December 6, 2021
David Redekop

TWINN Security News December 6

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:

Still paying for antivirus software? Experts say you probably don’t need it. For example, Windows comes with Defender as part of its operating system. However, endpoint protection that goes beyond traditional antivirus functions still has value. Just ask a SOC operator that looks for and prevents threats.

iPhones of US diplomats hacked using “0-click” exploits. What’s noteworthy here is that just because previously-used exploits by the NSO group are now patched, we have no idea what other exploits they have that are not yet known. This brings us back to proven mitigation by using zero trust connectivity, which is possible on iPhones, just ask us how.

Big Tech is mandating MFA. Hackers have workarounds. “MFA solutions can be hacked by exploiting unpatched software or social engineering, among other methods.” This is true, but MFA still dramatically reduces any person’s attack surface. We just need to remember that the thief needs to find a single weakness, but we must find and patch them all.

Vast majority of our Network cyber experts favor mandates to report hacks. “If we don’t know how our most critical industries are vulnerable, we are always going to be one step behind the bad guys”. That sums it up nicely. However, executive business interests don’t line up with the collective global need to share, which is why it’s not been done voluntarily. It does appear to be a problem that can only be solved with public policy.

Google Play apps downloaded 300,000 times stole bank credentials. We’ve arrived at a place where it is becoming increasingly difficult to have a safe Android device. It’s like a cat and mouse game and each time Google tightens the app publishing process, criminals find another way. For now, if you’re on Android, stay current, keep your apps to a minimum and only with publishers that have a long history of offering safe apps.

Did you know? 

Sagacity is the measurement of wisdom. The 28-item San Diego Wisdom Sale (SD-WISE-28) is the gold standard, but This Seven-Question Test Can Determine How Wise You Are, Researchers Say. If you’re like me, you can’t wait to do a deep dive.

For a video version of this see:

Need an IT professional? Request service today.