March 16, 2020
David Redekop

This Week In Nerd News – March 16, 2020

Your weekly top 5 technical and security issues you should pay attention to:

Wormable SMBv3 security risk in Windows.

Out-of-cycle patch released by Microsoft. Super critical to patch.

Word leaked out on Tuesday of a new vulnerability in recent versions of Windows that has the potential to unleash the kind of self-replicating attacks that allowed the WannaCry and NotPetya worms to cripple business networks around the world.

 

Read More: Windows has a new wormable vulnerability, and there’s no patch in sight

 

Necurs Botnet gets taken down along with over 6 MILLION malicious domains!

40 Million victims to-date.

Today, Microsoft and partners across 35 countries took coordinated legal and technical steps to disrupt one of the world’s most prolific botnets, called Necurs, which has infected more than nine million computers globally. This disruption is the result of eight years of tracking and planning and will help ensure the criminals behind this network are no longer able to use key elements of its infrastructure to execute cyberattacks.

 

Read More: New action to disrupt world’s largest online criminal network

 

Popular VPN And Ad-Blocking Apps Are Secretly Harvesting User Data.

Surprise surprise!

Sensor Tower, a popular analytics platform for tech developers and investors, has been secretly collecting data from millions of people who have installed popular VPN and ad-blocking apps for Android and iOS, a BuzzFeed News investigation has found. These apps, which don’t disclose their connection to the company or reveal that they feed user data to Sensor Tower’s products, have more than 35 million downloads.

 

Read More: Popular VPN And Ad-Blocking Apps Are Secretly Harvesting User Data

 

One billion Android smartphones racking up security flaws.

Wow.

How long do Android smartphones and tablets continue to receive security updates after they’re purchased?

The slightly shocking answer is barely two years, and that’s assuming you bought the handset when it was first released. Even Google’s own Pixel devices max out at three years.

Many millions of users hang on to their Android devices for much longer, which raises questions about their ongoing security as the number of serious vulnerabilities continues to grow.

 

Read More: One billion Android smartphones racking up security flaws

 

Coronavirus-Themed APT Attack Spreads Malware.

An advanced persistent threat (APT) group is leveraging the coronavirus pandemic to infect victims with a previously unknown malware, in a recently discovered campaign that researchers call “Vicious Panda.”

 

Read More: Coronavirus-Themed APT Attack Spreads Malware

 

Did you know?

A good resource for up-to-date COVID-19 tracking map: ArcGIS

Also, WFH (Work From Home) isn’t a new idea, but this is a funny list of non-glamorous home offices, makes me feel better about my laptop on my lap: Twitter Post

Need an IT professional? Request service today.