Grab A Brew Chapter Meeting Recap

//

Thanks to all who attended our chapter meeting on 23 April 2021. A number of cybersecurity topics that were trending recently were discussed by members.

Here follows a list of some of the topics and some thoughts shared in the meeting.

Latest on the Solarwinds Hack

Many companies have been affected by the breach including Intel, Cisco, Offensive security, and VMWare. One thing is certain, the implications of this sophisticated stealthy attack are being felt a long time after it was so successfully executed.

https://krebsonsecurity.com/2021/04/did-someone-at-the-commerce-dept-find-a-solarwinds-backdoor-in-aug-2020/

Privacy and POPIA

The Information Regulator has announced that Information Officer registration will start taking place on 1 May 2021 and they do not have any intention of moving the enforcement date from 1 July 2021.

https://krebsonsecurity.com/2021/04/are-you-one-of-the-533m-people-who-got-facebooked/

https://www.menstuff.co.za/partner-content/top-3-cybersecurity-concerns-in-2021/

Messenger Security (Whatsapp vs Telegram vs Signal)

Virtually everybody today is making use of mobile messengers. There was a good discussion of the security and privacy impact of using these messengers.

The changes to the Whatsapp Privacy Policy has left many questions with regards to our privacy.

WhatsApp vs Telegram vs Signal: Which messaging app should you use?

https://www.menstuff.co.za/partner-content/top-3-cybersecurity-concerns-in-2021/

Cyber Hygiene

With the amount of data we share in cyberspace we need to spend the time to work on our Cyber Hygiene.

We save so much of our information stored online, We need to work on having stronger passwords and not having them written down. Using a password safe helps ease the stress of using multiple passwords.

https://www.welivesecurity.com/2021/04/16/spring-cleaning-dont-forget-digital-footprint/

https://www.welivesecurity.com/2021/04/15/one-six-people-use-pets-name-as-password/

https://www.techrepublic.com/article/replace-your-passwords-with-passphrases-heres-how-to-use-them-to-remain-secure/

The MS Server Exchange Hack 

Four zero-day exploits were discovered in on-premises Microsoft Exchange Servers, giving attackers full access to user emails and passwords on affected servers, administrator privileges on the server, and access to connected devices on the same network. The good news is that administrators appear to have quickly implemented the security fixes but one it is evident now is sneaky attackers left many backdoors.

https://www.businesslive.co.za/bd/companies/2021-03-14-how-hackers-targeted-microsoft-e-mail-weakness-to-cause-global-cybersecurity-crisis/

https://www.welivesecurity.com/2021/04/14/fbi-removes-malware-compromised-exchange-servers/

https://krebsonsecurity.com/2021/03/at-least-30000-u-s-organizations-newly-hacked-via-holes-in-microsofts-email-software/

The FBI Is Now Securing Networks Without Their Owners’ Permission

Handling Ransomware 

In 2021 we have been seeing a wave of Ransomware attacks in South Africa. What plans do we have in place to deal with these attacks? Some primers we referred to while discussing the scourge of ransomware are below.

https://www.infosecurity-magazine.com/blogs/ransomware-to-pay-or-not-to-pay/

https://krebsonsecurity.com/2021/04/ransom-gangs-emailing-victim-customers-for-leverage/

Reminder – The ITWeb Security Summit 2021 is almost upon us. All verified chapter members qualify for a discount on the entry cost as well as stand a chance in the draw for one of 2 tickets for the event.

Leave a Comment

(ISC)² Gauteng Chapter