Cyber Security

WTH Security News January 11, 2021
by Nerdsonsite

Your weekly top 5 technical and security issues Nerds should pay attention to:

Telegram feature exposes your precise address to hackers. Telegram, the not-so-secure messaging app, has a vulnerability that exposes users’ precise geolocation — but Telegram has no plans to fix it. I know fleeing WhatsApp users are looking for a better home, but Telegram isn’t it.

Ransomware Victims’ Data Published via DDoSecrets. This is Wikileaks’ successor, but unfortunately with even less discernment. The lesson in all of this is to take security seriously so your company data is never exfiltrated in the first place.

Malware Developers Refresh Their Attack Tools. The LokiBot increases in sophistication but still relies on egress for several stages, so proper controls can still provide 100% protection.

Cryptocurrency stealer for Windows, macOS, and Linux went undetected for a year. If you’re the holder of crypto currency, treat it like you would your real wallet, especially one that has cash in it.

Cobalt Strike & Metasploit Tools Were Attacker Favorites in 2020. These are readily-available tools marketed towards “red teams”, or adversary emulators, no wonder criminals use them in the real world.

Did you know? 

Ecosia.org is a search engine that “plants trees with your searches”. It’s very effective. However, it does not offer a safe search function.

For a video version of this TWINN post, see https://youtu.be/dPi84g2ecHY

Related Posts

WTH Security News January 4, 2021

WTH Security News January 4, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: First thing’s first, at the start of this year, WTH NerdNews is renamed to TWINN for This Week In Nerd News. The focus is still in 5 mins or less to get up to speed with the most important...

WTH Security News December 28, 2020

WTH Security News December 28, 2020

Last one this year... enjoy! Your weekly top 5 technical and security issues Nerds should pay attention to: SOLARWINDS HACK INFECTED CRITICAL INFRASTRUCTURE, INCLUDING POWER INDUSTRY. At least 15 critical infrastructure firms in the electric, oil, and manufacturing...

WTH Security News December 21, 2020

WTH Security News December 21, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Dozens of journalists’ iPhones hacked with NSO ‘zero-click’ spyware, says Citizen Lab. I know this is starting to sound like it’s the same song over and over. Same with the mitigation....