Information Technology

The higher education sector in Australia could soon find itself considered as “systems of national significance”, with the government ready to enforce an “enhanced framework to uplift security and resilience” upon universities via the Security Legislation Amendment (Critical Infrastructure) Bill 2020.
The Group of Eight (Go8) — comprising eight Australian universities — believe the government has in fact not yet identified any critical infrastructure assets in the higher education and research sector and, therefore, does not feel higher education and research should be included as a critical infrastructure sector, given the regulatory ramifications.
“The Go8 considers the catch-all nature of the legislation as proposed for the higher education and research sector to be highlight disproportionate to the likely degree and extent of criticality of the sector,” it said last month.
The Australian National University (ANU) in late 2018 suffered a massive data breach that was discovered in May 2019, and revealed two weeks later in June.
The hackers had gained access to up to 19 years’ worth of data in the system that houses the university’s human resources, financial management, student administration, and “enterprise e-forms systems”.
Read more: ANU incident report on massive data breach is a must-read
Then there was Melbourne’s RMIT University, which last month responded to reports it fell victim to a phishing attack, saying progress was slowly being made in restoring its systems.

While no official attribution has been made regarding who is to blame for the ANU breach, the Australian Security Intelligence Organisation’s (ASIO) Director-General of Security Mike Burgess said he knows, which was enough to set the mind of Senator James Paterson, chair of the Parliamentary Joint Committee on Intelligence and Security (PJCIS), at ease.
“I do know who was behind it. But I would not say that publicly because I don’t believe that’s my role to do so,” Burgess said on Thursday, fronting the PJCIS as part of its inquiry into national security risks affecting the Australian higher education and research sector.
Regarding RMIT, however, the ASIO boss was in the dark.
“It’s not reached my level, not to say someone in my organisation isn’t working on the matter,” he said.
Both the ANU and RMIT incidents were a focus of the committee as it probed representatives from Home Affairs and Education. Paterson was hoping to find attribution, however.
“It has been referred to as an advanced threat actor, but it hasn’t come to the point of a specific deliberation or specification of the country involved, that information has not been identified,” Home Affairs deputy secretary of national resilience and cybersecurity Marc Ablong said.
The specifics of the RMIT incident, which Ablong paints as more of an attack than a systems outage, are still under investigation.
“We wouldn’t want to prejudice our ability to make any judgments about where that’s come from and who’s involved in it until such time, as we’ve got the forensic information to be able to determine exactly what has happened and when,” Ablong said. “But we are aware of the attack and there is investigations underway.”
Discussions around the two security incidents were used by the Home Affairs representative to justify the inclusion of higher education and research in the Critical Infrastructure Bill.
“The threat is very real. It is getting a lot realer and a lot harder, even for very sophisticated organisations,” Ablong said.
According to Ablong, what the higher education sector has failed to realise is that it hasn’t been deeply considering the cyber risk.
“That’s a shame … and more effective measures are needed,” he said.
Paterson, meanwhile, said he has observed that the universities are trying to “have it both ways”.
“They’re telling this committee and the public, ‘Don’t worry, we get it, we want to work with you, we want to fix it’, but also, ‘Please don’t subject us to any actual requirements, legislative or regulatory, that would require us to do anything about it’,” the Liberal Senator mused.
RELATED COVERAGE More

Brewing giant Molson Coors disclosed Thursday that it has experienced a “cybersecurity incident” that has disrupted operations and beer production. In a Form-8K filed with the SEC today, Miller Coors said it’s brining in an outside forensic IT firm to investigate the breach, but that delays in shipments were likely.

“The Company is working around the clock to get its systems back up as quickly as possible,” Miller Coors wrote in the filing. “Although the Company is actively managing this cybersecurity incident, it has caused and may continue to cause a delay or disruption to parts of the Company’s business, including its brewery operations, production, and shipments.”
Molson Coors operates a huge portfolio of beer brands, including the iconic Coors and Miller brands, as well as Molson Canadian, Blue Moon, Peroni, Grolsch, Killian’s, and Foster’s. 
The company has not provided additional details of the cyberattack, but some security experts are calling the incident a ransomware attack. In November, Campari Group, the famed Italian beverage vendor behind brands like Campari, Cinzano, and Appleton, was hit with a ransomware attack that took down a large part of its IT network. 
Campari was the second major beverage vendor after Arizona Beverages to be knocked offline because of a ransomware attack in just two years. 
Speaking of the Miller Coors incident, Niamh Muldoon, global data protection officer with OneLogin, said these attacks illustrate how cyber criminals are targeting high profile organizations to interrupt key business operations and manufacturing.
“Ransomware remains a global cybersecurity threat and is the one cybercrime that has a high direct return of investment associated with it, by holding the victims’ ransom for financial payment,” said Muldoon. “On a global scale, cybercriminals will continue to focus their efforts on this revenue-generating stream. This reinforces what we’ve said before that no industry is exempt from the ransomware threat and it requires constant focus, assessment and review to ensure that critical information assets remain safeguarded and protected against it.” More

A prolific cyber criminal hacking operation is distributing new malware which is written in a programming language rarely used to compile malicious code.
Dubbed NimzaLoader by cybersecurity researchers at Proofpoint, the malware is written in Nim – and it’s thought that those behind the malware have decided to develop it this way in the hopes that choosing an unexpected programming language will make it more difficult to detect and analyse.
NimzaLoader malware is designed to provide cyber attackers with access to Windows computers, and with the ability to execute commands – something which could give those controlling the malware the ability to control the machine, steal sensitive information, or potentially deploy additional malware.
The malware is thought to be the work of a cyber criminal hacking group which Proofpoint refers to as TA800, a hacking operation which targets a wide range of industries across North America.
The group is usually associated with BazarLoader, a form of trojan malware which creates a full backdoor onto compromised Windows machines and is known to be used to deliver ransomware attacks.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
Like BazarLoader, NimzaLoader is distributed using phishing emails which link potential victims to a fake PDF downloader which, if run, will download the malware onto the machine. At least some of the phishing emails are tailored towards specific targets with customised references involving personal details like the recipient’s name and the company they work for.

The template of the messages and the way the attack attempts to deliver the payload is consistent with previous TA800 phishing campaigns, leading researchers to the conclusion that NimzaLoader is also the work of what was already a prolific hacking operation, which has now added another means of attack.
“TA800 has often leveraged different and unique malware, and developers may choose to use a rare programming language like Nim to avoid detection, as reverse engineers may not be familiar with Nim’s implementation or focused on developing detection for it, and therefore tools and sandboxes may struggle to analyse samples of it,” Sherrod DeGrippo, senior director of threat research and detection at Proofpoint tols ZDNet.
Like BazarLoader before it, there’s the potential that NimzaLoader could be adopted as a tool that’s leased out to cyber criminals as a means of distributing their own malware attacks.
With phishing the key means of distributing NimzaLoader, it’s therefore recommended that organisations ensure that their network is secured with tools which help prevent malicious emails from arriving in inboxes in the first place.
It’s also recommended that organisations train staff on how to spot phishing emails, particularly when campaigns like this one attempt to exploit personal details as a means of encouraging victims to let their guard down.

MORE ON CYBERSECURITY More

YouMail, an anti-spam call company claims that in 2020 robocalls actually declined by 22% from 2019. I don’t believe it. Mind you, even with the drop, the company claims there were still an estimated 45.9 billion robocalls. That’s an insane number of calls, and I swear many of them went right to my number. 

ZDNet Recommends

Lots of you just ignore phone calls from numbers you don’t know. As a journalist, I don’t have that luxury. I get calls sometimes that I must take from numbers I’ve never seen before. There are times you’ll have to do that as well. If you’re trying to get a Covid-19 shot, waiting to hear about a job, or if you need to talk to someone about a new house, you have to pick up the phone too. 
If you’re like me, nine out of ten times though that call will be an automated message about changing cable companies, renewing your car warranty, or some other junk. Looking ahead, I have both good news and bad news.
First, the good news. In late 2019, President Trump signed TRACED, the first federal anti-robocall law. It says something about how annoying spam calls are that this was one of the few bills to be passed through Congress with strong support from both Republicans and Democrats. 
At the same time, the paired anti-spam technologies of Signature-based Handling of Asserted Information Using toKENs (SHAKEN) and the Secure Telephone Identity Revisited (STIR) are being widely adopted. This is a kind of C aller-ID on steroids. SHAKEN/STIR is a protocol for authenticating phone calls with the help of cryptographic certificates so that when someone calls you, you can be sure that the name showing up on Caller ID really is the person calling. It also lets your phone company know, in theory, who’s responsible for a particular robocall. This service will work with both landline and cellular networks. 
The bad news is that as the coronavirus pandemic wave slowly rolls away, call centers are coming back online. Wait, “My Windows PC has a virus on it? You really don’t know who you’re calling, do you!? CLICK.” Yeah, you can expect more of that kind of call. 
The other bad news is that SHAKEN/STIR is still being rolled out. Even when it is completely deployed, though it won’t be a tech silver bullet that will put robocalls into the grave.

So, what can you do? Let’s go over some useful tools.
Smartphone specific robocall blockers 
First, you can just block all unknown callers. With these methods, though, if someone calls that you don’t already have in your contact list, you won’t hear them call. That can be a problem if you’re expecting an urgent, important call. Most phones come with this functionality built in. You just have to turn it on. 
Android phones: Block Calls From Unidentified Callers, tap the phone icon. This is usually on your home screen’s bottom. Once there, at the top right corner of the screen, tap the three dots > Settings > Blocked Numbers. Next, enable Block calls from unidentified callers by pushing the toggle switch to the right. The caller still leaves a voicemail and the number will still be listed on your recent calls display. 
iPhones (iOS 13 and later): Silence Unknown Callers. Go to Settings > Phone, then scroll down, tap Silence Unknown Callers, and turn it on. Your phone won’t ring and the calls go straight to voicemail while still appearing on your recent calls list.
A related, but different technology, Call Screen, is available on Google Pixel smartphones starting with the Pixel 2. With Call Screen, your phone still rings but when you get a suspicious call, you tap “screen call” on the display. Google Assistant then answers the call and asks for the caller to tell you who they are and why they’re calling. Google then makes a real-time transcript of the call. You can then answer it, ignore it, or report it as spam. If you report it as spam that number will be blacklisted on your phone so it can’t call you again. 
Carrier-specific robocall blockers
AT&T Call Protect
With AT&T Call Protect, any call that looks OK will show a “V,” for verified, on your caller ID. Potentially dangerous calls will be blocked and given a busy signal. Presumed spam calls will display “Suspected Spam” on your Caller ID. They’ll also show a category like Political, Nonprofit, Telemarketer, Survey, or Robocaller. This service is available via both an Android and an iPhone app. 
T-Mobile Scam ID and Scam Block
These related services can work together. The first, Scam ID marks possible robocalls and suspicious calls. Scam Block blocks such calls before they can ring. There’s no app for them, you simply turn them on for free with the following call codes: 
Turn on Scam ID: Press #ONI# (#664#), and then the call button.Turn On Scam Block: Press #ONB# (#662#), and then the call button.
Verizon Call Filter
Verizon customers are automatically enrolled in the free version of Call Filter. This comes pre-installed as an app on most Verizon phones. In theory, it detects spam and blocks high-risk calls. A more feature-full version, Call Filter Plus, costs $2.99 per month per line for up to two lines and $7.99 per month for three or more lines. The Plus version includes Caller ID and automatically blocks spam calls based on your preferred level of risk so unwanted callers go straight to voicemail.
Third-party Robocall killers
There are also numerous other apps, which try to protect you. These all work in similar ways. Each service keeps a database of known spammers and uses algorithms to suss out suspicious numbers.  When a call comes in, it checks the caller to see if they’re a bad actor or they look like they might be one. If the caller doesn’t look kosher, they block the call. 

Before even subscribing to any of these services, you should know that none of these are perfect. In my experience, they’ll spot a hostile caller about two times in three. Most of these services offer at least a free week. I strongly suggest you try before you buy. 
Nomorobo is one of the oldest call-blocking programs. When a call comes in you can let it be forwarded to voicemail or block it as spam. Nomorobo can also deal with spam text messages. Unlike most robocall killers, you can also use Nomorobo with VoIP landlines. If you’re still on copper, sorry, you can’t use it. Nomorobo is free on landlines and $1.99 a month per device on smartphones.
Hiya Caller ID and Block’s special sauce is that it detects spoofed calls, which use a similar number to your own number. This happens to me all the time. I get calls from “people” with the same area code and prefix. The prefix is the three numbers between your area code and the last four numbers, which make up your line number. Hiya spots these in case I don’t. 
You may already be using Hiya and not know it. The company’s software powers robocall protection for AT&T, Samsung, and T-Mobile. 
Hiya’s basic app won’t cost you a cent. The premium edition’s spam database is larger and is updated more often. It costs $3.99 a month or $24.99 a year. It’s available on both iPhones and Android.
The most amusing robocall killer is RoboKiller. Besides blocking spammers, it gives them sass back via its Answer Bots, which can waste their time with nonsense conversations. You can either use one of their selections or come up with one of your own. Robocall revenge can be sweet. RoboKiller costs $4.99 a month or you can save money with an annual subscription for $24.99. 
You can try YouMail for free. The YouMail Free Plan, previously known as YouMail Essential, gives you a voice mailbox capacity of 100 messages. It then uses your voicemail data to identify robocalls messages. It also uses that information with Big Data techniques to crowdsource the identity of new spam callers and block them from other YouMail users. It even has a neat trick where it tries to fool known baddies into taking you off their lists by playing a dead line’s beep-beep-beep sound at them. 
If you like it, you can upgrade it to a paid account. Since YouMail is both a robocall blocker and a business phone system, the price reflects that. It starts at $14.99 a month, paid annually, for up to three lines. There are other plans for bigger businesses.
I wish I could say that any of these would kill spam calls once and for all. I can’t. Even when you combine them, you’re still going to get robocalls. The problem is it’s like playing whack-a-mole. As soon as one spam service is shut down, another one pops up. Someday SHAKEN/STIR and enough FCC enforcement activity will kill them off, but that day isn’t here yet.
Still, with the right mix of services, you can preserve some peace from your phone today. It’s not perfect, but it’s better than nothing.
Related Stories: More

A new malspam campaign is abusing icon files to dupe victims into executing the NanoCore Trojan. 

On Thursday, SpiderLabs at Trustwave said a recent phishing campaign has outlined a technique for spreading NanoCore, a remote access Trojan (RAT). 
The emails pretend to be from a “Purchase Manager” of organizations that are being spoofed, such as legitimate business partners. These phishing messages contain an attachment, named “NEW PURCHASE ORDER.pdf*.zipx,” which are actually image binary files. 
The icons have additional information attached to them in a .RAR format. 
By using an icon file, the fraudsters are likely attempting to avoid security and protections offered by email gateways. 

If the victim clicks on the attachment and their PC has an unzip tool installed, such as WinZip or WinRAR, an executable file is extracted. 7Zip, too, can extract the file — but it takes more than one attempt. 
“There is no need for the extension of the recent attachments to be renamed to something else other than .zipx or .zip just for their executables to be extracted using 7Zip,” the researchers say. 

Successful extraction leads to the deployment of NanoCore RAT version 1.2.2.0. First detected in the wild in 2013, this Remote Access Trojan (RAT) includes a keylogger, information stealer, dropper for additional malware, and also contains the ability to access and steal webcam footage as well as exfiltrate data to send to a command-and-control (C2) server. 
The malware has been sold previously in underground forums and is often spread through financially-related phishing campaigns. 
This version of the Trojan is able to create copies of itself within the AppData folder and will also compromise the RegSvcs.exe process. Information stolen by the malware is sent to multiple C2s. 
The technique noted by SpiderLabs is similar to a past phishing campaign that also utilized .zipx. In 2019, the researchers said in a blog post that Lokibot, another Trojan that also includes the ability to compromise cryptocurrency wallets, was being spread in malspam campaigns through a .zipx extension and .JPG icons. 
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Cowbell Cyber aims to combine data science, monitoring, AI, and cyber insurance for SMEs. 
Cowbell Cyber, an AI-driven cyber insurance provider for small and medium enterprises, said it raised $20 million in Series A funding to expand its underwriting ability.

ZDNet Recommends

The best cyber insurance
The cyber insurance industry is likely to go mainstream and is a simple cost of doing business. Here are a few options to consider.
Read More

The Cowbell Cyber funding comes a day after Corvus Insurance raised $100 million. The upshot here is that startups are looking to expand cyber insurance using data science against incumbent providers. The market for cyber insurance is likely to expand given that security incidents aren’t exactly going away.
Also: What is cyber insurance? Everything you need to know | Best cyber insurers | Google Cloud, Allianz, Munich Re team up on cyber insurance program
Brewer Lane Ventures led the round for Cowbell Cyber with participation from Pivot Investment Partners, Avanta Ventures, and Markel Corporation. Cowbell Cyber said it will use the funding for product development, sales and marketing, and expanding its risk engineering.
Cowbell Cyber launched its Prime 250 program in September. Prime 250 enables insurance agents to issue personalized cyber policies in 38 states. Cowbell Cyber currently has a risk pool of 10 million continuously monitored organizations and a network of more than 4,500 agents and brokers. 
On the data science front, Cowbell Cyber aims to automate data collection with its cloud platform, provide observability and monitoring and then combine it with risk scoring, actuarial science, and underwriting.
The company’s portfolio includes cybersecurity awareness training, continuous risk assessment, and pre- and post-breach risk improvement services. Cowbell Cyber also has a free risk assessment service called Cowbell Factors, which adds a freemium element to selling cyber policies.   More

Saturday marks a rather bittersweet anniversary. On March 13, 2020, I walked out of a local store. I haven’t been inside any building other than my house since then. This has been the Year of COVID, and as an “at risk” individual, I’ve followed the advice of my doctor and stayed away from — everything. 
Also: 2021: Now that disruption is business as usual, we must rise above crisis mode

ZDNet Recommends

Home Office Tours
ZDNet contributors welcome you inside their home-based workspaces and show off the tech gear that drives their productivity.
Read More

Many of you know the feeling, but Ellen Cushing of the Atlantic puts it into words I think many of us can identify with:

I have a job that allows me to work from home, an immune system and a set of neurotransmitters that tend to function pretty well, a support network, a savings account, decent Wi-Fi, plenty of hand sanitizer. I have experienced the pandemic from a position of obscene privilege, and on any given day I’d rank my mental health somewhere north of “fine.” And yet I feel like I have spent the past year being pushed through a pasta extruder.

We have experienced an unprecedented year. The 1918 influenza pandemic probably comes the closest, but those folks didn’t have broadband. We, here in the second decade of the 21st century, have had the odd experience of being both incredibly isolated and incredibly connected.
Also: Grandpa, tell me about the days before the Great Distancing
My wife and I haven’t seen our next-door neighbors, who are good friends, for a whole year. Yet I spend a few hours a week, face-to-face on Zoom, with colleagues I’ve only previously known through email conversations. I’m disconnected from friends 50 feet away, yet looking into the kitchens, living rooms, and home offices of friends across the world.
It’s been surreal.

To mark this anniversary, I reached out to my fellow ZDNet editors and writers. I asked them to share with you, in just a few paragraphs, what the Year of COVID has been like from their perspective. I also asked them to share a photo that reflected on that year.
I’ll kick it off with my little story.
David Gewirtz

Pixel likes to cuddle and snooze on my shoulder. It does get in the way of work, but in the nicest of all possible ways.
It blows my mind that I haven’t been inside another building since March 13, 2020. As a working couple who have mostly lived off restaurants and delivery for the past 20 years, needing to make our own food has been a challenge. I’ve learned to cook a few things, including an epic grilled cheese. I miss restaurants, visits with friends, and going to Home Depot and Harbor Freight.
But this work style isn’t all that new to me. I’ve worked from home, on and off, for the past 20 years or so. As someone who lived in Florida (and couldn’t stand the heat) for 15 years before moving here to Oregon, I tended to spend the brutally hot summer seasons inside. I like time with close friends, but I’m not a fan of crowds. So the isolation, while difficult, hasn’t been as hard on me as it has on other folks.
I have all my gear (3D printers, workshop tools, gadgets galore), my wonderful wife, and my cuddly little dog for company. The incredible, intrepid Instacart shoppers bring us food each week. Amazon Prime fills in around the edges. I’m undoubtedly stir crazy and have been struggling with some cabin fever, but I’ve closed my rings every day for the past year by exercising for 30 minutes a day, and that’s helped burn off excess energy. 
Unfortunately, we haven’t been able to explain the pandemic to our little dog. He doesn’t understand why he can’t run around the dog park, why he can’t see his friends, and why, when he’s outside, he can’t greet the neighbors. But his Mom and Dad shower him with love and affection, and that seems to help (as does the occasional treat and game of lunge and spaz).
So that’s it for me. Here’s everyone else, presented in the order they sent me their stories.
Steven J. Vaughan-Nichols

Me in my temporary office space with my late lamented editorial assistant Twiggy between selling my one place and building another.
For me, my day-to-day life has been about the same as ever. I was working from home long before it was #workingfromhome. But, I also used to do a lot of business travel. I went from about 100,000 miles to less than 100. That was different. I also had to both sell a house and build a new one during the pandemic. Both jobs went far slower thanks to coronavirus.
Looking ahead, though, if all goes well, I’ll be back in the air again come September, and my new house should be done… well sometime soon!
Also: What’s inside SJVN’s home office after 30 years of working from home?
Tonya Hall

Tonya Hall
I moved to another state during the first week of lockdown. (I wish I would have packed food, water, and bath tissue.) 
Life-threatening health issues with family introduced me to my first real experience with telemedicine. Family members had surgery and advocates were denied access to the patient and to be present in the hospital at all. I immersed myself in learning more about digital health, cooking holistically, and off-earth exploration. 
Zoom enabled me to stay in touch with family, make great friendships and professional relationships whether my colleagues were a few miles away or in low earth orbit. I lived my life to its fullest while wearing a mask and social distancing.

Chris Matyszczyk

Here’s a picture that symbolizes my, er, intensified culinary efforts. I cooked this Jacques Pépin thing and no one died eating it.
I work out more, because I quickly bought a stationary bike that knows how to make me feel guilty. I miss restaurants, but not as much as I thought. The ones I miss, I really miss. With many, I miss the people not the food. I cook a lot more and occasionally it’s edible. Hey, I never thought I’d do a Jacques Pépin recipe and those who ate it would survive. 
I see more of my wife, which is a huge bonus. But I miss the casual encounters, the hugs, the handshakes, the conversations about nothing and everything, the spontaneity of life. The pandemic has tried to make me virtual and I fight that every day. And I almost forgot. I miss traveling most of all. There’s nothing like the fresh air of a foreign land.
Beth Mauder

Beth, fiance, and pup
Like most, 2020 brought a ton of change, although most wasn’t bad. I moved states to be back home at the start of the pandemic to avoid being totally alone during lockdown. I went from working in an office to being remote, living with my parents and siblings again, and feeling incredibly overwhelmed. 
After a couple of months, I moved out and into a house with my then-boyfriend and welcomed home an 8-week-old German Shepherd to accompany our cat. Flash forward a bit and we got engaged and now have an 85-pound, 8-month-old pup who acts as my co-worker, workout partner, and mental health savior. 
Since last March, my dumbbells, kettlebell, and running shoes have carried me through. I miss my CrossFit gym and seeing friends the most. Now, a year into the pandemic, ordering takeout and looking up future vacation destinations has practically become a hobby. As soon as I safely can, I’ll be on a beach somewhere speaking to everyone who will allow it just to make up for lost time.
It’s hard to believe it’s been a year… subtle changes/holidays always hammered the idea home but is still tough to swallow. I know everyone grows up, but not seeing my parents Christmas morning for the first time in my short 23 years of life was weird and sad. Getting engaged and ordering takeout just to FaceTime family to celebrate wasn’t how I envisioned the moment. 2020 was kind to me in many ways, especially compared to so many, but has taken its toll. Here’s to hoping for a brighter 2021.
Teena Maddox

Teena Maddox getting takeout with her son Nate, 13, who noted, “I was shorter than you when the pandemic began, Mom.”
On March 11, 2020, I walked out of work after saying “bye” to my colleagues. I haven’t seen them again. At least not in person. We are all working remotely and Zoom meetings are our new normal. 
That’s been a huge adjustment, as has my son’s school going online, and offline, and online, and offline. It’s like a cat deciding which side of a closed door is best. Answer: Neither. Cats believe all doors should be open.
The things I’ve learned to appreciate during the pandemic are grocery delivery services and more quality time with my family. We’ve loaded up on the streaming services and we watch TV together at least once a week, which is something since one of the crew is a teenager, and they always know everything. The stress of worrying about the virus and how to keep my elderly parents safe has been by far the worst part. 
Robin Harris

Robin Harris
The pandemic didn’t change my life much. I got the virus back in March and was sick for a few days. Some of the places I like to hang out closed for a while. But last spring was very nice because no one was traveling and did not clog up Sedona’s roads and trails.
I’ve worked remotely for over 15 years. I did miss some of my favorite events such as NAB and the FAST conference. I socially distanced with a convivial group of friends and continued to hike the 10-20 miles a week on local trails. 
Larry Dignan

Larry Dignan
There have been a wide range of things during the COVID-19 pandemic and not all of them bad. 
On the positive side, I was fortunate to have and be on a remote team before the pandemic. My normal became everyone else’s new normal. Remote school is a bear, but I’ve seen my kids more than I would have normally. And I was lucky that exercise has gotten me through every wacky thing in my life and this time was no different. 
The negatives is that I haven’t seen my close friends beyond Zoom for a year. I miss pubs, but not sure I’d even want to go into a crowded one at this point. I just kinda see germs now. I also miss concerts even though the same crowd PTSD would likely be there. Ditto for travel.
Aimee Chanthadavong

Nothing like a fresh loaf of bread.
The pandemic taught me how to be a homebody and enjoy it. It gave me the chance to cook again (and yes, that included getting on the bread baking bandwagon and whipping coffee), appreciate how much free time I had from not commuting to and from the office, so that I could enjoy sleep-ins, hot breakfasts, and exercise before tuning into work; and live comfortably in activewear — you know the whole work-life balance stuff. 
The pandemic also made me realise I needed a bigger place because frankly, working from my dining table after a year, just isn’t functional. While there have been many positives, the pandemic did kind of ruin my wedding and honeymoon plans. I also miss seeing the team regularly, but we make up for it with lunch meetups, home visits, and constant Slack banter.
Asha Barbaschow

This is Boston. He accidentally hit publish on a story last year, typos galore, was great! Hhaahaha.
The last year has given me a certain patriotism I didn’t know I had, as basically all Australians respected science and played their part to essentially prevent mass transmission. 
ZDNet Australia team catchups have been a morale boost and in person tech events are also returning. Not travelling has been hard, but being in my hometown meant spending a lot of time with my parents and my friends — with pubs, restaurants, gyms, and sporting events all back to basically normal here. 
I also rescued a cat and turned into a crazy plant lady. I barely killed any of them so far.
Campbell Kwan

In a region called the Southern Highlands, two hours south of Sydney

Living relatively far from family and friends during the pandemic forced me to slow things down. It forced me to acknowledge that it’s not always the proverbial “summer”, which is what our world pushes, but in fact, there are times where we should rest and preserve energy as if it were “winter.” 
Accepting that it was more or less “winter” for all of last year, this meant I was reading more, forcing myself to find time to sit with my thoughts, and leaning on nature rather than urban areas for fun. This flowed into my work, where I prioritised patience when work was slow and when communication was not as easy when compared to doing it face to face.
But with Australia almost back to normal, and it being the proverbial summer once more, rather than diving into the rapid currents of the hustle and bustle, I hope to keep the foresight of using the energy I have stored with more intention, such as approaching work with a more tangible gratefulness of how it serves readers and how it provides for me. 
Now it’s your turn
Now it’s your turn to share with us and the rest of the ZDNet community. In the comments below, please share your year-of-pandemic experiences. Please share a paragraph or so that touches on how you’ve experienced the pandemic, things you learned, things you changed, high points, low points, and more. All I ask is that you keep it friendly.
You can follow my day-to-day project updates on social media. Be sure to follow me on Twitter at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, and on YouTube at YouTube.com/DavidGewirtzTV.

ZDNet Home Office Tours More

Trickbot malware has risen to fill the gap left by the takedown of the Emotet botnet, with a higher number of criminals shifting towards it to distribute malware attacks.
Emotet was the world’s most prolific and dangerous malware botnet before it was disrupted by an international law enforcement operation in January this year.

More on privacy

What initially emerged as a banking trojan in 2014 went on to become much more, establishing backdoors on compromised Windows machines which were leased out to other cyber-criminal groups to conduct their own malware or ransomware campaigns.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
While the disruption of Emotet represented a blow for cyber criminals, they’ve quickly adapted and now Trickbot has become the most prevalent form of malware.
Trickbot offers many of the same capabilities as Emotet, providing cyber criminals with a means of delivering additional malware onto compromised machines – and according to analysis of malware campaigns by cybersecurity researchers at Check Point, it’s now become the most commonly distributed malware in the world.
First distributed in 2016, Trickbot has long been up there with the most prolific forms of malware, but with the crackdown on Emotet, has quickly become an even more popular way for criminals to widely distribute their chosen cyberattack campaigns.

“Criminals will continue using the existing threats and tools they have available, and Trickbot is popular because of its versatility and its track record of success in previous attacks,” said Maya Horowitz, director of threat intelligence and research at Check Point.
“As we suspected, even when a major threat is removed, there are many others that continue to pose a high risk on networks worldwide, so organizations must ensure they have robust security systems in place to prevent their networks being compromised and minimise risks,” she added.
But Trickbot is far from the only malware threat to organisations and other cyber-criminal campaigns have also helped fill the gap left by the disruption of Emotet.
XMRig, an open-source form of cryptocurrency-mining malware, has risen to become the second most common malware family, as cyber criminals continue to exploit the processing power of compromised systems in an effort to generate Monero cryptocurrency for themselves.
The third most commonly distributed malware family during Feburary was Qbot, a banking trojan that has been in existence since 2008. Qbot is designed to steal usernames and passwords for bank accounts by secretly logging keystrokes made by the user and uses several anti-debugging and anti-sandbox techniques to evade detection. Like Trickbot, Qbot is commonly distributed via phishing emails.
Other banking trojans and botnets that have become more prolific since the takedown of Emotet include Formbook, Glupteba and Ramnit.
SEE: Cybercrime groups are selling their hacking skills. Some countries are buying
One way organisations can help protect their networks from malware threats is to ensure the latest security patches are applied as soon as possible after they’re released, because that will prevent cyber criminals exploiting known vulnerabilities to run malware on networks.
And with phishing still such a common method for distributing cyberattacks, it’s important that organisations take the time to educate employees on how to detect potential threats.
“Comprehensive training for all employees is crucial, so they are equipped with the skills needed to identify the types of malicious emails which spread Trickbot and other malware,” said Horowitz.

MORE ON CYBERSECURITY More