Hello and welcome to TSD, your regular blog post with top of mind security issues! TSD began as an internal newsletter that our Security Lead, Daniel Tobin, would circulate to the team each Tuesday. It proved to be a great resource for all of us so we thought, why not share it with all of you? Our hope is that it helps make you just a bit more secure.
Check back here every Tuesday for more TSD or sign up below to stay in the loop!
Hi Cyraloons and welcome to another week of TSD, your regular email / blog post with top of mind security issues, a few security tips for both work and home and at least 1 fun thing related to owls.
Please reach out to us directly, via security@cyral.com or on twitter at @dant24 if you have any questions, concerns, tips or anything else!
- Phishing email scams often take advantage of the latest news stories and now is no different. Be vigilant and take a moment to verify that the urgent email you just received is legitimate (Phishing in the Time of COVID-19: How to Recognize Malicious Coronavirus Phishing Scams)
- Multiple security experts have put out a call to ransomware groups to not target hospitals right now and at least 2, 1 via a press release, have offered to not go after hospitals or will decrypt for free (Ransomware Gangs to Stop Attacking Health Orgs During Pandemic)
- New report out that a new variant of Mirai is targeting Zyxel devices. Mirai was known for being responsible for the largest DDoS ever. If you own a Zyxel NAS device, patch it ASAP if you can, if your device is old enough, it cannot be patched. (Zyxel Flaw Powers New Mirai IoT Botnet Strain)
- One of the most important things you can do to secure your computers and devices is to make sure you have full disk encryption. This makes sure your data on your device cannot be stolen even if your device is. If you have a Mac computer, enable FileVault. If you have a Windows 10 computer, turn on device encryption. For Android, you can follow these instructions. For iPhones, you can follow these instructions. Check out this link for more ways to protect yourself while working from home.
Owl fun and facts:
Not all owls actually make a Who? Or Hoot sound. Barred Owls make a sound that sounds like “Who cooks for you?”. Eastern Screech owls meanwhile sound like a “horse on helium”. Listen to these and others here.
A Shout Out:
If you’re using Golang at all, be sure to check out gosec, an open source security code scanner. There are even instructions for integrating into your CI/CD pipeline. If you just want to run it locally on your code, it’s as simple as downloading the binary and running ./gosec src/...
That’s owl for now!
