This Week In Nerd News (TWINN) – March 27, 2023

Nerds On Site
Article Written By David Redekop

1995

Founded In

96,000+

5-Star Reviews

4.83 / 5

Satisfaction Rating

TWINN #117 – Abuse of new technology

Our industry used to be able to innovate for convenience and business efficiency without giving it much thought about how it might be abused. When we went from courier-delivered legal documents to the fax machine, the velocity of business accelerated so massively that entire business units were disrupted and new ones born. When email was introduced and available to everyone, we experienced yet another massive business accelerant.

In today’s lead story, Apple even had the benefit of others doing the bulk of the first generation innovation. Remember tile? No more lost keys? On more than one occasion the tile allowed us to recover valuable objects and then Apple Sherlocked them with the introduction of the AirTag. The affordability and ease of the AirTag tech is now being used not only be stalkers but also as government surveillance (much of it justifiable, I know):

The 5 Top Cyber Security Stories Of The Week – March 27, 2023

1. The DEA Quietly Turned Apple’s AirTag Into A Surveillance Tool.

Pay attention to your iPhone’s alerts if an AirTag is traveling with you that isn’t yours.

2. Justice Department Announces Arrest of the Founder of One of the World’s Largest Hacker Forums and Disruption of Forum’s Operation.

This one reminded me of how long Brett Johnston was able to run US-based cyber criminal operations. Thankfully he’s now one of the good guys.

3. Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers.

As is usually the case, stay updated, but use additional mitigations, including Zero Trust, to prevent such an exploit in advance of a patch.

4. Python info-stealing malware uses Unicode to evade detection.

As is often the case with domain-based obfuscation techniques, Zero Trust is a mitigation tool that prevents unknown, newly-registered domains from working.

5. Windows, Ubuntu, and VMWare Workstation hacked on last day of Pwn2Own.

As we can see, all the latest patches and updates are not quite enough. We need to stay vigilant in providing additional mitigation everywhere that an organization’s asset puts the company at risk.

Did you know?

Gordon Moore (we all know Moore’s Law of the number of transistors doubling every two years) passed away. What a legacy!

Could not do a video today, will resume next week.

You May Also Like…

TWINN #127 Ring’ing Privacy

TWINN #127 Ring’ing Privacy

TWINN #127 Ring'ing Privacy Sometimes technology is so convenient for both the users and vendors that exploitation...

TWINN #120 on Juice Jacking

TWINN #120 on Juice Jacking

TWINN #120 on Juice Jacking Threats come in all shapes and sizes. Not just in a digital sense but also in the...

Index