April 12, 2021
David Redekop

This Week In Nerd News – April 12, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to:

YouTube video

Pwn2Own contest results are interesting.

So is the $200,000 award given for a new Exchange Server vulnerability, while the world still hasn’t solved ProxyLogon. Feel free to check on our HoneyPot

The 2021 spring edition of Pwn2Own, the cybersecurity industry’s biggest hacking competition, has come to a close today with a three-way tie between Team Devcore, OV, and the duo of security researchers Daan Keuper and Thijs Alkemade.

 

Read More: Pwn2Own 2021 hacking contest ends with a three-way tie

 

Windows and Linux devices are under attack by a new cryptomining worm.

Easy to protect against, but requires a security gateway.

A newly discovered cryptomining worm is stepping up its targeting of Windows and Linux devices with a batch of new exploits and capabilities, a researcher said.

 

Read More: Windows and Linux devices are under attack by a new cryptomining worm

 

Mobile carrier exposes data for millions of accounts.

Q Link Wireless, a provider of low-cost mobile phone and data services to 2 million US-based customers, has been making sensitive account data available to anyone who knows a valid phone number on the carrier’s network, an analysis of the company’s account management app shows.

 

Read More: No password required: Mobile carrier exposes data for millions of accounts

 

There’s Another Facebook Phone Number Database Online.

How many more of these will we need before we collectively vote by not using Zuckerberg services any longer?

Analysis by Motherboard and a security researcher indicate the database is separate from the recently reported cache of 500 million accounts.

 

Read More: There’s Another Facebook Phone Number Database Online

 

Fortinet VPN vulnerability allowed two manufacturing plants to be ransomwared.

Ransomware operators shut down two production facilities belonging to a European manufacturer after deploying a relatively new strain that encrypted servers that control a manufacturer’s industrial processes, a researcher from Kaspersky Lab said on Wednesday.

 

Read More: How a VPN vulnerability allowed ransomware to disrupt two manufacturing plants

 

Did you know?

If you’re so inclined to avoid BIG TECH, there’s now an extension at Big Tech Detective which has made Kashmir Hill’s original experiment available to anyone.

Need an IT professional? Request service today.