Another week, and another Sunday Weekly. This week’s information is mostly COVID-19 related.
But before, this last week we had the famous Patch Tuesday from Microsoft. Here you have all the details, as well as a good analysing done by Qualys, but I would like to point out CVE-2020-0935, which is a vulnerability with OneDrive and symbolic links. Best approach:
- Impact analysis
- Pilot patches
- Confirm no issues
- Full deploy
Some suggestions regarding remote work from Home Office, a piece of information coming from the National Cyber Security Centre of the Swiss Federal Department of Finance. They talk about phishing attempts, 2FA, and some more. Recommended reading.
Apple, as well as Google, are proposing to use the information they hold about every device to help authorities determine if the social distance is being respected. Some governments are using Mobile network information, all anonymized (in theory). Here you can see some stats provided by Apple. Pretty interesting.
Remember the proposal from the EPFL and the ETH for an app that helps to identify and, more importantly, notifying those that have been in contact with a person that has been tested positive with Coronavirus? Well, it seems they are backing out due to privacy concerns.
Other news is that ransomware RagnarLocker is again causing some pain to big companies. This time, EDP energy (Portugal). Here you can find lots of details. It seems it is not impacting their operations activity, it is at least a good thing.
« Trickbot is the most prolific malware operation using COVID-19 themed lures ». It is not me saying that, but Microsoft. And I am still amazed by how low and selfish some human beings can be, using this pandemic to spread malware.
Pastebin, a popular service to store code and whatever you want, used for good and evil, has been lately in the center of a big discussion. It is known that bad actors use their service to store dump data or credentials obtained in strange circumstances. It is also known that security researchers use their API service to look for this type of data and report it. And this is the result:
Pastebin, instead of just blocking and removing this content, has decided to remove the scraping API as part of their pro service. You can imagine it has been perceived as if Pastebin did not care who uses and what is stored in their systems.
And last, but not least, something we will need to keep an eye to: Emotet seems to be back.
And that’s all for the week. I hope you have liked reading it and, please, let me know what your thoughts are!