Your weekly top 5 technical and security issues Nerds should pay attention to:
Microsoft Put Off Fixing Zero Day for 2 Years. Steve Gibson weighs in on Security Now Episode #780 as well. Really not surprising that Red Teams (adversary emulators that test your defenses) have been so successful of late on any windows network.
Google fixes major Gmail bug seven hours after exploit details go public. Attackers could have sent spoofed emails mimicking any Gmail or G Suite customer.
FBI and CISA warn of major wave of vishing attacks targeting teleworkers. The attackers collected login credentials for corporate networks, which they then monetized by selling the access to corporate resources to other criminal gangs.
New P2P botnet infects SSH servers all over the world. Administrators who don’t protect SSH servers with both a strong password and a cryptographic certificate may already be infected with malware that’s hard for the untrained eye to detect.
Booze and cruise providers are the latest to be hit by ransomware scourge. Jack Daniel’s distiller and Carnival cruise operator both warn of personal data theft.
Did you know?
On macOS there’s a native terminal utility called nettop which gives you real-time bandwidth consumption details by process. My favourite way to run it is
nettop -n -d -P -J bytes_in,bytes_out