July 6, 2020
David Redekop

This Week In Nerd News – July 6, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

100s of millions of devices, including medical, vulnerable to attack.

Dubbed Ripple20 (research source), these are zero-day vulnerabilities that may or may not ever be patched. More reason than ever to have proper network isolation, NAC (Network Access Control) and Egress control.

Earlier this month, JSOF security researchers disclosed the “Ripple20” vulnerabilities, a series of flaws affecting connected devices in the enterprise, industrial, and healthcare industries. Experts worry about the implications for connected medical devices, which could provide attackers with a gateway into a hospital network or enable them to affect patient care.

 

Read More: Ripple20 Threatens Increasingly Connected Medical Devices

 

How police secretly took over a global phone network for organized crime.

Lesson: believing an app/service is secure vs independent verification are two very different things.

Something wasn’t right. Starting earlier this year, police kept arresting associates of Mark, a UK-based alleged drug dealer. Mark took the security of his operation seriously, with the gang using code names to discuss business on custom, encrypted phones made by a company called Encrochat. For legal reasons, Motherboard is referring to Mark using a pseudonym.

 

Read More: How Police Secretly Took Over a Global Phone Network for Organized Crime

 

How hackers extorted $1.14m from University of California, San Francisco.

The ransomware, NetWalker, not only steals and encrypts users’ files, but it also publishes a portion on a hacker-owned website to “encourage” the victim to pay up.

The Netwalker criminal gang attacked University of California San Francisco (UCSF) on 1 June.

IT staff unplugged computers in a race to stop the malware spreading.

And an anonymous tip-off enabled BBC News to follow the ransom negotiations in a live chat on the dark web.

Cyber-security experts say these sorts of negotiations are now happening all over the world – sometimes for even larger sums – against the advice of law-enforcement agencies, including the FBI, Europol and the UK’s National Cyber Security Centre.

Netwalker alone has been linked to at least two other ransomware attacks on universities in the past two months.

 

Read More: How hackers extorted $1.14m from University of California, San Francisco

 

During a pandemic, stalkerware becomes even more sinister.

Three antivirus companies told Cyberscoop that they saw a rise in stalkerware infections. Beware of apps and what’s running on your devices, and if concerned, a factory-reset is never a bad idea.

When public health experts started recommending social distancing to reduce the spread of COVID-19, the goal was to place people out of harm’s way. But the policy has forced many domestic violence victims to possibly face a far more insidious danger: isolating with an abuser.

 

Read More: During a pandemic, stalkerware becomes even more sinister

 

New Mac ransomware spreading through piracy.

Re-learned lesson: be careful what you download from p2p anywhere.

A Twitter user going by the handle @beatsballert messaged me yesterday after learning of an apparently malicious Little Snitch installer available for download on a Russian forum dedicated to sharing torrent links. A post offered a torrent download for Little Snitch, and was soon followed by a number of comments that the download included malware. In fact, we discovered that not only was it malware, but a new Mac ransomware variant spreading via piracy.

 

Read More: New Mac ransomware spreading through piracy

 

Did you know?

You don’t even need to be a nerd to listen to Police Scanner Radio and Fire via an amazing international iOS app. Local coverage in many places I’ve tried.

Need an IT professional? Request service today.