Cyber Security

WTH Security News December 28, 2020
by Nerdsonsite

Last one this year… enjoy!

Your weekly top 5 technical and security issues Nerds should pay attention to:

SOLARWINDS HACK INFECTED CRITICAL INFRASTRUCTURE, INCLUDING POWER INDUSTRY. At least 15 critical infrastructure firms in the electric, oil, and manufacturing industries were running the backdoored SolarWinds Orion software (per @kimzetter).

Suspected Russian hackers used Microsoft vendors to breach customers. Reuters says that the hackers behind the SolarWinds breach used access to Microsoft resellers to penetrate targets that weren’t backdoored by SolarWinds at all. The hackers used access to the reseller, which sells Office licenses but also has access to client systems for maintenance and customer support, to try to read the Office 365 cloud email belonging to cybersecurity giant CrowdStrike. Luckily, CrowdStrike only uses Office desktop apps and not Office 365 for its email. Had it been, it would’ve been “game over,” per a source speaking to Reuters. (per @ZackWhittaker)

Law enforcement take down three bulletproof VPN providers. VPN technology is an important resource. Choosing your vendor is like navigating a minefield.

Amazon Gift Card Scam Delivers Dridex This Holiday Season. We all need reminders that something too good to be true, probably is.

GoDaddy Employees Were Told They Were Getting a Holiday Bonus. It Was Actually a Phishing Test. Interesting twist in this story: normally staff are educated, but here it’s the execs who did some learning.

Did you know?

Zoom update adds support for Apple’s Arm silicon M1-based Macs. Finally, a long-lasting battery on a light-weight laptop for long remote zoom meetings 🙂

For a video version of the above, plus a fun personal tobogganing clip, check out https://youtu.be/RKgPV5f3fKE

Related Posts

WTH Security News January 11, 2021

WTH Security News January 11, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: Telegram feature exposes your precise address to hackers. Telegram, the not-so-secure messaging app, has a vulnerability that exposes users' precise geolocation — but Telegram has no plans...

WTH Security News January 4, 2021

WTH Security News January 4, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: First thing’s first, at the start of this year, WTH NerdNews is renamed to TWINN for This Week In Nerd News. The focus is still in 5 mins or less to get up to speed with the most important...

WTH Security News December 21, 2020

WTH Security News December 21, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Dozens of journalists’ iPhones hacked with NSO ‘zero-click’ spyware, says Citizen Lab. I know this is starting to sound like it’s the same song over and over. Same with the mitigation....