The Tarleton State University Information Security Office continues to monitor the information security landscape during this time of uncertainty to help you maintain a secure work or study-from-home environment. The office will continue to watch various information security vectors and provide security awareness guidance, as needed.

Cyber actors are targeting U.S. entities via USB keystroke injection attacks

Recently, cybercriminal groups are mailing USB devices via the United States Postal Service (USPS). The mailed packages sometimes include items like teddy bears or gift cards to employees of targeted organizations. The USB device is a commercially available tool that acts like a keyboard and injects a series of keystrokes in order to download and execute a unique malware payload. Nearly every computing device automatically accepts human input from keyboards, hence the USB drive is instantly accepted as a keyboard and quickly begins executing malicious intent.

Postal Mail Safety Tips

  • Be cautious of unfamiliar packages.
  • Only use USB drives that you have purchased.
  • Only use USB drives that have been given to you from Tarleton or a trusted source.

Cybercrime has increased due to the COVID-19 outbreak

Cybercriminals are now taking advantage of tools that allow users to work remotely to infect computer operating systems with malware. Texas Cyber Security Weekly shared a ZDNet article that acknowledges there have been cyber-attacks targeting D-Link and Linksys routers. Cybercriminals are using brute-force attacks to guess router passwords. Once the password has been obtained, hackers can access the router and can change the router’s default DNS server settings. Users are then redirected to a site that urges them to install a coronavirus-related application. It has been reported that this application installs a version of the Oski trojan which can steal account credentials from browsers and crypto wallet files. As more people are working remotely due to COVID-19 concerns, cybercrimes are targeting home office networks and equipment. Be mindful of your digital workspaces, take precautions and report any unusual activity as you work from home.

Home Router Security Tips

Zoom Security Tips – Stay Safe From Zoombombing

Zoom is a great way to stay connected right now, and we hope the following tips will help you continue to host amazing events! If you’re not sure whether a public Zoom event is the way to go, share the meeting link only with your close friends, co-workers, and clients. You can even password-protect it for another layer of security. Zoombombing, a recently new form of account/session takeover, is the practice of a threat actor joining a Zoom session without invitation and “taking over” the session. They often fill the Zoom room with potentially harmful content, either in the chat window or with screen sharing.

Zoom Best Practices

This is useful if you want to control your guest list and invite only those you want at your event — other students or colleagues, for example. Tips contain hyperlinks.

  • Lock the meeting: It’s always smart to lock your front door, even when you’re inside the house. When you lock a Zoom Meeting that’s already started, no new participants can join, even if they have the meeting ID and password (if you have required one). In the meeting, click Participants at the bottom of your Zoom window. In the Participants pop-up, click the button that says Lock Meeting.
  • Set up your own two-factor authentication: You don’t have to share the actual meeting link! Generate a random Meeting ID when scheduling your event and require a password to join. Then you can share that Meeting ID on Twitter but only send the password to join via DM.
  • Remove unwanted or disruptive participants: From that Participants menu, you can mouse over a participant’s name, and several options will appear, including Remove. Click that to kick someone out of the meeting.
  • Allow removed participants to rejoin: When you do remove someone, they can’t rejoin the meeting. But you can toggle your settings to allow removed participants to rejoin, in case you boot the wrong person.
  • Put ‘em on hold: You can put everyone else on hold, and the attendees’ video and audio connections will be disabled momentarily. Click on someone’s video thumbnail and select Start Attendee On Hold to activate this feature. Click Take Off Hold in the Participants list when you’re ready to have them back.
  • Disable video: Hosts can turn someone’s video off. This will allow hosts to block unwanted, distracting, or inappropriate gestures on video or for that time your friend’s inside pocket is the star of the show.
  • Mute participants: Hosts can mute/unmute individual participants or all of them at once. Hosts can block unwanted, distracting, or inappropriate noise from other participants. You can also enable Mute Upon Entry in your settings to keep the clamor at bay in large meetings.
  • Turn off file transfer: In-meeting file transfer allows people to share files through the in-meeting chat. Toggle this off to keep the chat from getting bombarded with unsolicited pics, GIFs, memes, and other content.
  • Turn off annotation: You and your attendees can doodle and mark up content together using annotations during a screen share. You can disable the annotation feature in your Zoom settings to prevent people from writing all over the screens.
  • Disable private chat: Zoom has in-meeting chat for everyone or participants can message each other privately. Restrict participants’ ability to chat amongst one another while your event is going on and cut back on distractions. This is really to prevent anyone from getting unwanted messages during the meeting.