March 9, 2020
David Redekop

This Week In Nerd Nerds – March 9, 2020

Your weekly top 5 technical and security issues you should pay attention to:

Kr00k is a new WiFi vulnerability affecting over 1 Billion devices.

Great coverage on Security Now Episode 756.

Resource: KR00K – CVE-2019-15126

 

Wireguard is Arthur’s favourite new VPN.

Not their service, but the protocol which you can run on your own infrastructure.

Resource: WireGuard

 

An Android Security App With 1 Billion Downloads Is Recording Users’ Web Browsing.

In February, Google threw 600 apps out of its Play store. Amongst those was an app called Clean Master, a security tool promising antivirus protection and private browsing. It had more than 1 billion installs before it was evicted and, despite Google’s ban, is one of Android’s most downloaded apps ever and is likely still running on millions of phones.

 

Read More: Warning: An Android Security App With 1 Billion Downloads Is Recording Users’ Web Browsing

 

Locate X’ tracks users through popular apps with trackers, not warrants.

U.S. law enforcement agencies signed millions of dollars worth of contracts with a Virginia company after it rolled out a powerful tool that uses data from popular mobile apps to track the movement of people’s cell phones, according to federal contracting records and six people familiar with the software.

 

Read More: Through apps, not warrants, ‘Locate X’ allows federal law enforcement to track phones 

 

Remote iOS/macOS memory dump possible, now fixed.

Resource: Project Zero

 

Did you know?

MapSCII – The whole world in your console. Try it with “telnet mapscii.me”. Combine that with HackerTyper and you can make some cool ascii hacker movie.

 

Also did you know?

LuLu is a macOS egress firewall that alerts you to any connection attempt with useful info.

Need an IT professional? Request service today.