Your weekly top 5 technical and security issues Nerds should pay attention to:
Telegram feature exposes your precise address to hackers.
Telegram, the not-so-secure messaging app, has a vulnerability that exposes users’ precise geolocation — but Telegram has no plans to fix it. I know fleeing WhatsApp users are looking for a better home, but Telegram isn’t it.
If you’re using an Android device—or in some cases an iPhone—the Telegram messenger app makes it easy for hackers to find your precise location when you enable a feature that allows users who are geographically close to you to connect. The researcher who discovered the disclosure vulnerability and privately reported it to Telegram developers said they have no plans to fix it.
Ransomware Victims’ Data Published via DDoSecrets.
This is Wikileaks’ successor, but unfortunately with even less discernment. The lesson in all of this is to take security seriously so your company data is never exfiltrated in the first place.
A group of data activists called Distributed Denial of Secrets (DDoSecrets) has begun publishing a massive amount of corporate information leaked by ransomware operators on the Dark Web.
Malware Developers Refresh Their Attack Tools.
The LokiBot increases in sophistication but still relies on egress for several stages, so proper controls can still provide 100% protection.
The developers of attack tools continue to make headway in hobbling defenders from detecting and analyzing their malware, creating more complex infection chains to stymy defenses, an analysis by the Cisco Talos research team stated this week.
Cryptocurrency stealer for Windows, macOS, and Linux went undetected for a year.
If you’re the holder of crypto currency, treat it like you would your real wallet, especially one that has cash in it.
Soaring cryptocurrency valuations have broken record after record over the past few years, turning people with once-modest holdings into overnight millionaires. One determined ring of criminals has tried to join the party using a wide-ranging operation that for the past 12 months has used a full-fledged marketing campaign to push custom-made malware written from scratch for Windows, macOS, and Linux devices.
Cobalt Strike & Metasploit Tools Were Attacker Favorites in 2020.
These are readily-available tools marketed towards “red teams”, or adversary emulators, no wonder criminals use them in the real world.
Cobalt Strike and Metasploit were the offensive security tools most commonly used to host malware command-and-control (C2) servers in 2020, researchers report.
Did you know?
Ecosia is a search engine that “plants trees with your searches”. It’s very effective. However, it does not offer a safe search function.