This Week In Nerd News (TWINN) – December 5, 2022

Nerds On Site
Article Written By David Redekop

1995

Founded In

96,000+

5-Star Reviews

4.83 / 5

Satisfaction Rating

TWINN #101 Man in the Email

Many aspects of IT security are dynamic and shift around. If doing business one way exposes a threat, we change our behaviour to make it safer. It’s not like cyber security is new, but it seems like the goal posts change on a regular basis because the threat actors and criminals just move to yet another avenue of exploitation.

However, there’s one area of exploitation that hasn’t changed much. It is in the area of Business Email Compromise, also known as “Man in the email.” This is where your mailbox or the mailbox of someone with whom you communicate is being watched by an attacker. It doesn’t take much for these guys to associate a value with a compromised mailbox, and they’ll sit in it for as long as it takes to spot an opportunity. However, there has been some evolution in the business email compromise space, and this shows us just how and why it is still such an effective attack vector to this day.

YouTube video

The 5 Top Cyber Security Stories Of The Week

The Evolution of Business Email Compromise. The only truly non-phishable mail service is one that is protected with a hardware key.

Mozilla and Microsoft distrust TrustCor certificates due to suspicions over covert spyware operation. “The chain of trust ensured by Certificate Authorities (CA) keeps the web safe and internet companies happy. However, when the chain breaks, a CA can suddenly become an unwelcome guest within the most popular web browsers.”

Russia is spying on Telegram chats in occupied Ukrainian regions. Here’s how. We’ve known for a long time that Telegram security is bad design. Now there’s definitive proof that telegram channels are being monitored by non-members. Don’t rely on Telegram for privacy or security.

Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability. That’s now the 9th zero day flaw in Chrome in 2022. Remember, technically a zero-day is a weakness that is already being exploited in the wild.

Spyware maker Variston exploited Windows, browser zero-days. Given how many Zero Day vulnerabilities Google Chrome and related browsers have had this year, it isn’t surprising that an enterprising group would weaponize those vulnerabilities themselves instead of selling to the marketplace.

Did you know?

https://chat.openai.com/ was launched this week and it seems to be more resistant to chatbot failures of the past.

You May Also Like…

About Nerds On Site

On-site & remote IT support in Canada & the United States

Hey from Nerds On Site! We’re a leading digital technology and IT support provider. Our highly trained technicians and engineers can provide fast and efficient on-site and remote IT services for business and residential needs.

For business clients, we can ensure that your computing infrastructure runs at its optimum levels – regardless of scope or size. We have you covered, from installing new hardware to setting up virtual offices or providing sophisticated cyber security solutions. We’ll help you troubleshoot technical issues quickly and efficiently, so you can focus on what matters most, running your business operations.

Residential Clients will also benefit from our knowledgeable team, who offer a range of IT solutions tailored to fit their home’s technology needs. Whether it’s helping Clients restore computer systems that seem to be running slow or providing solutions for wireless connectivity in the home, we ensure that all devices are working optimally.

We make IT more productive, profitable and pleasurable for our Clients in North America and beyond! Call us today to find out more.

 

Choosing the Right IT Support

At Nerds On Site Client satisfaction always comes first. We don't want to just be your one-time IT provider, we want to be your forever Nerds whenever you need us.

Nerds On Site London Tick

Client Satisfaction Always Comes First

Nerds On Site London Tick

Available Everyday, Evenings & Weekends

Nerds On Site London Tick

Local Nerds, Global Team

Nerds On Site London Tick

By The Solution Pricing

Nerds On Site London Tick

We speak Normal Speak, not "Nerd Speak"

Nerds On Site London Tick

No Travel Fees or Hidden Costs

Business Client Reviews

A 96.4% Satisfaction rating based on 29,000 + reviews

"My Nerd always delivers highly professional services and meets my small business needs. He is extremely intelligent, experienced and very personable. As usual, I would not hesitate to recommend his services to other businesses."

Frank J

Nerds On Site Client

"My Nerd is always prompt and professionally responsive. I feel like he takes a personal vested interest in our account. I trust him completely and have experienced the benefit of following his recommendations. Our business would not be the success it is, without his contribution."

Corinne L

Nerds On Site Client

"Our Nerd responds quickly to requests for service. He provides recommendations that are appropriate for our current equipment as well as 'plan ahead' advice. He is always pleasant and accommodating. We are very pleased to have Nerds caring us."

Kim M

Nerds On Site Client

For Immediate Support