May 4, 2020
David Redekop

This Week In Nerd News – May 4, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

Attackers exploit 0-day code-execution flaw in the Sophos firewall.

Such a critical lesson in this for *us* is to never have webadmin publicly exposed.

Users of a widely used firewall from Sophos have been under a zero-day attack that was designed to steal usernames, cryptographically protected passwords, and other sensitive data, officials with the security firm said on Sunday.

 

Read More: Attackers exploit 0-day code-execution flaw in the Sophos firewall

 

Google Play has been spreading advanced Android malware for years.

Advanced hacker group seeded market with at least 8 apps likely since 2016.

Hackers have been using Google Play for years to distribute an unusually advanced backdoor capable of stealing a wide range of sensitive data, researchers said on Tuesday.

 

Read More: Google Play has been spreading advanced Android malware for years

 

Shade Ransomware shuts down, releases 750K decryption keys.

Also don’t forget the NoMoreRansom good guys.

The operators behind the Shade Ransomware (Troldesh) have shut down their operations, released over 750,000 decryption keys, and apologized for the harm they caused their victims.

The Shade Ransomware has been in operation since around 2014. Unlike other ransomware families that specifically avoid encrypting victims in Russia and other CIS countries, Shade targets people in Russia and Ukraine predominantly.

According to Michael Gillespie, the creator of the ransomware identification site ID Ransomware, submission related to the Shade Ransomware has been steady over the years until the end of 2019 when it started to dwindle.

 

Read More: Shade Ransomware shuts down, releases 750K decryption keys

 

Signal becomes European Commission’s messaging app of choice in security clampdown.

That’s quite the vote of confidence. I’m on Signal too with my 226-268-7128 mobile.

The European Commission has told its staff to switch to the encrypted Signal messaging app in a move that’s designed to increase the security of its communications. Politico reports that, earlier this month, a message on the commission’s internal messaging boards notified employees about the change. “Signal has been selected as the recommended application for public instant messaging,” the message to the EU’s executive branch says.

 

Read More: Signal becomes European Commission’s messaging app of choice in security clampdown

 

Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s Private’ Web And Phone Use.

Good news, those trackers have already been blocked on adam:ONE for some time.

“Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use”, 30 April 2020

… Cirlig is speaking with Forbes after discovering that his Redmi Note 8 smartphone was watching much of what he was doing on the phone. That data was then being sent to remote servers hosted by another Chinese tech giant, Alibaba, which were ostensibly rented by Xiaomi.

 

Read More: China: Cybersecurity researchers accused Xiaomi of recording users’ web and phone use

 

Did you know?

mtr (as a super-charged replacement for traceroute) is a free tool every nerd must-have. Available on any linux, on most
macOS via brew and even on Windows. You can thank the authors later.

Need an IT professional? Request service today.