing email.
  2. COVID-19 outbreak may dely audits for DOD's cyber certification Audits to support claims of secure ongoing operation are necessary, remote validation anyone?
  3. Isralei court takes step to halt phone tracking amid virus Israel's Supreme Court on Sunday ordered the Shin Bet security agency to halt its use of phone-surveillance technology in the battle against the coronavirus, unless parliament begins legislating guidelines for the practice.
  4. Agencies That Bought Cloud Services in Response to COVID-19 Need to Review Security Duties In otherwords did you implement the required security and get an ATO?
  5. Two men in California were arrested for a coronavirus wire fraud scheme where they sought to resell 40 million respirator masks at double or triple the purchase price The two men ran a company that falsely claimed to be working with global traders, medical institution and general supply companies for five years.
  6. UPS and CVS will soon deliver prescriptions to a retirement community in Florida by drone. Starting next month, residents of The Villages in central Florida can receive same-day delivery from a local CVS pharmacy via Matternet’s M2 UAV.
  7. Most Americans are not willing or able to use an app tracking coronavirus infections. That’s a problem for Big Tech’s plan to slow the pandemic. Nearly 3 in 5 Americans say they are either unable or unwilling to use the infection-alert system under development by Google and Apple, suggesting that it will be difficult to persuade enough people to use the app to make it effective against the coronavirus pandemic, a Washington Post-University of Maryland poll finds.

In Other News

  1. NSA shares list of vulnerabilities commonly exploited to plant web shells NSA & ASD publish guidance on looking for web shells.
  2. Use Permissions to keep Scammy Apps off your Android Look for extra app permissions, use Play Store, enable Play Protect...
  3. AA20-120A: Microsoft Office 365 Security Recommendations CISA publishes updated security recommendations for Office 365 with remote workers
  4. Lack of Basic Security Measures on Sheffield’s ANPR System Exposes 8.6 Million Records of Vehicle Movements and License Plate Numbers They took immediate actions to secure the site/app.
  5. Hackers Mount Zero-Day Attacks on Sophos Firewalls Sophos XG Firewalls targeted, Sophos reportedly released a hotfix for CVE-2020-12271 this week.
  6. NSA: Selecting and Safely Using Collaboration Servicesfor Telework NSA lists the security features of telework/collaboration services.