April 20, 2020
Niles Nerd

WTH Security News April 20, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to:

Microsoft April 2020 Patch Tuesday fixes 3 zero-days, 15 critical flaws. For SecurityNow listeners, you already knew about a number of these over a week ago, and hopefully applied mitigation techniques.

Ring 0 of fire: Does Riot Games’ new anti-cheat measure go too far? Oh boy, where we even start with this one? Don’t forget how the Sony kernel driver damaged Sony’s reputation for goodIn any case, do *not* allow kernel drivers like this on business systems.

NHS coronavirus app: memo discussed giving ministers power to ‘de-anonymise’ users. In many ways, UK leads the way among treacherous new policy ideas. Could be infectious (pun intended).

New Cloudflare tool can tell you if your ISP has deployed BGP fixes. “Is BGP Safe Yet” names and shames ISPs who don’t tend to their routing.

New York Investigating Hack of State’s Computer Network. Intrusion prompts state to install additional security software and reset thousands of passwords.

Did you know?

You can watch a real-time stream of SSL/TLS certificate registrations globally right on your computer. If you grep/filter by keywords like “corona” it reveals quickly how seriously the domain registrations and certificates are used for malicious intent. If interested, visit https://certstream.calidog.io/.