swn183

Security Weekly News Episode #183 – February 01, 2022

Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe

1. UPnP, Samba, CISA Lists, SMS Trickery, Secret Pixels, & Lazarus Returns – 02:00 PM-02:30 PM

Description

This Week in the Security News: UPnP strikes back, Lazarus, Samba, CISA, SMS Scams, secret pixels, OMB Zero Trust, and Wordle, along with the Expert Commentary of Jason Wood on this edition of the Security Weekly News!

Hosts

DougWhite

Doug White

@dougwhitephd

Professor at Roger Williams University

  1. 277,000 routers exposed to Eternal Silence attacks via UPnP
  2. Lazarus hackers use Windows Update to deploy malware
  3. Samba bug can let remote attackers execute code as root
  4. CISA adds 8 vulnerabilities to list of actively exploited bugs
  5. Coronavirus SMS scam offers home PCR testing devices – don’t fall for it!
  6. Companies know what you do inside your email inbox. Here’s how to block them.
  7. The Zero-Trust Timer Is on for Federal Agencies — How Ready Are They?
  8. New York Times acquires hit game Wordle for seven-figure sum
JasonWood

Jason Wood

@Jason_Wood

Founder; Primary Consultant at Paladin Security

  1. Cyberattacker hits German service station petrol terminal provider – Other links:
    ZDNet – https://www.zdnet.com/article/shell-forced-re-route-oil-supplies-after-cyberattack-on-german-companies/
    Ransomware rumors on Twitter – https://twitter.com/uuallan/status/1488528693131632645