WTH Security News June 29, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: The Internet’s New Arms Dealers: Malicious Domain Registrars. Google removed 106 malicious Chrome extensions collecting sensitive user data. It is worth noting that DTTS� (Don’t Talk To Strangers) prevents these extensions from working even when installed. Netgear Routers need urgent replacement or…

WTH Security News June 22, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Fake Ransomware Bitcoin Scam Claims “Your Site Has Been Hacked”. A fake ransomware scam is going around that targets website contact forms. Please don’t fall for this. Oracle’s BlueKai tracks you across the web. The data spilled online. This is the answer…

WTH Security News June 15, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: CallStranger vulnerability lets attacks bypass security systems and scan LANs. CallStranger is a good reminder that we usually don’t need uPnP in business. Test yours at ShieldsUp. The apropos-named and patented Don’t Talk To Strangers (DTTS) allows uPnP to be enabled without the CallStranger risk.…

WTH Security News June 8, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: The Impending Doom of Expiring Root CAs and Legacy Clients. If you think forgetting to renew a domain is painful, wait till you see what’s in store for the masses when a 20 or 25-year old self-signed root Certificate Authority expires. Major…

WTH Security News June 1, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Zero-day in Sign in with Apple. Glad this is fixed, glad Apple paid out $100,000 to a responsible researcher, but this is a good lesson in slow adoption of anything new that claims security at the outset. Cisco security breach hits corporate…

WTH Security News May 25, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: The Nigerian fraudsters ripping off the unemployment system. “Scattered Canary” group is scamming vital benefits programs amid the pandemic. Not just America. Affects Canadians as well, so we need to all be on alert, whether or not you are employed. GrayKey iPhone…

WTH Security News May 18, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: FBI, DHS to go public with suspected North Korean hacking tools. This details activity from Hidden Cobra hackers and will benefit blue teams and defenders everywhere. Security Flaws in Adobe Acrobat Reader Allow Malicious Program to Gain Root on macOS Silently. Stick…

WTH Security News May 11, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Zoom acquires Keybase to get end-to-end encryption expertise. Seems like a talent-acquisition/acqui-hire only by the accounts of Keybase. If so, sad for Keybase fans. Samsung patches 0-click vulnerability impacting all smartphones sold since 2014. This is significant. Anyone you love with a…

WTH Security News May 4, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Attackers exploit 0-day code-execution flaw in the Sophos firewall. Such a critical lesson in this for *us* is to never have webadmin publicly exposed. Google Play has been spreading advanced Android malware for years. Advanced hacker group seeded market with at least…

WTH Security News April 27, 2020

Your weekly top 5 technical and security issues Nerds should pay attention to: Hackers target oil producers as they struggle with a record glut of crude. Ministers plan to give more UK public bodies power to access phone data. Meanwhile, during the same week, Israel halts police phone tracking over privacy concerns. A single line of…