Your weekly top 5 technical and security issues Nerds should pay attention to:
The Impending Doom of Expiring Root CAs and Legacy Clients. If you think forgetting to renew a domain is painful, wait till you see what’s in store for the masses when a 20 or 25-year old self-signed root Certificate Authority expires.
Major attack on water systems thwarted. “Rapid is not something that describes enough how fast and how crazy and hectic things are moving forward in cyberspace and I think we will remember this last month and May 2020 as a changing point in the history of modern cyber warfare”.
Exploit code for wormable flaw on unpatched Windows devices published online. From the github page: “Using this for any purpose other than self education is an extremely bad idea. Your computer will burst in flames. Puppies will die.” We know from history that it never takes exploit code long to mature and be monetized. If cyber criminals have learned from WannaCry and NotPetya, this could be a bad sign. Patch. Now.
The state of drive-by malvertising downloads. This is the mechanism that still allows the masses to be infected via popular websites, and just another reason that security filters play such an important role. The two naturals, of course, are endpoint security and gateway security.
The return of a much more worrisome StrandHogg. Promon researchers have discovered a new elevation of privilege vulnerability in Android that allows hackers to gain access to almost all apps. For Android users to be safe[r], use Mobile Device Management (MDM) to deploy apps and tightly control permissions.
Did you know?
Since Windows 10 1909, Always-on-VPN is natively supported, requiring no third party or MDM to have a *device* VPN, including lock-down mode (similar in functionality to iOS Always-on VPN). Once deployed server-side, the client enrolment can be done with a single powershell script. Very elegant and impressive feature coming from Microsoft.