Welcome to this week in NerdNews (TWINN). Your weekly top 5 technical and security issues Nerds should pay attention to:
Biden administration holds meeting on ransomware threat with more than 30 nations and E.U. This is intended as a first meeting of many. More than 30 countries gathered and acknowledged the global security threat that it has become. Noticeably absent were Russia, China, Iran and North Korea.
“The meeting did not result in any formal treaty or pledge, but rather yielded a statement laying out cooperation across a wide range of areas: countering illicit finance; disruption of ransomware networks through law enforcement; diplomacy to encourage states to hold criminals accountable; and strengthening cybersecurity.”
Acer confirms second cyberattack in 2021 after ransomware incident in March.
“This is the second cyberattack Acer has suffered this year after being hit with ransomware in March.
The REvil ransomware group claimed the attack and demanded a $50 million ransom, one of the highest reported at the time. Acer offered to pay the group $10 million, which was rejected by the hackers.”
MysterySnail attacks with Windows zero-day. This is a real zero day exploit, meaning that a Windows vulnerability is being exploited in the wild, a weakness that is not yet patchable. What we see over and over again in these types of attack is that they rely on being able to reach out to their C2 such as disktest\.com or sunblerx\.com or ddspadus\.com, all of which would not be added to anyone’s allow list even in an adaptive allow-listing mode. It’s just another reminder that relying on patching and blocklisting alone is not sufficient.
How Coinbase Phishers Steal One-Time Passwords. We don’t see too many stories about OTP tokens being stolen, but when it’s easy enough, it’ll happen. In this case, the phishing campaign was actually quite successful as the victims willingly handed out their new credentials along with their OTP token. Again, such phishing is preventable with an adaptive allow-listing approach.
Researchers Find Android Phones Still Track You, Even When You Opt Out. The momentum towards tracking in everything Android users do just seems to never end. Google Analytics and Doubleclick are some of the places that system apps willingly share everything with. I can tell you one thing – if I used Android, there’s no way I’d ever use it unless there’s a separate traffic gateway blocking such common vectors. Sadly, it’s the normal, every day user that is the victim here.
Did you know?
There’s one search engine that has never had a keyword or user warrant, which is Duck Duck Go. In a day when our civil liberties are not what they once were, this might matter more and more. And it’s so easy to make Duck your default search engine in any browser, but in Brave, it’s under Settings -> Search Engine and it’s in your dropdown list.
For a video version of this see https://youtu.be/BJMUn3aWYvw