Nerds On Site

Your IT and Security Solutions Team

News and Articles

TWINN Security News January 11, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: Telegram feature exposes your precise address to hackers. Telegram, the not-so-secure messaging app, has a vulnerability that exposes users\’ precise geolocation — but Telegram has no plans to fix it. I know fleeing WhatsApp users are looking for a better home, but

Read More »

TWINN Security News January 4, 2021

Your weekly top 5 technical and security issues Nerds should pay attention to: First thing’s first, at the start of this year, WTH NerdNews is renamed to TWINN for This Week In Nerd News. The focus is still in 5 mins or less to get up to speed with the most important stories and events of

Read More »

WTH Security News December 28, 2020

Last one this year… enjoy! Your weekly top 5 technical and security issues Nerds should pay attention to: SOLARWINDS HACK INFECTED CRITICAL INFRASTRUCTURE, INCLUDING POWER INDUSTRY. At least 15 critical infrastructure firms in the electric, oil, and manufacturing industries were running the backdoored SolarWinds Orion software (per @kimzetter). Suspected Russian hackers used Microsoft vendors to

Read More »

WTH Security News December 21, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Dozens of journalists’ iPhones hacked with NSO ‘zero-click’ spyware, says Citizen Lab. I know this is starting to sound like it’s the same song over and over. Same with the mitigation. Effective egress control is the only mitigation. Microsoft is reportedly added

Read More »

WTH Security News December 14, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Google had an outage for about an hour this morning. I don’t recall having seen all services have a problem at the same time before. Hopefully we’ll hear from them about the cause. DHS, DOJ And DOD Are All Customers Of SolarWinds

Read More »

WTH Security News December 7, 2020

Citizen Lab finds surveillance tech that can find you with just a phone number. This may generate a new need and want for increased privacy, now that we know how many governments have been using this service to locate citizens, albeit unlawfully. It\’s hard to keep a big botnet down: TrickBot sputters back toward full

Read More »

WTH Security News November 30, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: This Bluetooth Attack Can Steal a Tesla Model X in Minutes. Just need a visible VIN number and about $300 in hardware as illustrated. Networking giant Belden says hackers accessed data on employees, business partners. To attackers, no giant is too big

Read More »

WTH Security News November 23, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: How the U.S. Military Buys Location Data from Ordinary Apps. The trouble with free apps. The app makers must make revenue somewhere and selling data is lucrative. Windows 10: Microsoft reveals Pluton security chip – \’Expect Patch Tuesday-type updates\’. Microsoft promises Pluton

Read More »

WTH Security News November 16, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Ticketmaster fined £1.25m over payment data breach. Ticketmaster had a breach in 2018 via a third-party chat bot on its site that exposed the credit card details of tens of thousands of customers. Schools Struggling to Stay Open Get Hit by Ransomware

Read More »

WTH Security News November 9, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Apple patches iOS against 3 actively exploited 0-days found by Google. Probably the most important/urgent upgrade ever. Don’t wait for 14.2 upgrade, do it now. U.S. Feds Seized Nearly $1 Billion in Bitcoin from Wallet Linked to Silk Road. Speculation kicked off

Read More »

WTH Security News November 2, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Cops Turn to Canadian Phone-Tracking Firm After Infamous \’Stingrays\’ Become \’Obsolete\’. An interesting attribute of 5G is that legacy stingrays are no longer effective. European ransomware group strikes US hospital networks, analysts warn. “UNC1878 is one of most brazen, heartless and disruptive

Read More »

WTH Security News October 26, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Trickbot—the for-hire botnet Microsoft attacked—is scrambling to stay alive. Good-ish news for once on this persistent tool so common in ransomware targets. They have a new functional server list, though, so egress control is still the #1 most effective mitigation strategy. Six

Read More »

WTH Security News October 19, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: This new malware uses remote overlay attacks to hijack your bank account. In case it isn’t obvious, both the Remote Access Trojan and the malicious software installation is prevented 100% with zero trust controls. This high-profile eCrime group operates multiple ransomware families

Read More »

WTH Security News October 12, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Attacks Aimed at Disrupting the Trickbot Botnet. It is worth noting, that DTTS (Don’t Talk To Strangers) *never* allows any Trickbot-infected computer to reach the authors’ controllers. IRS Use of Cell Phone Location Data Hits ‘Legal Gray Area’ (1). U.S. Customs and

Read More »

WTH Security News October 5, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Microsoft\’s Azure AD authentication outage: What went wrong. It\’s been a rough week for Microsoft users who have first- and third-party apps that rely on Azure Active Directory for authentication. Microsoft has published a root-cause analysis of its issues. Russia\’s Fancy Bear

Read More »

WTH Security News September 28, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: One of this year’s most severe Windows bugs is now under active exploit. For the third week in a row, this makes it to our top 5. That’s how bad ZeroLogon is. Remember, in seconds, an unauthenticated user can change Active Directory

Read More »

WTH Security News September 21, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: ZOOM finally supports 2FA natively. Many of us have been using Single Sing-on by using Google logins and MFA-protecting such accounts, but now zoom.us offers it natively on their own accounts, supporting both SMS and several 2FA apps. Billions of devices vulnerable to new

Read More »

WTH Security News September 14, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Zerologon attack lets hackers take over enterprise networks. Or smaller networks. Or any Active Directory that isn’t patched. If an environment carries the risk of a potential implant attack, additional preventive measures of zero trust are a must. Equinix data center giant

Read More »

WTH Security News September 7, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Facebook complains, Apple responds: iOS 14’s big privacy change gets postponed. The company says the change is still coming, but it hasn\’t said when. Gives developers time to adjust to asking for permission. Typosquatting Intensifies Ahead of US Election. Mistyped URLs can

Read More »

WTH Security News August 31, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: U.S. indicts Russian for attempted ransomware attack on Tesla factory. Instead of accepting a million dollar bribe for using employee access to assist in the attack, the employee reported it to the FBI. Chinese-Made Smartphones Are Secretly Stealing Money From People Around

Read More »

WTH Security News August 24, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Microsoft Put Off Fixing Zero Day for 2 Years. Steve Gibson weighs in on Security Now Episode #780 as well. Really not surprising that Red Teams (adversary emulators that test your defenses) have been so successful of late on any windows network. Google fixes

Read More »

WTH Security News August 17, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: The Secret SIMs Used By Criminals to Spoof Any Number. A must-read. However, it isn’t that difficult to spoof a number right from your mobile without a special SIM card. A cursory search finds us Spoofcard, Spooftel, Spoofbox, Spoof my Phone, all of which have free

Read More »

WTH Security News August 10, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Snapdragon chip flaws put >1 billion Android phones at risk of data theft. You can’t make this stuff up. Canon confirms ransomware attack in internal memo. Canon has suffered a ransomware attack that impacts numerous services, including Canon\’s email, Microsoft Teams, USA

Read More »

WTH Security News August 3, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: There’s a Hole in the Boot. I predict this is the most critical news of the week as it will take many years for this vulnerability to be patched across the board. This will likely result in attackers and red teams utilizing

Read More »

WTH Security News July 27, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: SIGRed is a 15-year-old Windows DNS Server vulnerability. When exploited, this is wormable. The last major wormable exploit brought us Wannacry, so this one is worth taking seriously with patching and mitigations. Kevin Beaumont wrote a nice blog titled Detecting DNS CVE-2020–1350 exploitation attempts

Read More »

WTH Security News July 20, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Emotet Returns After Five Month Hiatus. Known as a versatile and widely disruptive threat, early versions of Emotet had a module that was used to commit banking fraud, and for years, the malware was widely classified as a banking Trojan. Just another

Read More »

WTH Security News July 13, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: CVE-2020-1425 and CVE-2020-1457 are Emergency Windows Updates. However, they are available only from the Microsoft Store. They both address a critical Microsoft Windows Codecs Library Remote Code Execution Vulnerability. Cyber Command backs \’urgent\’ patch for F5 security vulnerability. Here\’s a major bug in widely used networking gear

Read More »

WTH Security News July 6, 2020

100s of millions of devices, including medical, vulnerable to attack. Dubbed Ripple20 (research source), these are zero-day vulnerabilities that may or may not ever be patched. More reason than ever to have proper network isolation, NAC (Network Access Control) and Egress control. How police secretly took over a global phone network for organized crime. Lesson: believing

Read More »

WTH Security News June 29, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: The Internet\’s New Arms Dealers: Malicious Domain Registrars. Google removed 106 malicious Chrome extensions collecting sensitive user data. It is worth noting that DTTS� (Don\’t Talk To Strangers) prevents these extensions from working even when installed. Netgear Routers need urgent replacement or

Read More »

WTH Security News June 22, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Fake Ransomware Bitcoin Scam Claims “Your Site Has Been Hacked”. A fake ransomware scam is going around that targets website contact forms. Please don’t fall for this. Oracle’s BlueKai tracks you across the web. The data spilled online. This is the answer

Read More »

Contact Info

Call our local computer support specialists.

We’re a full service IT company.

Stay Connected

NEED A LOCAL NERD NOW?

Click on the button below and all the nerds in your area will be instantly alerted on their phones with all of your details.

Scroll to Top