Archive for October 5, 2021

Telegram Founder Says Over 70 Million New Users Joined During Facebook Outage

Posted in Commentary with tags on October 5, 2021 by itnerd

Messaging app Telegram gained over 70 million new users during Monday’s Facebook outage, its founder Pavel Durov said on Tuesday, as people worldwide were left without key messaging services for nearly six hours which is quite the slap in the face of Facebook owned WhatsApp:

Facebook blamed its outage, which kept its 3.5 billion users from accessing services such as WhatsApp, Instagram and Messenger, on a faulty configuration change. “The daily growth rate of Telegram exceeded the norm by an order of magnitude, and we welcomed over 70 million refugees from other platforms in one day,” Durov wrote on his Telegram channel. Durov said some users in the Americas may have experienced slower speeds as millions rushed to sign up at the same time, but that the service worked as usual for the majority.

Now some of these users will flip back to WhatsApp, but I am willing to bet that many won’t. Which means that Facebook who owns WhatsApp is sweating bullets right now. Sucks to be them.

US Lawmakers Propose Requirement To Report Ransomware Payments To DHS Within 48 Hours

Posted in Commentary with tags on October 5, 2021 by itnerd

I have argued for some time now that when it comes to ransomware gangs, if you make it unpalatable to pay the ransom, then the incentive to run these types of campaigns drops dramatically. This this proposal got my attention. Victims of ransomware attacks would be required to report payments to their hackers within 48 hours under a proposal from Democratic Senator Elizabeth Warren and Democratic Representative Deborah Ross:

The Ransom Disclosure Act would give the Department of Homeland Security data on ransomware payments, including the amount of money demanded and paid, and the type of currency used. The lawmakers say this is essential to bolster the U.S. government’s understanding of how hackers operate and the extent of the ransomware threat. “Ransomware attacks are skyrocketing, yet we lack critical data to go after cybercriminals,” Warren said in a statement on Tuesday.

While this is a good first step, it isn’t enough. If I ruled the universe, I would make it illegal to pay the ransom either directly or through a third party for plausible deniability reasons. If you include jail time for any employee that authorizes ransom payment on behalf of a company, or any third party that facilitates the payment, ransoms would stop. Think of it as the high tech version of “we don’t negotiate with terrorists” mantra backed by jail time. Ransomware companies would have difficulty operating in such an environment methinks.

The Facebook Hearings Did Not Go Well Facebook As Lawmakers Want To #DeleteFacebook

Posted in Commentary with tags on October 5, 2021 by itnerd

U.S. lawmakers absolutely pounded Facebook today accusing CEO Mark Zuckerberg of pushing for higher profits while being cavalier about user safety and they demanded regulators investigate whistleblower accusations that the social media company harms children and stokes divisions.

Coming a day after Facebook and its units including Instagram suffered a major outage, whistleblower Frances Haugen testified in a congressional hearing that “for more than five hours Facebook wasn’t used to deepen divides, destabilize democracies and make young girls and women feel bad about their bodies.” In an era when bipartisanship is rare on Capitol Hill, lawmakers from both parties excoriated the nearly $1 trillion company in a hearing that exemplified the rising anger in Congress with Facebook amid numerous demands for legislative reforms.

As lawmakers criticized Facebook and Zuckerberg, the company’s spokespeople fought back on Twitter, arguing Haugen did not work directly on some of the issues she was being questioned on. Senate Commerce subcommittee chair Senator Richard Blumenthal, a Democrat, said Facebook knew that its products were addictive, like cigarettes. “Tech now faces that big tobacco jawdropping moment of truth,” he said. He called for Zuckerberg to testify before the committee, and for the Securities and Exchange Commission and Federal Trade Commission to investigate the company. “Our children are the ones who are victims. Teens today looking in the mirror feel doubt and insecurity. Mark Zuckerberg ought to be looking at himself in the mirror,” Blumenthal said, adding that Zuckerberg instead was going sailing.

Haugen, a former product manager on Facebook’s civic misinformation team who has turned whistleblower, said Facebook has sought to keep its operations confidential. “Today, no regulator has a menu of solutions for how to fix Facebook, because Facebook didn’t want them to know enough about what’s causing the problems. Otherwise, there wouldn’t have been need for a whistleblower,” she said. The top Republican on the subcommittee, Marsha Blackburn, said that Facebook turned a blind eye to children below age 13 on its sites. “It is clear that Facebook prioritizes profit over the well-being of children and all users.”

I also watched Facebook employees try to trash the reputation of Haugen on Twitter today. And there’s only one reason why they would do that: Facebook is scared. This could be their day of reckoning as in my opinion, there’s more than enough out there for Facebook to be in very serious trouble. The question is, will lawmakers and the relevant law enforcement agencies hold Zuckerberg and his lackeys accountable?

Fun fact: This continues tomorrow. That should be fun.

Guest Post: Biden Administration To Bring Together 30 Countries To Crack Down On Ransomware

Posted in Commentary with tags on October 5, 2021 by itnerd

Later this month, the Biden administration will bring together 30 countries to discuss and address the threat of ransomware attacks. According to a statement, the meeting will “accelerate our cooperation in combatting cybercrime, improving law enforcement collaboration, stemming the illicit use of cryptocurrency, and engaging on these issues diplomatically.”

Security experts at vulnerability management and threat assessment Digital Defense by HelpSystems say, “Ransomware is one of the most popular tools of both amateur and expert threat actors. Just about anyone can purchase a ransomware strain off the dark web or can have the work done for them with ransomware-as-a-service (RAAS). And with the advent of cryptocurrency like Bitcoin, attackers can be nearly impossible to trace.”

Aside from the recent series of ransomware attacks on several U.S. critical infrastructure companies, including the Colonial Pipeline, threat actors and cybercriminal organizations also demonstrated how quickly they can adapt during the Coronavirus pandemic. Taking advantage of the transition to remote work and general upheaval, ransomware attacks spiked in the first months. Phishing efforts increased dramatically, with Google reporting that they were blocking 18 million phishing emails a day that contained the keyword “COVID-19,” in addition to 240 million emails with the simplified term “COVID”.

But what can be done to reduce ransomware risk?

Digital Defense experts say, “While the outlook may seem bleak, there are plenty of options to help safeguard your organization. First, we must all have realistic expectations—ransomware breaches are no longer fully preventable.  Instead, the goal is to put as many barriers in place between an attacker and an organization’s critical, sensitive data.

  • Running vulnerability scans and regularly penetration testing your environment helps find new vectors before an attacker does, minimizing risk. These proactive measures uncover potential vulnerabilities that an attacker may use to move laterally within a breached system or escalate their privileges.
  • Social engineering pen testing can uncover who is susceptible to these attacks by launching phishing simulation campaigns. From there, additional training can be provided to teach your employees how to be more vigilant before clicking another suspicious email.
  • Finally, it is critical to be able to detect ransomware breaches as quickly as possible, to minimize damage or thwart attackers completely. Threat detection tools like network traffic analysis (NTA) work to monitor your network for malicious activity, alerting your security team the moment an active infection is uncovered.
  • You can also enhance your endpoint protection technologies with active threat scans. After a breach is caught, there’s no time to sigh with relief, as it’s important to investigate the cause and assess the state of the environment to ensure that there won’t be a repeat attack.

Ultimately, it’s tempting to want to throw up your hands as the ongoing threat of ransomware looms large, but constant vigilance is a long-term strategy to combat this ongoing problem.”

Cisco AppDynamics Appoints Eric Schou As Chief Marketing Officer 

Posted in Commentary with tags on October 5, 2021 by itnerd

 Cisco AppDynamics has today announced a significant addition to its executive leadership team with the appointment of Eric Schou as Chief Marketing Officer (CMO). The appointment comes at a key moment for AppDynamics as it continues to assert its leadership in Full-Stack Observability – a fast-growing, multi-billion dollar technology market. 

Eric joins AppDynamics from Splunk where he was Head of Security Marketing, and is an accomplished marketing professional with over 20 years experience at some of the biggest enterprise technology companies in the world, including Palo Alto Networks, Hewlett-Packard Enterprise (HPE), Good Technology (now BlackBerry Ltd.), McAfee and Symantec. In his new role, Eric will assume responsibility for driving awareness and demand for AppDynamics’ industry-leading Business Observability platform amongst enterprise IT decision makers and channel partners. In addition, he will also help to accelerate the delivery of Cisco’s Full-Stack Observability vision – of which AppDynamics is a critical component.  

You can stay up-to-date on the latest AppDynamics news on their blog and newsroom.

Alan Wake Remastered Launches Today

Posted in Commentary with tags on October 5, 2021 by itnerd

Today, Remedy Entertainment is launching Alan Wake Remastered. Presented by Epic Games Publishing, Alan Wake Remastered is a fully remastered version of the 2010 classic that features the complete Alan Wake experience – including the main game and two expansions, The Signal and The Writer – in all-new rendered 4K visuals, as well as new commentary from creative director Sam Lake.

Alan Wake Remastered is available now for $29.99 USD / €29.99 / £24.99 on PC on the Epic Games Store, and via physical and digital editions on PlayStation 5, PlayStation 4, Xbox Series X|S and Xbox One consoles. With the original game having launched on Xbox 360 and arriving on PC a few years later, this will be the first time ever that Alan Wake will be available to PlayStation users. For existing fans of the game, it’s an opportunity to experience the best version of Alan Wake yet.

It is recommended that players with a physical copy of the game download the day 1 update, which will:

  • Update cinematics from work in progress 1080p to final 4K
  • Update Alan from his original character model to his new model in any cinematics where his model isn’t already updated
  • Add general stability and performance improvements
  • Add some localization updates
  • Add Performance and Quality mode options to the PS4 Pro and Xbox One X versions

Here’s the new trailer that dropped today:

Guest Post: Ministries Of Foreign Affairs Most Targeted In Credential Harvesting Campaign Says Atlas VPN

Posted in Commentary on October 5, 2021 by itnerd

Some threat actors work for the state, and their job is to target other countries’ government administrations with cyberattacks.

According to the recent Atlas VPN team findings, Ministries of Foreign Affairs are targeted the most with phishing websites to harvest credentials. Interestingly, the phishing campaign was primarily directed at Foreign Affairs administrations of Belarus, Uzbekistan, and Ukraine.

Ministries of Foreign Affairs were the target of the credential harvesting campaign in 21.2%of found domains. The web pages in this campaign usually started with “mail.” and frequently included the actual website of the targeted government department as a hostname on the attacker’s domain.

The most number of phishing pages appear to target BelarusUzbekistan, and Ukraine. The narrow direction of attacks suggests that this could be a state-sponsored work of an advanced persistent threat (APT).

Furthermore, technology and finance organizations were each targeted by 9.6% of hosted domains. Establishments of such sort always get plenty of attention from threat actors as they hold valuable information.

Lastly, 15.4% of fake phishing websites were directed at other types of organizations.

Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on phishing attacks:

“Phishing is now widely regarded as one of the most severe cybersecurity hazards facing all internet users. These attacks are becoming increasingly sophisticated, and victims may suffer significant losses as a result. Although most cybercriminals’ primary aim is to steal money, hacked sensitive data can be utilized for various nefarious purposes, like espionage.”

To read the full article, head over to: https://atlasvpn.com/blog/ministries-of-foreign-affairs-most-targeted-in-the-credential-harvesting-campaign

Cradlepoint Accelerates Wireless WAN for Branch Adoption with Enterprise-Class LTE and 5G Solutions

Posted in Commentary with tags on October 5, 2021 by itnerd

Cradlepoint, the global leader in cloud-delivered LTE and 5G wireless network edge solutions, today announced a series of updates showcasing the ongoing acceleration of Wireless WAN adoption within enterprise fixed location environments. With its industry-leading cellular intelligence, LTE and 5G technology, Cradlepoint Wireless WAN edge solutions offer the speed, agility and resiliency needed for organizations to transform their branch networks for the cloud and post-pandemic era with ultimate agility, anywhere reach and always-on reliability.

The Era of Wireless WAN

Digital transformation was already a strategic goal for enterprises, and the pandemic has caused enterprises to transform their businesses in terms of how operations run, how new innovations are delivered, and how customers are served. Businesses now require unprecedented levels of secure and reliable connectivity to people, places, and things everywhere. Whether leveraging IoT, equipping mobile first responders with the latest technology, serving customers outside, or delivering new purchases to customers’ homes, networks must be agile and easy to deploy. Medical services have turned to extending care beyond the four walls of hospitals and clinics via virtual doctor visits or temporary indoor and outdoor treatment facilities, or even customer homes to meet global medical requirements.

IDC’s Future of Connectedness Survey found that 40 per cent of enterprises want to improve their competitive position through speed and flexibility with 5G, SD-WAN, and Wi-Fi 6 over the next 12-24 months, while nearly 35 per cent have the goal of investing in technology that helps connect people, things, processes, and applications. This agility mandate equates to a new Wireless WAN ability that provides enterprises with a fast and flexible network that extends coverage to areas wires don’t easily go and to meet the needs of transformed businesses.

Cradlepoint is Helping Customers Embrace a Wireless WAN Future

Many enterprise environments utilize Cradlepoint Wireless WAN solutions for primary cellular connectivity to locations unreachable by wired connections. With 5G, which is fibre-fast and cellular simple, the use cases for primary wireless are expanding. As a result, Cradlepoint has become an essential part of these enterprises’ infrastructure to facilitate their day-to-day operations as well as propel their digital and business transformation processes.

For more information on Cradlepoint’s Wireless WAN offerings and its complete portfolio, please visit https://cradlepoint.com/technology/wireless-wan/.

Finalists For The 2021 $100,000 Launch//Code Developer Contest Revealed

Posted in Commentary with tags on October 5, 2021 by itnerd

Today, Cilo is announcing this year’s Launch//Code Developer Contest finalists who will soon compete for the $100,000 grand prize at the annual Clio Cloud Conference

The finalists include: 

  1. Candle: A personal injury suite that automates medical record retrieval, simplifies billing, and automates personal injury tasks and reminders.
  2. Fidu: A client document platform that builds, systematizes, and delivers fixed-fee and subscription legal services to help law firms scale their business. 
  3. LawDroid Builder: An automation platform that allows law firms to easily intake clients, automate documents, and build scalable tools to support your law firm. 
  4. Levitate: Marketing software designed to help legal professionals drive relationship-based business by staying in touch with their clients.
  5. TrustBooks: Legal accounting software that helps legal professionals easily manage accounting needs. 

What is the Launch//Code Developer Contest?

  • The contest fosters a new class of breakthrough additions to Clio’s App Directory, designed to pair with Clio Manage’s robust end-to-end solution, and help meet the unique needs of individual law firms or niche requirements of particular practice areas.
  • Contestants and judges from across North America will gather virtually to declare this year’s winning app and celebrate the bright future of legaltech.
  • Finalists will present a seven-minute pitch on their app’s innovation, impact, and business potential to an all-star panel of industry experts. 

Who won last year?

  • At the 2020 Clio Cloud Conference, Documate was announced as the winner and brought home the $100,000 grand prize. Documate is a secure and easy-to-use document automation platform that cuts drafting time by 90%, enabling law firms to turn templates into workflows that populate client data into forms. 

You can learn more about the finalists here.

RAZ Mobility Partners with Affinity Cellular to Help Those with Disabilities

Posted in Commentary with tags , on October 5, 2021 by itnerd

RAZ Mobility, a provider of mobile assistive technology, today announced their partnership with Affinity Cellular – a national wireless provider that offers low cost no-contract plans, on America’s most reliable network, to affinity groups and organizations including partnerships with various AAA Clubs for over 25 years. This partnership is the first of its kind, enabling a wireless provider to offer devices and services specifically for people with intellectual disabilities, especially dementia. 

Included in the partnership, RAZ Mobility’s customers who purchase the RAZ Memory Cell Phone will receive from Affinity Cellular free talk, text and 3GBs of data for the first three months-usually a $30 per month charge for the services.   

In addition to Affinity Cellular providing an exclusive benefit to RAZ Mobility customers, they will also make the RAZ Memory Cell Phone available to their customers. Affinity Cellular will be the first wireless provider to offer a mobile device specifically for people with intellectual disabilities.   

For more information about the RAZ Mobility Memory Cell Phone, visit https://www.razmobility.com/solutions/memory-cellphone/.

For more information about Affinity Cellular, visit https://affinitycellular.com/