Cyber Security

TWINN Security News August 30
by Niles Nerd

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:

FBI Shares Hive Ransomware IoCs in New Alert. We are starting to see a trend where early visibility into indicators of compromise are shared and this is good. Now, if you’ve already been living in a ZeroTrust environment with DTTS® then the darkweb isn’t accessible. And in allow-listing mode, the anonymous file downloads don’t auto-allow either, so proactive protection is available against this new ransomware.

Need to get root on a Windows box? Plug in a Razer gaming mouse. Frightening for network administrators responsible to keep computers free from malicious activity, but this is real.

Bahraini Government Hacks Activists with NSO Group Zero-Click iPhone Exploits. In particular, they used an iMessage zero day that Citizenlab calls FORCEDENTRY. Once again, an infected phone would connect to Command & Control servers at IPs like 172[.]105[.]89[.]243 but in environments and devices with DTTS®, that connection never succeeds.

La Puente man steals 620,000 iCloud photos in plot to find images of nude women. This is egg on Apple’s face because the thief did all of this from his own home internet connection, did not use a VPN and logged into hundreds of distinct iCloud accounts. Our hope and request is also that Apple will upgrade the 2FA options, drop SMS and add hardware security keys very soon.

Phishing campaign uses UPS.com XSS vuln to distribute malware. Even the trained security person may not spot such malware download this without careful examination. However, the good news is that in a zero trust, adaptive allow-listing mode, the download never happens.

Did you know? 

I turned 50. One of our sons gave me a birthday card that I got permission to share with you today. It is the attention to detail and amount of easter eggs in there that are neat and my personal lesson out of this is wow, do our children ever observe us more than we realize. See you can spot them, or watch the video for it.

For a video version of this, see https://youtu.be/LvFdCBMlZ5o

Related Posts

TWINN Security News September 20

TWINN Security News September 20

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to: Warning: Update Chrome Now As Hackers Attack Two Major Vulnerabilities In Google Browser. Might be a good time to use Brave instead as an alternate...

Google Chrome urgent update – 11 security fixes

Google Chrome urgent update – 11 security fixes

    Google Chrome urgent update - 11 security fixes   On Monday September 13, 2021 Google Chrome released update 93.0.4577.82 for windows. This update fixes 11 security issues all classified as High risk. A note on the update did specify that google is...

TWINN Security News September 13

TWINN Security News September 13

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to: Wide-ranging SolarWinds probe sparks fear in Corporate America. This pressure on C-level executives is very real that culpability may be exposed....