Internet2 Network Security SIG

[Adair Thaxton <>]

We're working on getting this published as a proper blog entry, but I 
wanted to get this out before we get too far into April.

I'M TYPING THIS IN BIG LETTERS SO YOU CAN READ IT FROM SIX FEET AWAY.

Phew, you guys!  It's been quite the month.  Emergency VPN capacity and 
software updates, am I right?  Our peering team has been going nonstop 
to get capacity augments at major peering points.  If you want to check 
on our major peers, you can do so here: 
https://grafana.bldc.net.internet2.edu/grafana/d/LBcyRNuZk/covid-19-peer-monitoring-public?orgId=2&from=now-3h&to=now

Remember, the Bad People regard this as a great time to try to break 
into your networks, because we may be less vigilant due to our 
circumstances.  Keep an eye on your monitors and read your logs!

There were some new 0days for Zoom today, so encourage your users to run 
updates when they become available.  Zoom has had quite the month in 
security news, not all of it good - they learned that using a Facebook 
SDK in their code will send data to Facebook, for instance.  They've 
published some advice for people to mitigate the effects of the 
ill-mannered among us: 
https://blog.zoom.us/wordpress/2020/03/20/keep-the-party-crashers-from-crashing-your-zoom-event/  
They also continue to publish regular updates on bugfixes - as of April 
2, those are detailed here: 
https://blog.zoom.us/wordpress/2020/04/01/a-message-to-our-users/

The Internet2 security team has added two new members - James Harr 
(stolen from Nebraska) and Ryan Harden (stolen from Chicago).  They've 
both been in the community for a fairly long time, so you may have seen 
them around!  We're currently indoctrinating them and simmering them in 
a stew of brand new information.

Your FYI link of the month is that the University of Cincinnati has made 
class lectures for their Malware Analysis course available.  
https://class.malware.re/

Love,
Adair