Skip to main content

Friday Five 3/3

by Colin Mullins on Friday March 5, 2021

Contact Us
Free Demo

Zero day exploits, browser extension economics, and the scourge of robocalls - catch up on all of the week's infosec news with the Friday Five!

1. Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks by Kelly Sheridan

Microsoft has released patches for four critical vulnerabilities that were being used to target Microsoft Exchange Server. Gaining access to Exchange server would allow access to any sensitive communications conducted over email within a company. Officials have attributed the attacks to a state-sponsored group out of China, known as Hafnium. Hafnium has a history of targeting US industries, ranging from law firms to NGOs, in an attempt to steal data. Microsoft has urged customers to patch immediately, as now that the information is public, there will be a rush of criminal groups and state-sponsored actors to exploit unpatched systems.

Read more

2. Is Your Browser Extension a Botnet Backdoor? by Brian Krebs

In a story examining the growing industry of firms making extensions for popular internet search applications, the lopsided economics involved has led to potentially risky code being installed in extensions. As an extension grows in popularity and increases its users, the costs to maintain support and code can be significant. This opens the door to outside potentially malicious actors, buying the extension, or paying the original owner to include extra code. Between the willingness to sell because of the lack of financial payoff and large download base of certain extensions, there’s a lot of data that someone can glean and abuse by buying one of these extensions. The story serves as a reminder that users should be cautious about what extensions they install, especially as the purpose and design of extensions can change over time.

Read more

3. Robocalls keep spamming Americans, in part because of their cyber tools by Tim Starks 

After a brief lull, robocalls have increased again and are now mimicking the attack methods of hackers. This includes combining phone calls with tricks to sidestep two-factor authentication. The news is concerning as some estimates have found that there are three to four billion robocalls a month and that phone scams cost US consumers billions of dollars annually. These new techniques are part of the increasing sophistication of phone scams, an example being someone claiming to call from a vendor to fix a problem with technical support, only to install malware. And though people have gotten better about picking up suspicious phone calls, if they receive a text from the same source, they are more likely to think the person is legitimate, even if they are not. The story is a reminder to avoid answering unknown calls, and if you receive multiple messages about a problem, hang up and independently verify with your financial institution or work whether something is real.

Read more

4. Policy Group Calls for Public-Private Cyber-Defense Program by Robert Lemos

In a new report, the New York Cyber Task Force has recommended that the U.S. create a National Cyber Response Network. The network would link government and industry groups to respond to cyberattacks either from hostile nation-states or individual hackers. According to the report, the U.S. is not ready to effectively respond to a cyberattack because of the roadblocks that currently exist between the government and the private sector. If created, the network would be managed by an agency designated by a cabinet-level National Cyber Director. The recent hacks in the news and the large number of persistent threats that exist further underscore the importance of creating a network to improve both the offensive and defensive cyber capabilities of the U.S. government.

Read more

5. Google beefs up privacy promises as it prepares to upend its ad model by David Meyer

The article examines Google’s phasing out of third-party cookies in its popular search engine. The move is part of a larger trend; Apple’s Safari and Mozilla’s Firefox have already started blocking third-party cookies. The push to remove third-party cookies has understandably faced a backlash from publishers and ad technology firms that have triggered an anti-trust investigation against Google in the UK. To assuage concerns this week about what might replace third-party cookies, Google’s privacy chief stressed that the replacement technology will keep individuals anonymous. As well, with Google’s new federated learning of cohorts, or FLoC, advertisers will not see a significant drop-off in their conversion per dollar spent compared to cookie advertising. It will be interesting to see how this all plays out, but it’s clear Google’s new technology will have implications for the future of users' online privacy.

Read more

Tags:  Botnet Privacy

Recommended Resources

The Definitive Guide to DLP

  • The seven trends that have made DLP hot again
  • How to determine the right approach for your organization
  • Making the business case to executives

The Definitive Guide to Data Classification

  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business