September 19, 2020
David Redekop

This Week In Nerd News – News September 14, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

Zerologon attack lets hackers take over enterprise networks.

Or smaller networks. Or any Active Directory that isn’t patched. If an environment carries the risk of a potential implant attack, additional preventive measures of zero trust are a must.

Unbeknownst to many, last month Microsoft patched one of the most severe bugs ever reported to the company, an issue that could be abused to easily take over Windows Servers running as domain controllers in enterprise networks.

 

Read More: Zerologon attack lets hackers take over enterprise networks: Patch now 

 

Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom.

Data center and colocation giant Equinix has been hit with a Netwalker ransomware attack where threat actors are demanding $4.5 million for a decryptor and to prevent the release of stolen data. Equinix is a massive data center and colocation provider with over 50 locations worldwide. Customers use these data centers to colocate their equipment or to interconnect with other ISPs and network providers.

Early this week, a source shared a Netwalker ransom note with BleepingComputer that was allegedly from an attack on Equinix that occurred over the Labor Day holiday weekend.

 

Read More: Equinix data center giant hit by Netwalker Ransomware, $4.5M ransom

 

Ransomware the Biggest Cause of Insurance Claims in 1H 2020.

Over two-fifths (41%) of insurance claims in North America in the first half of the year were related to ransomware attacks, according to new industry data. The figures from cyber-insurance provider Coalition, which claims to have over 25,000 SMB clients in the US and Canada, provide a handy insight into the biggest threats to organizations today.

Aside from ransomware, fund transfer losses (27%) and business email compromise (BEC) incidents (19%) rounded out the top three attack types by number of claims in the period.

These two are essentially the same kind of scam, although BEC is committed solely via email whereas fund transfer losses might involve other channels such as phone calls. Together the top three accounted for 87% of all claims in the first six months of 2020.

 

Read More: Ransomware the Biggest Cause of Insurance Claims in 1H 2020

 

The IRS Is Offering You $625,000 to Crack Monero.

The US Internal Revenue Services (IRS) will pay out up to $625,000 for anyone who cracks the untraceable cryptocurrency Monero.

The US Internal Revenue Services (IRS) will pay out up to $625,000 for anyone who cracks the untraceable cryptocurrency Monero, and other privacy coins, according to an official proposal published last week.

“IRS-CI is seeking a solution with one or more contractors to provide innovative solutions for tracing and attribution of privacy coins, such as expert tools, data, source code, algorithms, and software development services,” said the proposal.

 

Read More: The IRS Is Offering You $625,000 to Crack Monero

 

Sandvine Faces Backlash After Belarus Uses Its Tech to Block Internet.

For the rest of us, this is a reminder that technology solutions are usually dual-use: can be used for good or evil.

Resource: Sandvine

 

Did you know?

Yubikey 5C NFC is out, woohoo! Those of us whose daily access is protected by this best-in-class solution are thrilled that we can go dongle-free on our USB-C devices.

Need an IT professional? Request service today.