Cyber Security

TWINN Security News March 8, 2021
by Niles Nerd

Your weekly top 5 technical and security issues Nerds should pay attention to:

Facebook will pay $650 million to settle class action suit centered on Illinois privacy law. This is good news to the tune of over $300 to over a million Illinois residents. More importantly, the winds of privacy are further shifting in the favour of the public.

Over 60,000 businesses attacked via Microsoft Exchange Server, a bug discovered and branded as ProxyLogon and originally written up by Krebs on Security. Of all the mitigations suggested by Microsoft and others, (aside from patching), still there are no calls on zero trust architecture. Applying least privileges and a zero trust model prevents an infected Exchange server from causing any damage or leakage.

Ripe for extortion? Navajo Nation hospital targeted by large-scale ransomware hack. It is reported that the ransom was paid. For each one like this that makes the news, the problem is still awful as cyber attacks continue.

Students Are Easily Cheating ‘State-of-the-Art’ Test Proctoring Tech. I know first-hand how invasive the software is to a user’s privacy, and would recommend a format/fresh install before and after this software is installed. Not surprising that analog holes are being used to circumvent the intent of the tech.

Google says it won’t adopt new tracking tech after phasing out cookies. This is good news for the consumer, another sign that the privacy winds are moving in the right direction. However, we should not be fooled that Google has any less visibility to us. They get enough signals from all of our other Google product usage that the loss of cookies will cause no damage to Google’s own targeted advertising business.

Did you know? 

Azure Active Directory verifiable credentials may be the future of your identity and mine. It is Microsoft’s foray into decentralized identity and it looks promising. Microsoft sure has come a long way from the original dreams of Microsoft Passport 😉

For a video version of this post, see https://youtu.be/5gguZ-pMvhM

Related Posts

TWINN Security News April 20, 2021

TWINN Security News April 20, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: The Untold Story Of The SolarWinds Hack. It all started in September 2019 with a PoC to see if malicious actors could introduce one line of harmless code into production Orion software. FBI...

TWINN Security News April 12, 2021

TWINN Security News April 12, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: Pwn2Own contest results are interesting. So is the $200,000 award given for a new Exchange Server vulnerability, while the world still hasn’t solved ProxyLogon. Feel free to check on...

TWINN Security News April 5, 2021

TWINN Security News April 5, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: Opening a TXT file on macOS can be dangerous. This one is patched now, if you’re up-to-date, but ouch! Zero click vulnerability in Apple’s macOS Mail. Much more serious than the first, also...