ECS Staffing

10/06/2020

Is your criminal record a barrier to obtaining or maintaining employment in your life?
Please visit HelpSealMyRecord.org to find out if you are eligible to apply for an expungement or sealing of your criminal records.
Need help navigating the website or application? We’re here to help! ECS Staffing agents are available, on location, via email or by phone.

08/14/2020

FBI and NSA expose new Linux malware Drovorub, used by Russian state hackers
The FBI and NSA issue joint security alert containing technical details about new Linux malware developed by Russia's military hackers.
"Drovorub is a 'swiss-army knife' of capabilities that allows the attacker to perform many different functions, such as stealing files and remote controlling the victim's computer,"
To prevent attacks, the agency recommends that US organizations update any Linux system to a version running kernel version 3.7 or later, "in order to take full advantage of kernel signing enforcement," a security feature that would prevent APT28 hackers from installing Drovorub's rootkit.

US government agencies say the Taidoor remote access trojan (RAT) has been used as far back as 2008.

08/12/2020

Original release date: August 12, 2020
Summary
The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business Administration (SBA) COVID-19 loan relief webpage via phishing emails. These emails include a malicious link to the spoofed SBA website that the cyber actor is using for malicious re-directs and credential stealing.

For a downloadable copy of IOCs, see STIX file.

Technical Details
CISA analysts observed an unknown malicious cyber actor sending a phishing email to various Federal Civilian Executive Branch and state, local, tribal, and territorial government recipients. The phishing email contains:

A subject line, SBA Application – Review and Proceed
A sender, marked as disastercustomerservice@sba[.]gov
Text in the email body urging the recipient to click on a hyperlink to address:
hxxps://leanproconsulting[.]com.br/gov/covid19relief/sba.gov
Mitigations
CISA recommends using the following best practices to strengthen the security posture of an organization's systems. System owners and administrators should review any configuration change prior to implementation to avoid unwanted impacts.

Include warning banners for all emails external to the organization.
Maintain up-to-date antivirus signatures and engines. See Protecting Against Malicious Code.
Ensure systems have the latest security updates. See Understanding Patches and Software Updates.
Disable file and printer sharing services. If these services are required, use strong passwords or Active Directory authentication.
Restrict users' permissions to install and run unwanted software applications. Do not add users to the local administrators’ group unless required.
Enforce a strong password policy. See Choosing and Protecting Passwords.
Exercise caution when opening email attachments, even if the attachment is expected and the sender appears to be known. See Using Caution with Email Attachments.
Enable a personal firewall on agency workstations that is configured to deny unsolicited connection requests.
Disable unnecessary services on agency workstations and servers.
Scan for and remove suspicious email attachments; ensure the scanned attachment is its "true file type" (i.e., the extension matches the file header).
Monitor users' web browsing habits; restrict access to sites with unfavorable content.
Exercise caution when using removable media (e.g., USB thumb drives, external drives, CDs).
Scan all software downloaded from the internet prior to executing.
Maintain situational awareness of the latest threats and implement appropriate Access Control Lists (ACLs). Sign up to receive CISA’s alerts on security topics and threats.
Sign up for CISA’s free vulnerability scanning and testing services to help organizations secure internet-facing systems from weak configuration and known vulnerabilities. Email [email protected] to sign up. See https://www.cisa.gov/cyber-resource-hub for more information about vulnerability scanning and other CISA cybersecurity assessment services.
Resources
CISA Binding Operational Directive 18-01
CISA Insights: Enhance Email and Web Security
CISA Tip: Using Caution with Email Attachments
CISA Alert (AA20-099A): COVID-19 Exploited by Malicious Cyber Actors

We just released an alert on a malicious cyber actor spoofing the U.S. Small Business Administration’s relief website and using phishing emails to trick small business owners. Read the advisory to learn more about this threat and how to protect yourself and your networks: us-cert.cisa.gov/ncas/alerts/aa20-225a

08/11/2020

Please share!!! Ramsey County’s TechPak pilot launch is now open. We are excited to share this opportunity first with our community partners working closely with Ramsey County residents who have been disproportionately affected by the economic impacts of COVID-19. Please share the attached flyer with those that are connect to residents in need to have them enter for their chance to receive one of the initial TechPaks.

TechPak are a partnership between Tech Dump, Literacy Minnesota, Saint Paul Public Library and Ramsey County. This initiative brings computer, internet and digital literacy training into the homes of Ramsey County residents who have experienced economic impacts due to COVID-19. Recipients of a TechPak will work with a digital literacy navigator, complete a digital literacy assessment and at least three North Star Digital Literacy trainings.

TechPak contents:

Refurbished laptop

Hotspot for internet access

QuickStart guides

Pre-loaded bookmarks to assist in job searches and trainings

The enrollment period is NOW OPEN through Thursday, August 13th and is available online at www.ramseycounty.us/techpak. If a resident lacks internet access to apply, they can call 651-266-6002 to sign up.

Please share quickly as the site is live today and entries are only accepted until Thursday, August 13, 2020 at 4:30 p.m. We will be having subsequent rounds each month from September through December with the goal of helping Ramsey County residents increase workforce skills needed for a post Covid-19 economy.

TechPak is a partnership between Tech Dump, Literacy Minnesota, Saint Paul Public Library and Ramsey County to bring computer, internet and digital literacy training into the homes of Ramsey County residents who have experienced economic impacts due to COVID 19.
• To prioritize the distribution of TechPaks, preference will be given to Ramsey County residents with the greatest technological barriers related to digital literacy and employability as a result of COVID-19 through a lottery system.
• As part of the August soft launch we are reaching out to community partners working with residents experiencing economic impacts related to COVID-19 in hopes you can share TechPak information with your families.
• For more information on Ramsey County’s TechPak initiative and to find the online application for the August TechPak launch visit ramseycounty.us/TechPak. For those that do not have internet access, please call 651-226-6002 to submit your entry via phone. Entry deadline is 4:30 p.m. on Thursday, August 13, 2020. Sign up: August 10-13. Notification period: August 17-18.

For more information about the TechPaks initiative and for a list of Frequently Asked Questions please visit www.ramseycounty.us/techpak