Hello all, welcome to another Sans News Bites. Some of this news may be of value to you, so please take a look to see if something affects you.
Here is a link to the newsletter for you to peruse.
Top of the news
- Thieves Steal More than $300 Million from Wormhole Blockchain Platform
- DHS Cyber Safety Review Board
- Open Source Security Foundation’s Alpha-Omega Vulnerability Detection Project
These are three big stories. The biggest is the heist of the crypto currency. I’ve said this numerous times to people on clubhouse who insist that Crypto is the future, with stories like this coming out, I do not believe Crypto is the future, it will eventually crash somehow. With so many putting thousands of dollars in to Crypto Currency, if it crashes because of this supposed theft, than they’ll be out the money while those who hold out will be just fine.
I’ve hear Security Now’s Steve Gibson talk about Bitcoin and its tecnology, and it is awesome what was done. But since it can be stolen just like cash and credit cards, Crypto has no FDIC insurance. Cash doesn’t either, but credit cards and even debit cards are insurred by your company with $0 liability if reported in a timely manner.
With credit cards, they give you at least a billing statement to review and dispute anything you don’t recognize. So when your statement comes out, review it so you are not out money you aren’t expecting to pay. For debit cards, check your bank statement for the same thing, check for charges and withdrawls you aren’t expecting.
The other two stories here are interesting and worth watching.
The Rest of the news
The biggest stories here are the oil companies potentially having a ransomware problem and Eset fixing a vulnerability in its products. Ransomware is a big deal now, and no company will be out of the woods. At some point, we all will at some point have to deal with a ransomware attack, whether we can afford it or not.
As for Eset, they fixed their products, and as an antivirus company, they had to jump on it fast. Running Antivirus is hard, but fixing the issue quickly was key.
I read the red cross fiasco, See this blog post from the 28th of January for my thoughts. I’m glad that Sans covered this just the same, because not many people will know about this unless word gets out.
Finally, Sans covered the fact that the FBI tested Pegasus. I don’t see a problem with testing something, especially if you’re going to use it anyway, but Pegasus has been known to be a big problem and those of us who followed it know that it is.
I’m glad the FBI is not using the dangerous software, and read the thoughts of Sans to see what they have to say on this one.
I’ll have more later, as this completes my thoughts on the newsletter. Make sure you read it and if something affects you, you’re aware of it and can take steps to make sure you’re as prepared to deal than you can be. Maybe that sentence doesn’t make sense, you get the idea though.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.