This Week In Nerd News – April 04, 2023
This week in nerd news seems to be dominated once again by stories of threats that should all be preventable. Not because software vendors are expected to be proactively secure, but because we now have tools and resources to mitigate against yet-unknown threats. This pattern has not changed in some years now so I wanted to bring it to light once again.
It turns out that filtering and paying attention to what leaves our network in the outbound direction has a beneficial consequence of preventing a threat from being useful to the attacker. The initial attack vector is not necessarily prevented, but what can be done with it, that can be mitigated. Here’s a collection of stories that didn’t need to be stories, if we only collectively applied such mitigation measures:
Table of Contents
The 5 Top Cyber Security Stories Of The Week – April 04, 2023
1. Malware Hunters Spot Supply Chain Attack Hitting 3CX Desktop App.
Since this is a popular app, including our own usage in some circumstances, it’s a good one to start with. The Indicators of Compromise are well known and we can now see how we were protected against this long before the threat was known.
2. Android app from China executed 0-day exploit on millions of devices.
Ultimately, the only way to safely operate a smartphone today is to have it protected with an outbound security policy that is active all the time, regardless if on wifi, usb or cellular data.
3. APT43: North Korean Group Uses Cybercrime to Fund Espionage Operations.
Meet an elite hacking group. An APT43-targeted user that is properly protected would represent too much cost and frustration. At the end of the day, that is the only proven strategy against advanced persistent threats.
4. Hackers exploit WordPress plugin flaw that gives full control of millions of sites.
Since this ultimately targets drive-bys (i.e. you and me), what applies here is *our* protection related to outbound access. None of the domains being redirected to were found in known-good categories, and therefore, on a proactive basis, protection was enjoyed.
5. Western Digital Cloud Services breached.
Data sovereignty should be getting more of our attention than ever. Their cloud services are unavailable today as they are investigating this breach. To prevent future incidents, cloud providers are in need of the same protection as anyone else.
Did you know?
If you’re ever looking for some nostalgic moments of the old days of Apple, or the next generation wants to see what macOS was like decades ago, head over to https://infinitemac.org/ and simulate old operating systems.