December 14, 2020
David Redekop

This Week In Nerd News – December 14, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

YouTube video

Google had an outage for about an hour this morning.

I don’t recall having seen all services have a problem at the same time before. Hopefully we’ll hear from them about the cause.

Google Outage Tracker

 

Resource: Google Workspace Status Dashboard

DHS, DOJ And DOD Are All Customers Of SolarWinds Orion.

The Source Of The Huge US Government Hack. Ouch. While the infection is on SolarWinds, the outcome was 100% preventable with DTTS.

The latest espionage attack on the U.S. government is not limited to the Treasury and Commerce departments. Looking at the agencies who use the software that was used as a launchpad for the hacks, the breach could go right to the heart of America’s national security apparatus.

 

Read More: DHS, DOJ And DOD Are All Customers Of SolarWinds Orion, The Source Of The Huge US Government Hack

New adware campaign warning from Microsoft.

Third party ad blocking is an excellent mitigation against this.

Microsoft has issued a warning about Adrozek, a new strain of browser modifier that, according to the company, “adds browser extensions, modifies a specific DLL per target browser, and changes browser settings to insert additional, unauthorized ads into web pages.”

 

Read More: Microsoft Warns of Powerful New Adware

Persistent code execution in the Google Play Core Library.

Just another reminder that Android managed updates are essential to keep it secure.

The Google Play Core Library is a popular library for Android that allows updates to various parts of an app to be delivered at runtime without the participation of the user, via the Google API. It can also be used to reduce the size of the main apk file by loading resources optimized for a particular device and settings (localization, image dimensions, processor architecture, dynamic modules) instead of storing dozens of different possible versions. The vulnerability we discovered made it possible to add executable modules to any apps using the library, meaning arbitrary code could be executed within them. An attacker who had a malware app installed on the victim’s device could steal users’ login details, passwords, and financial details, and read their mail.

 

Read More: Oversecured automatically discovers persistent code execution in the Google Play Core Library

Oblivious DoH from Cloudflare.

Will be interesting if anyone outside of the announced partners will ever deploy it because no ISP has any motivation to do so, even though at the ISP core would be the ideal place to deploy ODoH.

Today we are announcing support for a new proposed DNS standard — co-authored by engineers from Cloudflare, Apple, and Fastly — that separates IP addresses from queries, so that no single entity can see both at the same time. Even better, we’ve made source code available, so anyone can try out ODoH, or run their own ODoH service!

 

Read More: Improving DNS Privacy with Oblivious DoH in 1.1.1.1

Did you know?

Home-based learners with macOS enjoy Soulver. I do too, anytime I see tech that uses natural language.

Need an IT professional? Request service today.