September 19, 2020
David Redekop

This Week In Nerd News – September 7, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

Facebook complains, Apple responds: iOS 14’s big privacy change gets postponed.

The company says the change is still coming, but it hasn’t said when. Gives developers time to adjust to asking for permission.

Apple has postponed full enforcement of a feature of its upcoming iOS 14 software for iPhones that would require app developers to request users’ permission to track them across apps for advertising purposes. This announcement comes in the wake of a public complaint from Facebook that the privacy policy could negatively impact the ad market in Apple’s ecosystem.

 

Read More: Facebook complains, Apple responds: iOS 14’s big privacy change gets postponed

 

Typosquatting Intensifies Ahead of US Election.

Mistyped URLs can mean more than inconvenience when a candidate’s name is involved. Risk isn’t limited to election URLs, though. Of course, the best protection for typosquatting is to use the BrightWeb.

“Typosquats” — domains that feature common mistakes made when typing legitimate URLs — are on the rise ahead of the November US elections. Recent research from Digital Shadows shows that hundreds of these confusing sites have been registered in the last year.

 

Read More: Typosquatting Intensifies Ahead of US Election

 

The accidental notary: Apple approves notorious malware to run on Macs.

New-fangled malware protection gives users a false sense of security, critics say. It’s worth a read, but in the end, notarization is still an additional roadblock for mass distribution of mac malware.

When might an Apple malware protection pose more user risk than none at all? When it certifies a trojan as safe even though it sticks out like a sore thumb and represents one of the biggest threats on the macOS platform.

 

Read More: The accidental notary: Apple approves notorious malware to run on Macs

 

New Email-Based Malware Campaigns Target Businesses.

Researchers who found “Salfram” say its campaigns use the same crypter to distribute payloads, including ZLoader, SmokeLoader, and AveMaria.

A series of email-based malware distribution campaigns is targeting businesses with multiple malware payloads that include Gozi ISFB, ZLoader, SmokeLoader, and AveMaria, researchers say.

 

Read More: New Email-Based Malware Campaigns Target Businesses

 

Botnets: A cheat sheet for business users and security admins.

Great article, but missing the zero trust transit model as a way of preventing an IoT device from being able to do anything other than it is designed to do.

When a computer or any other device is connected to the internet, it runs a lot of risks from malware and hackers. We often assume that our personal devices are potential victims, and not that they could be components in cyberattacks, but they can be if they become a node in a botnet.

 

Read More: Botnets: A cheat sheet for business users and security admins

 

Did you know?

Aerial is a free and open-source screen saver for your Mac. Amazing 4K video content.

Need an IT professional? Request service today.