Between The Hacks

View Original

BTH News 17April2020

This Week In Cybersecurity

THE ZOOVID-19 SAGA Continues

Another week of Zoovid-19 news as Zoom and COVID-19 dominate the cybersecurity headlines. Two Zoom zero-day exploits go up for sale. Zoom faces another class-action lawsuit. It’s not all bad news though, Zoom has been busy patching and making strides to regain trust. COVID-19 help is a click away, social media companies battle Coronavirus misinformation, home routers are compromised and this blog was selected by Feedspot as one of the Top 100 Cyber Security Blogs on the web. Thanks to all of the readers.


The Bad News: This week, two Zoom zero-day exploits went up for sale. One for Windows and one for macOS. The first is listed at $500,000.

Zoom is now facing a class-action law suit on behalf of Zoom investors who purchased stock between April 18, 2019 and April 6, 2020.

The Good News: Zoom has been busy patching security and privacy concerns. Here are a few of their updates.


COVID-19 Cybersecurity Update

There is a lot of news about COVID-19 cyber-attacks but not much to help those who have become victims. This week, Between The Hacks created a page of COVID-19 Cybersecurity Resources and Support to help those who need it.

Cybersecurity Blogger, John Opdenakker wrote a great article addressing the increased COVID-19 Security Risks we all face online today.

Facebook will now alert users when they interact with fake COVID-19 Coronavirus content.

In addition to Facebook’s efforts, this article shares How Social Media Companies Are Battling COVID-19 Misinformation




Home Routers Used In COVID-19 Malware Attack

Linksys forces password reset on all customers’ Smart Wi-Fi accounts after cybercriminals used credential stuffing attacks to gain access to user accounts. Bitdefender reports that the attackers changed DNS settings in the router to redirect popular domains to COVID-19 a themed malware site. Some of the domains that were attacked are “aws.amazon.com” “goo.gl” “bit.ly” and “disney.com”

If you have a Linksys Smart W-Fi account and have not seen the notification from Linksys, here are instructions on how to reset your password.


Microsoft Patch Tuesday: April 2020 Edition

Another month, another 100+ vulnerabilities patched.

“Microsoft fixed 113 vulnerabilities in this month’s Patch Tuesday, just two shy of last month’s 115” reports Trend Micro. In fact, Microsoft has patched 44% more vulnerabilities from January to April this year, than they did during the same time frame last year.

This month’s batch includes 17 critical vulnerabilities and 96 rated as important.

Check back in the coming weeks for a Between The Hacks blog series that explains vulnerabilities, vulnerability management, and patching. FUN!


Tip of the Week

Home Routers

With the Linksys home router compromise in the news this week, it’s a good time to see if your home router has the right security features.

Your home router is the one device that protects your home’s digital assets from the dangers of the Internet. It is a very busy little device; constantly fighting off attacks and managing your Internet access. Considering the importance of this device, it’s shocking and disappointing that many routers do not have an automatic update feature, which means that you and I need to go the the manufacturer’s website regularly to look for updates. Unfortunately, most people don’t know this and never update their router’s firmware. Another upsetting fact is that many routers that are more than a few years old are no longer supported by the manufacturer, which means no patching of vulnerabilities, even if you manually go look for them.

So, the most important feature to look for in a home router is that it has an automatic update feature. You never know when your router manufacturer will patch a vulnerability and since they don’t know that you bought their router, they can’t tell you. None of us want our home networks to be attacked but home routers are a favorite target these days.

While there are many great auto-update routers on the market, one of my favorites for most people is the Amplifi router because it is not only attractive enough to be on display in your home, but it also updates itself with patches and is relatively affordable.

If you have a large house or property and need to extend your Wi-Fi range, this Amplifi router package comes with two mesh antennas which work great for adding a signal to those dead zones. Just plug them into a regular power outlet and you have extended your wireless network.


Picture of the Week

A Class-C (Classy) new netmask for the iPad ;)