March 21, 2022
David Redekop

TWINN Security News March 21

Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:

Let’s talk about anti-virus software risks today. Long gone are the days when we can freely sit down at a computer and just make productive use to dream, build and sell helpful products and services. The increase in productivity was obvious early on to entrepreneurs the world over, but also to those who would, for personal gain, commit a crime at the drop of a hat.

So today we live with the reality of endpoint protection software having to have the most intimate living space inside of our devices, so that it can detect and respond to threats. The part that is usually glossed over, is that we inherently must trust such organization to treat such private and confidential access in a way that would never be betrayed. For example, endpoint protection / antivirus software could theoretically access your banking passwords and multi-factor authentication tokens. Would it? Most probably not, but this is where the trust factor comes in.

Remember how a few years ago, Kaspersky was banned from being a vendor to the US government? That may or may not have been justified, depending on which narrative we go with, but here we go again, this time Germany is warning against usage of Kaspersky.

Germany warns against Russian anti-virus use. This is on the basis of the threat that the Kremlin could force Kaspersky to open access to the level of endpoint detail that they must necessarily collect in order to provide effective protection. In turn, such endpoints could theoretically be threatened, by using the trust relationship that endpoint software has with the computers it is paid to protect. For what it’s worth, Kaspersky has never been a preferred vendor with us, but sadly, I don’t know that we’ll ever know the real truth here.

How California Is Building the Nation’s First Privacy Police. This is a good news story, at least we’re celebrating the initiative. Considering this is where the world’s largest tech companies are headquartered, we are glad to see this initiative.

Firms Must Report Hacks to DHS in 72 Hours Under Law. The FBI is a little upset that the DHS gets the data first, but DHS promises to immediately share such reports.

Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet. As far as consumer and prosumer routers go, ASUS has had a better reputation on the security front that most. While it appears that default credentials have been used in this attack, the reality is that most

Trickbot is using MikroTik routers to ply its trade. Now we know why. When a router is powered by Linux variant, it makes a powerful jump box for attackers. Most importantly, it can evade typical threat detection.

Did you know?

There’s light at the end of the password tunnel. A big bet to kill the password for good. Let’s see if this ends up being any more adoptable than SQRL, which is freely available. For a video version of this, see:

https://youtu.be/-00LZGtl8X4