Show Notes for Weekly Security Update 2021 Week 2

Simple Cyber Defense weekly updates for 1/9/2021. 

Welcome back to the simple cyber defense in this episode we’re gonna be talking about 3 issues that happened this week. The first one we will go more in depth with the T-Mobile breach, the death of flash, and the NVidia graphics card vulnerability. So let’s begin.

Last year was very rough for T-Mobile since they faced two data breaches within a year and this most recent one is a little concerning because this is the second one within the year that T-Mobile has faced. T-Mobile has confirmed that the incident was not as severe as many people are making it out to be. They say that not any major data was exposed so things like names, email addresses, financial information, social security numbers, tax ID’s, were not accessed. But however, that may or may not be the real case. We don’t really know that’s what T-Mobile is reporting and so it’s very important to keep your guard up. You would want to definitely change any passwords that you have with T-Mobile just as a precaution. Just remember not all data breaches are the same. Some are more severe than others and luckily it seems like this one has not been as bad as it could have been. At the end of the day you have to decide for yourself if you are a T-Mobile customer are you willing to continue trusting this company and then risk having more data stolen in different data breaches or do you just leave T-Mobile. This is a decision you want to make it on your own.

Next up is the final death of flash player. Adobe flash was a very popular animation plugin that was used by many people to do many web animations and it was a very sophisticated software for its time. But however because of its popularity many people misused the plugins and used it for malicious activities. The first thing you need to do is just remove flash from the computer completely. Windows will roll an update later this month in January; but if you want to do you it yourself I provide a link in the description that goes over the steps that you need to do. It just basically means going into the windows catalog and then picking the version of windows you have, then it will download the uninstall update that when you run on your computer you will completely remove Flash from your Windows machine. If you using web based flash just go through the your browser of choice and see if there’s an option to remove flash. If not I’d say wait a month or so and eventually all the web browsers will completely remove flash through their updates. I know Chrome and Firefox will eventually send out updates that will completely remove flash from their browsers. So there’s not much you need to do. Just remove flash and remember if you ever do go to a website that says that you need to download flash just shut down the browser and stay away from that site because flash is no longer being used and should not be used anymore. It should not be downloaded and if the browser is telling you to download it, it will be malicious software so do not download it and stay away from that site.

And finally we have NVidia graphics cards that have a lot of  vulnerabilities this week and most of these vulnerabilities will either perform denial of service attacks on your computer, privilege escalations, or they will tamper or steal sensitive information on the computer. So what does this mean? It means that it will give the attacker almost complete control of your system and it will use it to either stop you from accessing the internet or it will escalate its privilege so that they can get some nasty viruses on your computer or even just steal any anything that they want on your computer. So nothing will be safe. So what needs to be done is you need to seek out patches from NVidia and install immediately. These are very severe vulnerabilities and they need to be taken care of right away.

That concludes this week’s security update all the links and everything that we’ve discussed as in the description and we look forward to seeing you in the next episode. 

Links:

T-Mobile
https://screenrant.com/t-mobile-security-breach-incident-customer-data-privacy-explained/

Flash
https://www.explica.co/adobe-flash-is-officially-dead-and-you-should-uninstall-it-now/
https://support.microsoft.com/en-us/help/4577586/update-for-removal-of-adobe-flash-player

NVIDIA
https://threatpost.com/nvidia-windows-gamers-graphics-driver-flaws/162857/