Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:
Wide-ranging SolarWinds probe sparks fear in Corporate America. This pressure on C-level executives is very real that culpability may be exposed. The best possible outcome from this will be a collective determination to act more preventively on cyber-security issues.
Apple pays hackers six figures to find bugs in its software. Then it sits on their findings. I’ve found this myself when I’ve reported a vulnerability, Apple informed me that it did not qualify. However, considering that Apple’s devices are already so much more secure than any other consumer platform, they can afford to err on the side of their internal culture.
Google handed user data to Hong Kong authorities despite pledge after security law was enacted. This is an excellent example, that big tech will always do what’s best for them, not necessarily what’s best for the users or clients. It is with this judgment and understanding that we engage (or not) on various services.
WhatsApp “end-to-end encrypted” messages aren’t that private after all. What a valuable lesson in what an “end” is, and what happens when a message is reported.
Groove Ransomware Gang Tries New Tactic to Attract Affiliates. I’m sharing this story to help us all be aware of the dynamic shift in the cyber criminal marketplace. “We believe that Groove has done this (leak 500,000 Fortigate VPN credentials) to empower other threat actors and aspiring cybercriminals to step into the scene,” says John Fokker
Did you know?
There is a free tool available for web server administrators to check and see if your website has had phishing pages planted. Tool: Kit Hunter by @SteveD3
For a video version of this see: https://youtu.be/qMCHY_M3FPw
