Cybersecurity Threat Report for May 14th, 2020

Cyber Threat Report for May 14th, 2020

Center for Internet Security Alert Level

GUARDED: indicates a general risk of increased hacking, virus, or other malicious activity. 

There are 4 other levels.  There’s Low, Elevated, High, and Severe.  From the Center for Internet Security, “The potential exists for malicious cyber activities, but no known exploits have been identified, or known exploits have been identified but no significant impact has occurred.”

Data Breaches in Massachusetts

Fun fact: 1,909 data breaches in Massachusetts in 2019 and more than half a million people were affected.  This far there have been 17 Data Breaches through the first week of May.  It includes Rockland Trust and Santander Bank.  If you are a customer of either it’s worthwhile to look up the Notification Letter on the  Massachusetts Office of Consumer Affairs and Business Regulation.  We will have the link for you in this article at https://cyberdefensecontractors.com

Facebook Bug Earns a $20,000 Bounty

Briefing

A cross-site scripting vulnerability was discovered in the Facebook Login SDK.  An SDK is a set of packaged code that works with Facebook’s API’s.  SDK stands for Software Development Kit. An API is an acronym for Application Programming Interface. The vulnerability was specific to the button you may have seen that says, “Continue with Facebook”.  Basically, the button could be hijacked by injecting a different URL with JavaScript.  What does this mean for you?  Generally nothing as the vulnerability was discovered before any attacker could take advantage of it.  That researcher whose name is Vinoth Kumar discovered the vulnerability and was awarded $20,000.00 by Facebook as part of their Vulnerability Bounty program.  Kudos to Mr. Kumar!

Scope

This was essentially a zero-day vulnerability.  What does that mean?  It was an undiscovered vulnerability known to a single individual or a single group.  The difference here is it was not weaponized meaning it otherwise not utilized for a malicious purpose.

Application

Facebook Login SDK

Impact

None

Attack Vector

Injection of a malicious URL in JavaScript.

Mitigation

Mitigated in the SDK.

Customer Notification

No customer notification needed.

~~~

Microsoft Adds DNS over HTTPS

Briefing

Lindsey O’Donnell of Threatpost reports that, in our words, the internet just got a little bit safer.  On a technical level DNS is the last or one of the last protocols to encrypt their traffic.  Yes, we still have unencrypted traffic with specific protocols. DNS over HTTPS has been touted as the solution for DNS.  You will see it integrated into Windows 10 at some point in the near term.  For some reason Lindsey’s articles suggests that folks should proceed with caution, but Cyber Defense Contractors is telling you to jump in with both feet.  There is no downside to the alternative as DNS as a protocol generally remains in an encrypted state across the Internet.

Scope

All Windows Users who make use of the following three DNS servers.  If you are not already on a DNS server that is not provided by your ISP we suggest that you move to one of these to get ahead of the game as they support DNS over HTTPS.  Typically, internet service providers track your DNS queries.  Cloudflare and Quad9 claim otherwise and that they are private.  By private they mean they do not track you.

  • Cloudflare at IPv4 1.1.1.1
  • Quad9 at IPv4 9.9.9.9
  • Google at IPv4 8.8.8.8

As for browsers, the two that support DNS over HTTPS are…

  • Google Chrome
  • Mozilla Firefox

Application

Windows 10

We suggest you check out the article on Threatpost as it shows you how to enable DNS over HTTPS.

Hits: 130

Related Articles

Secure Data Wiping & Destruction

Data wiping is an important part of business operations and any information security program. For those that have a Written Information Security Program (WISP) it likely includes the procedures and processes for data wiping and scrubbing of files, directories, and physical storage devices.

Responses

Your email address will not be published. Required fields are marked *

  • Sign Up
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.