Archive for November 10, 2021

HR Tech Group Releases 2021 Diversity In Tech Dashboard

Posted in Commentary with tags on November 10, 2021 by itnerd

HR Tech Group today announced the release of their 2021 Diversity in Tech Dashboard, one of several initiatives stemming from the organization’s Diversity, Equity and Inclusion (DE&I) Tech Project, launched in 2019 with funding from the Province of BC. The Diversity in Tech Dashboard reports year-over-year progress on representation of equity-deserving groups in the BC tech sector. The project aims to improve the attraction, retention and advancement of women, Indigenous peoples, people with disabilities, people of colour, newcomers to Canada, and individuals who identify as 2SLGBTQQIA+ in skilled technology occupations throughout the province.

In 2021, 171 tech employers participated in the Diversity in Tech Dashboard survey, providing industry-wide data on DE&I policies and practices and employee representation. Now in its second year, participation in this year’s survey was up by approximately 27%, from 134 employers in 2020. This year, 38% of participating organizations reported already having company-wide DE&I goals in place, with an additional 43% considering or currently working on goal-setting.

Key findings related to how employees self-identify*: 

  • 8.3% of employees self-identified as 2SLGBTQQIA+
  • 2.9% representation of people with disabilities (apparent or non-apparent)
  • 0.7% representation of Indigenous peoples in BC’s tech sector

* Based on survey results

Key findings related to employee reporting on their gender identity*:

  • 66.6% self-identify as a man
  • 33.2% self-identify as a woman
  • 0.2% self-identify as non-binary or other
  • 81% of the roles in human resources and 76% of the roles in administration are filled by women
  • 23% of the roles in technology, design & support and manufacturing are filled by women
  • 31% of executive level roles are filled by women

* Based on survey results

While 41% of employees reported identifying as visible minorities, this dropped to just 19% at the executive level. The representation of visible minorities is highest in software engineer and developer roles, with 44.5% representation, relative to the 41% reported across all employees.

The Diversity Dashboard showcases data from HR Tech Group’s 2021 Tech Salary Survey, which is produced in partnership with Mercer and includes data from 25,353 incumbents at 184 Canadian tech employers. For more information and to explore HR Tech Group’s Diversity in Tech Dashboard, visit: https://diversity.hrtechgroup.com/diversity-tech-dashboard.

Microsoft To Kill OneDrive Support For Windows 7, 8 and 8.1

Posted in Commentary with tags on November 10, 2021 by itnerd

Microsoft announced yesterday that will kill OneDrive on Windows 7, 8 and 8.1 on March 1st, 2022. Which means that if you’re on any of those operating systems, you have two choices:

  • Update to Windows 10 or newer
  • Access your files using the OneDrive website

Here’s why Microsoft is doing this:

In order to focus resources on new technologies and operating systems, and to provide users with the most up-to-date and secure experience, beginning January 1, 2022, updates will no longer be provided for the OneDrive desktop application on your personal Windows 7, 8, and 8.1 devices. Personal OneDrive desktop applications running on these operating systems will stop syncing to the cloud on March 1, 2022. 

I think that translates to “we want to focus on Windows 10 and Windows 11”. Which makes sense. But is still sure to rile up a few people out there. In any case, if you are running Windows 7, 8 and 8.1 and you use OneDrive, consider yourself warned.

The Ransomware Attack On The TTC Is Worse Than Previously Thought As Info On 25K Employees Is Swiped

Posted in Commentary with tags on November 10, 2021 by itnerd

You might recall that I wrote about the TTC being pwned by ransomware. That is bad. But it’s now worse as 25,000 TTC employees now have to worry about their personal information falling into the hands of scumbags who will no doubt do something evil with it:

Personal information of tens of thousands current and former employees of the Toronto Transit Commission may have been stolen, the transit agency says based on further investigation into an online ransomware attack that hit some of its systems a few weeks ago. 

In a news release Monday, the TTC said the compromised information may include the names, addresses and Social Insurance Numbers of up to 25,000 employees. 

The agency said it continues to investigate whether a small number of customers and vendors may also be affected.

“It is very important to note that, at this time, there is no evidence that any of the personal information that was accessed has been misused,” the release noted.

I think the TTC means to say that “there is no evidence that any of the personal information that was accessed has been misusedYET.” And Director of Strategic Threat, Marcus Fowler at Darktrace agrees with me:

“Double extortion ransomware, where attacks don’t just lock up data but steal it too, remains a top cyber concern with the alleged theft of personal information of over 25k current and former TTC employees. This tactic is of particular concern because when a company refuses to pay up, information can be leaked online or sold to the highest bidder making all backups and data recovery plans worthless. Stopping attacks that are in progress, before hackers get the chance to encrypt and steal data, has never been more critical in the ongoing war against innovative cyber criminals.”

This is a huge disaster for the TTC. Some of their services are still down with no timeline for them to come back online. And now there’s this. This is not a good look at all for the TTC.

Guest Post: New DatopLoader Delivers Qakbot Trojan According To Minerva Labs 

Posted in Commentary with tags on November 10, 2021 by itnerd

Via Minerva Labs (www.minerva-labs.com)

A new phishing campaign delivers a Qakbot (also known as Qbot or Quakbot), using DatopLoader(aka Squirrelwaffle). 

DatopLoader( aka Squirrelwaffle) compromises victims via a malspam campaign and provides threat actors with the initial foothold into systems and victims’ network environments. This can then be used to facilitate further compromises or additional malware infections, which depends on how adversaries wish to monetize their access.

Yesterday (November 8, 2021), we spotted a malicious excel file trying to execute three different files using regsvr32.exe:

malicious excel file

Figure 1 Malicious Excel File

At first glance, this excel file contains one sheet which guides the user to enable the macro, ultimately leading to a network connection and eventual delivery of QakBot. Uncharacteristically, this sheet does not contain the usual culprits of a malicious file i.e. Excel Macro 4, sheet password protection, etc. This makes us suspicious. We enabled a Developer Tab in excel and checked this file’s VBA project.

To learn more about our malware solution, request a demo

We found three more sheets that were hidden, and switched them to visible mode. All three sheets contained Excel Macro 4; one of the sheets contained letters, numbers, and symbols, and two others seemed to be responsible for creating a new folder using kerner32.dll!CreateDirectoryA, downloading three files from three different domains, saving those files on a local disk in a create folder , and executing each one of them using regsvr32.exe:

excel macro
excel macro 4
excel macro
  • The folder created was named “Datop” under a C:\. 
  • The downloaded files were named C:\Datop\good.good, C:\Datop\good1.good and C:\Datop\good2.good. 

All three downloaded files were found to be Qakbot banking trojans’ DLLs. Qakbot, also known as Pinkslipbot, Qbot, and Quakbot. This is a notorious Banking Trojan designed to steal account credentials and online banking session information, leading to account takeover fraud.

This Squirrelwaffle sample employs the same delivery scheme as the one that was posted by Malware Traffic earlier this month. 

Squirrelwaffle malware

Figure 2 Squirrelwaffle delivery scheme by Malware Treaffic

Minerva Lab’s Malicious Document Protection module prevents the execution of Squirrelwaffle-like malware, safeguarding the organization from a mass infection:

Malicious Document Protection

IOC’s 

Domains:

Hashes:

  • good.good – 9E27F618EC40BEDBAFBA4FECC1EE84A8 – QakBot
  • good1.good – D5A5FB1FBDFEF257653D08A65AC7730A – QakBot
  • good2.good – 8EC26FF6330BF890190944DE65BD2B6B – QakBot

Resources

iRobot 2021 Holiday Gift Guide

Posted in Commentary with tags on November 10, 2021 by itnerd

iRobot, the leading global consumer robot vacuum company, offers the perfect home assistants that will leave loved ones with a sparkling clean home, all at the push of a button.  

Whether it be for smart home tech fanatics, those with four-legged furry friends, or someone who can use the extra free time in their busy schedule, iRobot’s innovative robot mops and vacuums are great options to gift. Here’s some examples:

  • THE SMARTEST VACUUM YET (NEWLY LAUNCHED): Roomba j7+ ($1049.99 CAD) is iRobot’s most thoughtful robot vacuum to-date. Not only is it a collaborative cleaning partner that delivers superior cleaning performance, the j7+ offers unique PrecisionVision Navigation that identifies and avoids common obstacles such as cords and pet waste, and will get smarter with each use. You can say goodbye to nightmare incidents of sucked up headphones or smeared messes around the home made by your pets. You can have more control over your clean with Genius 3.0, which offers an even more personalized cleaning experience. 
  • A CLEAN LOVER’S DREAM: Roomba s9+ ($1,399.99 CAD) has groundbreaking technology and a sophisticated design, making it iRobot’s most powerful flagship device. The Roomba s9+ offers the deepest clean yet with an advanced 3D sensor and PerfectEdge Technology. You can also forget about vacuuming for months at a time with the Clean Base Automatic Dirt Disposal that allows the s9+ to empty itself for up to 60 days. The Anti-Allergen System traps and locks dirt, debris and allergens from escaping from the robot or its Clean Base.
  • MOP WITH EASE: Braava jet m6 ($599.99 CAD) is ideal for multiple rooms and large spaces, and helps tackle all of life’s messes on hard floors. Simply attach a mopping or sweeping pad and the robot automatically takes it from there to give you fresh, clean floors. Intelligent Imprint Link Technology allows your Braava jet m6 to work in sequence with select Roomba devices to vacuum and mop your floors, all by a push of a button or voice command – cleaning that fits seamlessly into your life!

Given that we live in supply constrained times, you should shop early to ensure that you get the perfect gift.

Guest Post: Over 60% Of Global Ransomware Attacks Are Directed At The US And UK Says Atlas VPN

Posted in Commentary with tags on November 10, 2021 by itnerd

Criminals use ransomware as a weapon to damage businesses or countries’ cybersecurity and obtain critical information.

According to the recent Atlas VPN team findings, over 60% of global ransomware attacks are directed at the US and UK. In addition, most of the attacks target government administrations intending to steal sensitive information belonging to the state.

As of October 2021, 52% of all ransomware attacks globally are targeting the US. Hackers launched the most significant cyberattacks this year, precisely at US businesses. Colonial Pipeline, JBS Foods, Kaseya are just a few of the largest examples.

Nearly 11% of ransomware attacks hackers directed at UK enterprises. One massive hack happened last month in October to a British jeweler Graff. Conti criminal gang leaked 69,000 confidential documents relating to celebrities like Donald Trump, Oprah Winfrey, David Beckham, and more.

Canadian businesses suffered from 4.51% of all ransomware attacks worldwide. Back in February, the DarkSide ransomware gang hit one of Canada’s biggest rental agencies Discount Car and Truck Rental. 

Almost 21% of ransomware attacks were directed at the rest of the world.

Government under ransomware pressure

Hackers specifically choose industries and companies where the loss of data could be detrimental to its successful operations.

Government administrations suffered the most ransomware attacks in 2021 so far — 47. Outdated technology and the lack of cybersecurity staff make governments vulnerable to attacks.

The education industry experienced 35 ransomware attacks globally this year. Interconnected networks in educational institutions usually can help spread the ransomware faster, creating more damage.

Cybercriminals launched 33 ransomware attacks at healthcare facilities. Hospitals are lucrative targets for hackers as they hold sensitive patient data such as social security numbers and other personal information.

The services industry suffered from 28 ransomware attacks this year. Typically, businesses in the service field hold a lot of personal information about their clients.

To read the full article, head over to: https://atlasvpn.com/blog/over-60-of-global-ransomware-attacks-are-directed-at-the-us-and-uk

Uber Canada & Greenlots Launch Pilot Project To Encourage EV Adoption In Vancouver

Posted in Commentary with tags on November 10, 2021 by itnerd

Today, Uber announced that it will launch an electric vehicle (EV) charging pilot project in Vancouver, British Columbia. Uber will partner with global EV charging solutions leader, Greenlots, a member of the Shell Group that is soon to become Shell Recharge Solutions in 2022, to install three new fast-charging stations in locations with high rideshare utilization. This is Uber’s first partnership in North America designed to increase EV charger access exclusively for drivers and delivery people on Uber in public areas. The goal of the project is to increase EV adoption in the city, and use the pilot’s learnings to increase EV adoption in other cities where Uber operates in North America. 

Vancouver currently has the highest percentage of low-emission vehicles on Uber across all Canadian markets, but access to public charging options remains a key barrier in the city. The new charging locations will be in downtown Vancouver, Metropolis at Metrotown, and the final station to be confirmed. All three stations will open in January 2022, and will offer discounted charging rates to make public charging more affordable than charging at home.

This pilot is a continuation of Uber’s ongoing work to become a zero-emission mobility platform by 2040. Earlier this year, Uber rolled out Uber Green, Uber’s low-emissions ride option, to 16 cities across Canada. Drivers using an EV receive an incentive of $1 incremental in earnings for every trip made on the platform. Uber also launched Uber+Transit earlier this month in Ontario, which offers users convenient routes that combine local transit with an Uber ride. Uber also offers various resources to drivers and delivery people looking to make the switch to an EV including the EV calculator, which helps inform drivers of the cost of ownership, subsidies, and local benefits available when making the switch to an EV. 

Uber’s partnership with Greenlots on this pilot was a natural fit. Greenlots brings extensive experience providing turnkey solutions scaled to the specific electrification requirements of light, medium and heavy-duty fleets. Support for Uber includes site acquisition, system design and installation, and site operation tools. 

Based on behaviour and adoption rates, the Uber and Greenlots pilot project in Vancouver can act as a blueprint that can be replicated in urban hubs across North America. British Columbia’s Zero-Emission Vehicles Act (ZEV Act) along with programs like the City of Vancouver’s Climate Emergency Action Plan have created a framework that has encouraged a shift to electric in the region. The transition is also inclusive of populations that were once difficult to reach. For example: Vancouver requires 100% of new multi-unit residential buildings to include EV charging, and recently passed similar requirements for non-residential developments.

Wider access to EV charging can increase exposure and buying options, and influence EV adoption across Uber’s vast driver and customer network, to help electric go mainstream. With Uber’s scale, more electric miles would be completed in urban areas, and more charging on city networks. This would help strengthen charger accessibility within communities, and lead to lower battery costs, two significant barriers to EV adoption.