Cyber Security

TWINN Security News March 22, 2021
by Niles Nerd

Your weekly top 5 technical and security issues Nerds should pay attention to:

A long read, but well worth it, “Your Face Is Not Your Own” is another deep dive on ClearviewAI: “When a secretive start-up scraped the internet to build a facial-recognition tool, it tested a legal and ethical limit — and blew the future of privacy in America wide open.”

“Expert” hackers used 11 0-days to infect Windows, iOS, and Android users. The breadth and abundance of exploits for unknown vulnerabilities sets group apart. Reporting on problems without sage advice is difficult for me to do, which is why I keep repeating that we must assume we’re already compromised, and therefore limit exfiltration and apply zero trust network access.

Don’t run TikTok on Android. Or at least patch it before you use it again: TikTok for Android 1-Click RCE.

Mimecast says SolarWinds hackers breached its network and spied on customers. As we can see, the SolarWinds attack has a much broader effect than just SolarWinds. Good on Mimecast for its transparency. We’re not so sure everyone takes that position that may have been impacted in a similar way.

New global model needed to dismantle ransomware gangs, experts warn. Ransomware victims paid nearly $350 million to hackers in 2020, a 311% increase over the prior year. But part of the problem with tamping down on ransomware attacks is that gangs are acting without any apparent consequences.

Did you know? 

I’ve shared about Proctorio (spies on students during remote exams) on TWINN before, now it’s banned at UBCFor good reasons.

For a video version of this news, see: https://youtu.be/9bsMP_vZ4Xo

Related Posts

TWINN Security News April 20, 2021

TWINN Security News April 20, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: The Untold Story Of The SolarWinds Hack. It all started in September 2019 with a PoC to see if malicious actors could introduce one line of harmless code into production Orion software. FBI...

TWINN Security News April 12, 2021

TWINN Security News April 12, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: Pwn2Own contest results are interesting. So is the $200,000 award given for a new Exchange Server vulnerability, while the world still hasn’t solved ProxyLogon. Feel free to check on...

TWINN Security News April 5, 2021

TWINN Security News April 5, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: Opening a TXT file on macOS can be dangerous. This one is patched now, if you’re up-to-date, but ouch! Zero click vulnerability in Apple’s macOS Mail. Much more serious than the first, also...