Cyber Security

TWINN Security News December 20
by Niles Nerd

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:

Patch fixing critical Log4J 0-day has its own vulnerability that’s under exploit. Oh boy. This log4j problem will be with us for a while. It’s what cyber criminals consider that gift that will keep on giving.

New Log4j Patch Released to Fix DoS Flaw. This is an important additional patch to apply for those that have already been patching log4j.

What we are seeing now as a trend is that criminals are looking to take advantage of the lack of egress control across systems with valuable data to exploit. In this case, Zero Trust Connectivity again is our best mitigation for forward-looking exploits that are yet to be discovered.

Backdoor gives hackers complete control over federal agency network. What is interesting about this attack is that it was stealthy to evade firewalls and network monitoring. However, in a Zero Trust Connectivity environment, such exfiltration would have been impossible.

Defense Department blocks ads to counter malvertising, official tells Congress. While we don’t hear much about Google’s billion or so malicious ads served each year, this just confirms what our audience has known for years. Third party advertisements are a high risk and also turns out is one of the easiest threats to eliminate via network-based ad blocking.

This USB ‘kill cord’ can instantly wipe your laptop if snatched or stolen. Your risk model may not warrant this kind of defensive behaviour, but it’s nice to know there are operational security products like this in existence now.

Did you know? 

The adam:ONE® assist app is out for macOS and iOS which enhances Zero Trust Connectivity environment on Apple’s platform.

For a video version of this see https://youtu.be/xn1KADhxavY

Related Posts

TWINN Security News January 17

TWINN Security News January 17

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to. Today our focus is on RATs, or Remote Access Trojans. RATs are one of the most powerful tools in a cyber criminals bag of tricks. They’ve existed...

TWINN Security News January 10

TWINN Security News January 10

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to: This week we focus on the difficult challenge ahead of public software libraries and scripts that thousands of companies and developers are...

TWINN Security News January 3

TWINN Security News January 3

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to: In 2022, I’ll have more of a focus on one key story for my TWINN each Monday. The feature story today is around SIM swapping. It’s an attack vector...