TWINN Security News June 6

Nerds On Site
Article Written By David Redekop

1995

Founded In

96,000+

5-Star Reviews

4.83 / 5

Satisfaction Rating

Back in the day when Microsoft thought it would be wise to add protocol handlers anywhere and everywhere, there was no security-conscious rigour applied to those decisions. It has led to a state of insecurity that is only now benig weaponized and we are seeing only the beginning of it now with stories like this:

New Windows Search zero-day added to Microsoft protocol nightmare. While still unpatched by Microsoft, there are mitigation tactics for this, the good news is, we haven’t seen Follina abused by criminals yet, but any day or hour that could start or have started. Most importantly, that beginning might just be a start to other never-before-paid-attention-to other abuse-able protocol handlers.

Critical Atlassian 0-day is under active exploit. You’re patched, right? If not, stop everything and do this first.

Microsoft Seizes 41 Domains Used in Spear-Phishing Attacks by Bohrium Hackers. Just remember, in a Zero Trust connectivity world, you’re ahead of the protection of this kind that always arrives only *after* someone is hurt.

Turbulent Cyber Insurance Market Sees Rising Prices and Sinking Coverage. Business stakeholders do not enjoy the peace of mind of cyber insurance like they could only a few short years ago. Applying actual preventive measure is now front and centre.

To better manage cybersecurity risk, extend zero-trust principles to third parties. Never trust, always verify. Now extend that to third parties as well.

Did you know?

I’m at #RSAC22 in San Francisco this week representing adamnet.works. TWINN video version will resume next week.

You May Also Like…

TWINN #127 Ring’ing Privacy

TWINN #127 Ring’ing Privacy

TWINN #127 Ring'ing Privacy Sometimes technology is so convenient for both the users and vendors that exploitation...

TWINN #120 on Juice Jacking

TWINN #120 on Juice Jacking

TWINN #120 on Juice Jacking Threats come in all shapes and sizes. Not just in a digital sense but also in the...