Security weekly

Hi and welcome to another Security weekly. Where we laugh, we cry, and share the latest and greatest of security news.

In this weeks edition:

• Microsoft Patch Tuesday delivers a whopping 84 updates

• 8 million stolen through Uniswap phishing

• Small town in The Netherlands shares how they got hacked

• The quick and dirty

• Security like I'm five

Reading time: 02:34

Microsoft Patch Tuesday delivers a whopping 84 updates

Every second - who would've guessed - Tuesday of the month Microsoft releases all their updates. This is called Patch Tuesday. Other big tech tend to release on this Patch Tuesday as well, but Microsoft formally adopted it.On this magical patch Tuesday, Microsoft server and windows updates get bundled and released all at once. This to make the life of sysadmins everywhere easier.Not a lot, but you gotta appreciate the little things, right?

So, why was this one so special?Well, with 84 updates it's a very big one. But the updates released were mostly for important security fixes. Azure Site Recovery got hit the hardest with 32 updates. That's a lot for a 'smaller' product.Another noteworthy thing is that 4 of them were critical, and 1 even an actively used zero-day-exploit.

My advice? Give your IT guy a pat on the back, a kiss on the forehead and make sure he applies updates where needed.

8 million stolen through Uniswap phishing

Close to 8 million stolen through a fake Uniswap airdrop. The popular decentralized Exchange had some fraudsters lure people in with free airdrop tokens.This made the unsuspecting victim approve what they thought was a giveaway token, but actually redirected them to a fake site.After approving the sign-in, the hackers had access to the victim's Ethereum and transactions.

Always double check URL and SSL. And some ancient advice that never gets out of style:

If something sounds too good to be true, it probably is.

With crypto being in a downwards trend for the last couple o' months, this news came at a bad time.Although the trendhoppers have already left, so it's only us crypto bro's still here. You into crypto? Let me know!

Small town in The Netherlands shares how they got hacked

Buren, a small town in the Netherlands got hit pretty bad by ransomware. Nothing new under the sun I'd say, but they shared an in-depth root cause analysis made by cyber security firm Hunt & Hackett. (Warning, it's in Dutch, but worth throwing into Google translate)

Hunt & Hackett helped Buren in restoring their defenses, and also made recommendations based on their experience and what they found while making the root cause analysis.

Here's some of the highlights:

• Implement intrusion detection mechanics in both network and endpoint. With the average time before detecting a hack being 280 days, it's safe to assume we can all do a bit better in this area. A lot of people lock their digital front doors, but have no means of detecting who is already inside. Solid tip!

• Implement Multi Factor Authentication on every level. As I said in my Twitter thread earlier this week, MFA is the GOAT.

• Invest in decent infrastructure and network equipment. Hate to break it, but that Verizon modem ain't gonna keep the bad guys out.

• Write a decent password policy and adhere to it. Easy as that.

More tips? Check out my Twitter thread:

Security like I'm five

Don't have time for hours of research? Don't 20 years of experience in security? Me neither, but I gotchu fam.In Security like I'm five I cover a range of security topics. I do all the hard work, and explain it to you in a practical matter. Lot's of meme's too, good stuff.

Next up are Security & compliance certifications (ISO, ISAE, PCI DSS, ...) and types of attacks!

That's all for now folks. Remember: when in doubt, don't click the link!