Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:
Article Contents
Let’s briefly talk about network routers and their place in our insecure world. With a router’s position having one foot inside and one foot outside your network, it is in a place of trust. It has certain responsibilities that it be reliable, incorruptible, not hackable, it shouldn’t even be available to the Internet. When someone knocks on its ports, there should be no answer. And yet, we keep seeing router-based vulnerabilities that shouldn’t even be an issue such as this story:
WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers.
Their justification is that they operated on the FBI’s dictated schedule, but in reality, proper implementation of any router should make it stealthy and unreachable from the internet, regardless of discovered vulnerabilities. Zero Trust comes to mind.
Security vendor WatchGuard quietly fixed a critical vulnerability in a line of its firewall devices and didn’t explicitly disclose the flaw for at least seven months, following revelations hackers from Russia’s military apparatus exploited the flaw en masse to assemble a giant botnet.
Read More: WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers
Microsoft Obtains Court Order to Take Down Domains Used to Target Ukraine.
Sandworm botnet disrupted with the support of the Justice Department. It’s worth noting, that a properly-protected network already enjoyed sinkholing before all of this. When the domains were publicly sinkholed, though, everyone benefits!
Microsoft on Thursday disclosed that it obtained a court order to take control of seven domains used by APT28, a state-sponsored group operated by Russia’s military intelligence service, with the goal of neutralizing its attacks on Ukraine.
Read More: Microsoft Obtains Court Order to Take Down Domains Used to Target Ukraine
Hydra: How German police dismantled Russian darknet site.
While the perpetrators are not yet known, this 6-year-old darkweb site has finally been shut down. In a takedown like this, authorities get all the data on the servers. Here’s hoping that the awareness that the seized customer-identifying data is now available to law enforcement, will be a deterrent.
“It gave us all goosebumps” says Sebastian Zwiebel, as he describes the moment his team shut down Hydra, the world’s largest darknet marketplace.
The website was a bastion of cyber-crime, surviving for more than six years selling drugs and illegal goods.
But, after a tip-off, German police seized the site’s servers and confiscated €23m (£16.7m) in Bitcoin.
Read More: Hydra: How German police dismantled Russian darknet site
Hackers breach MailChimp’s internal tools to target crypto customers.
As cryptocurrency ecosystems are still evolving, cyber criminals keep looking and often finding ways of stealing. Be careful with your wallets and follow the best security practices.
Email marketing firm MailChimp disclosed on Sunday that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks.
Read More: Hackers breach MailChimp’s internal tools to target crypto customers
Trend says hackers have weaponized SpringShell to install Mirai malware.
This is a cog in the wheel of what makes cyber attacks possible. Sometimes one moving part gets ahead of another and then lies ready to be used when the opportunity presents itself to the criminal.
Researchers on Friday said that hackers are exploiting the recently discovered SpringShell vulnerability to successfully infect vulnerable Internet of Things devices with Mirai, an open source piece of malware that wrangles routers and other network-connected devices into sprawling botnets.
Read More: Trend says hackers have weaponized SpringShell to install Mirai malware
Did you know?
Microsoft Details New Security Features for Windows 11. Several features mirror those found on macOS and will make it that much more difficult for traditional hacks to occur.
