July 11, 2022
David Redekop

Welcome to this week in NerdNews (TWINN) #80 Your weekly top 5 technical and security issues Nerds should pay attention to: China cheats and steals on massive scale

YouTube video

China has deployed cyber espionage to “cheat and steal on a massive scale”, with a hacking programme larger than that of every other major country combined. This is now a very significant threat to our immediate cyber security. Any intellectual property of any kind is now more vulnerable than ever. The future cyber security as well as economic threat is very real, causing the FBI and MI5 to issue joint statements on this topic:

China: MI5 and FBI heads warn of ‘immense’ threat

China is even drawing lessons from Russia’s invasion of Ukraine.

FBI director Christopher Wray said China was the “biggest long-term threat to our economic and national security” and had interfered in politics, including recent elections.

Read More: China: MI5 and FBI heads warn of ‘immense’ threat

MPs call for UK ban on two Chinese CCTV firms

To ban the sale and use of Hikvision and Dahua surveillance equipment in the UK. Many of such products have their streaming apps relay through China. I don’t know of anyone that feels comfortable with security feeds taking that route.

A group of 67 MPs and Lords have called on the government to ban the sale and use of Hikvision and Dahua surveillance equipment in the UK.

Read More: MPs call for UK ban on two Chinese CCTV firms

This ‘evasive’ new Linux malware creates a backdoor to steal passwords and more

Malware called Orbit is an evolving threat that cyber criminals are using to target Linux. Your Linux servers in the cloud will need extra protection.

Cybersecurity researchers detail Orbit malware and the evolving threat of cyber criminals targeting Linux.

Read More: This ‘evasive’ new Linux malware creates a backdoor to steal passwords and more

Microsoft reverses Office macro blocking, which raises security concerns

This is a very sad decision for security researchers, and Microsoft should be explaining itself on this one. Office macros coming in as email attachments is one of the top attack vectors.

What just happened? Microsoft recently changed Office’s default behavior to block a popular malware attack vector. The company has now reversed that decision, drawing the ire of security researchers and users. Microsoft intends to explain the rollback in-depth soon.

Read More: Microsoft reverses Office macro blocking, which raises security concerns

Decisioning at the Edge of your network

This one made us smile because of course it’s true. The conclusion of the author is that “With edge computing, more of the heavy lifting is done at the network edge rather than the centralized cloud data center. This means computing decisions are made closer to users and their devices.” This perfectly aligns with Zero Trust connectivity philosophies.

Digital risk is the scourge of our modern times. Its growth in volume, sophistication and reach has even led some experts to brand it a threat to national security. Bad bots swarmed the internet in record numbers last year, driving up account takeovers, new account fraud and other malicious activity. Phishing attacks, credential stuffing and a steady stream of data breaches ensure the underground economy is well stocked with a mountain of identity data for scammers to leverage.

Read More: Decisioning at the Edge: Changing the Way Cybersecurity and Fraud Prevention Works

Did you know?

Apple Announces ‘Extreme’ Privacy Mode for Targets of Government Spyware. While this approach breaks a lot of basic functionality on an iPhone, an alternative approach to achieve a similar attack surface reduction is with adam:GO™. It makes use of Apple Business Manager, a Mobile Device Management Platform and an always-on VPN that terminates at a Zero Trust connectivity endpoint. Better compatibility and I would argue even better security.