The Texas Information Sharing and Analysis Organization (ISAO) and The Texas A&M University System Statewide Cybersecurity Services (SCS) are tracking multiple threat actors who are using the COVID-19 event to propagate malware through a variety of methods (primarily phishing). These threat actors are using dynamically generated domains to get past blacklists. Once the domain is blocked, they move to a new one.
SCS is partnering with Cisco Umbrella to provide tools to any public sector organization for free for the next 90 days. This tool will filter DNS queries and stop people from accessing bad domains. It works on your network or through an agent. Local setup takes about 5 minutes and the agent is an easy push in a variety of methods. SCS is working with Cisco to keep the tool free until January, and then offer it at a significant discount. For more information, visit https://it.tamus.edu/cybersecurity/security-monitoring/