TWINN #110 Do not use Google to download software
This week we are observing a change in the behaviour of malicious actors. A short while ago, we all celebrated when Microsoft appropriately tightened security of Office Macros – at least their default behaviour. The change was simply this: Macros would no longer run by default in documents from the Internet.
Now the criminals have dialed up other methods of getting malware into computers. Not surprisingly, it is through a search engine and it’s done through malvertising.
Table of Contents
The 5 Top Cyber Security Stories Of The Week – February 06, 2023
Until further notice, think twice before using Google to download software. If you thought this was new, we’ve known for nearly a decade how problematic it is. Our strong recommendation is to use the Brave browser along with uBlock Origin extension (on your desktop), so your risk is minimized for any user that may otherwise be presented with malicious ads.
Anker finally comes clean about its Eufy security cameras. It’s nice to see details eventually come to light, and it serves as a good lesson for us all.
Op-ed by CISA execs: Stop Passing the Buck on Cybersecurity. There is clearly much work to be done. Since so many incidents are never reported, it is often difficult to gauge how challenging the problem actually is.
New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers. Imagine reading this ransom note on your own infrastructure. What’s worth remembering is taking the proper security posture to begin with, should make an exploit such as this impossible to execute. Segment your network, don’t give access anywhere except via Zero Trust.
Google Fi hack victim had Coinbase, 2FA app hijacked by hackers. Just when we thought that a Google Fi phone was the most secure, we find out that due to Google’s dependency on T-Mobile, which has more than 8 significant breaches that we can count, it also impacted Google Fi this time.
Did you know?
You can tighten your SIM security with most carriers to make it significantly harder for someone to SIM-swap you. If you don’t think you’re vulnerable, listen to Malicious.Life Episode 205.