Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:
Kaseya supply chain attack delivers mass ransomware event to US companies. If this isn’t a wakeup call, I’m not sure what is. Supply chain attacks are now as real as it gets.
Microsoft Tries, Fails to Patch Critical Windows Vulnerability. Chaos Ensues. For well over 10 years now, we know that relying on patching alone is unwise. Defense in depth. This time turn off your DC’s sprint spooler. Now.
NSA, FBI warn of ongoing brute force hacking campaign tied to Russian military. In the cybersecurity world, we know that brute forcing is a real possibility, but to use it as a campaign, that is new. It means other defenses are, in fact, getting stronger.
Apps with 5.8 million Google Play downloads stole users’ Facebook passwords. Be careful what apps you download.
DoubleVPN servers, logs, and account info seized by law enforcement. This story just adds to the already-confusing VPN market. The solution is, and always has been, that if you need a VPN, you run your own.
For a video version, see https://youtu.be/3rrscBhSyo4