Archive for December 7, 2021

BREAKING: Amazon AWS Is Having A MAJOR Outage

Posted in Commentary with tags on December 7, 2021 by itnerd

The Amazon AWS status page is listing a major outage. This was the first posting that the cloud provider posted at 9:37 AM today:

We are seeing impact to multiple AWS APIs in the US-EAST-1 Region. This issue is also affecting some of our monitoring and incident response tooling, which is delaying our ability to provide updates. We have identified the root cause and are actively working towards recovery. 

It’s actually worse than that. AWS powers a huge part of the Internet. So if you have a Ring smart home system, cameras, and Alexa speakers, you have a problem as they likely don’t work. On top of that, if you want to watch Hawkeye or some other show on Disney+, you will likely have issues doing that as well as Disney+ is hosted on AWS. In fact, games like PUBG, League of Legends, and Valorant don’t work either. Not to mention Tinder, Roku, Coinbase, both Cash App and Venmo are down too. And finally, Amazon is having issues delivering stuff as they themselves are powered by AWS. And the list goes on from there.

Expect this outage to last a very long time given that it has gone on for most of the day.

UPDATE: As of 50 minutes ago, this was the posting on the AWS Status Page:

[3:03 PM PST] Many services have already recovered, however we are working towards full recovery across services. Services like SSO, Connect, API Gateway, ECS/Fargate, and EventBridge are still experiencing impact. Engineers are actively working on resolving impact to these services.

UPDATE #2: The outage appears to be largely over as per this:

[4:35 PM PST] With the network device issues resolved, we are now working towards recovery of any impaired services. We will provide additional updates for impaired services within the appropriate entry in the Service Health Dashboard.

SentinelOne Report Details 27 Vulnerabilities In Eltima SDK

Posted in Commentary with tags on December 7, 2021 by itnerd

A new report from SentinelOne details 27 vulnerabilities in the Eltima SDK, a USB-over-network library used by numerous cloud providers to remotely mount a local USB drive. The software and cloud platforms affected include Amazon WorkSpaces, FlexiHub and more. Exploiting these flaws would allow remote threat actors to gain elevated access on a cloud desktop to run code in kernel mode. 

Yan Michalevsky, CTO and Cofounder, Anjuna Security:

“The implication of this flaw is that remote attackers can gain privileged access on cloud instances and potentially compromise data.This is where Confidential Computing can further protect applications and data even when the infrastructure is compromised and attackers gain admin access.”

“This is just one example of what has been known for a while:  Today’s computing infrastructure isn’t safe. Any host data and security protection can be compromised via USB but also through multiple other software-based avenues that lead to the holy grail:  Unencrypted host memory.” 

There’s no sign of a widespread exploitation of the issues that SentinelOne has raised, and the vendors have been notified and taken action to mitigate them. But you can bet the bad guys are going to start to exploit this now that this report is out there if people don’t take the mitigation steps in the report.

A Cuban…. Yes Cuban Ransomware Gang Scores A Big Payday

Posted in Commentary with tags on December 7, 2021 by itnerd

Here’s a story that I thought I would never be writing. A Cuba Ransomware Gang Hauls in $44M in Payouts. That’s right. A ransomware gang in Cuba. The gang used a variety of tools and malware to carry out attacks in volume on critical sectors, warned the FBI in a flash alert.

Anurag Gurtu, CPO, StrikeReady (www.strikeready.co) had this to say:

Cuba ransomware is known to targets victims’ personal files such as photos, videos, and documents. This attack involves using CryptGenRandom API call to generate keys for encryption of files using a custom algorithm. It’s not uncommon to see this ransomware gang using a Russian linked malware –  Hancitor, aka Chanitor malware.  

Hancitor spreads via social engineering techniques mainly through phishing e-mails embedded with malicious links and weaponized Microsoft Office documents containing malicious macros in them. And its attack chain often begins with the threat actor sending out fake DocuSign malspam emails, which results in a victim unknowingly downloading a Trojanized Microsoft Word document. Once the fake DocuSign document is opened and its malicious macro code is allowed to run, Hancitor will reach out to its command and control (C2) infrastructure to receive a malicious URL containing a sample of Ficker to download.

Companies need to work on ensuring that their employees are equipped with the tools to avoid being phished. Because if the threat doesn’t get in, nothing bad will happen. And that’s the best form of protection.

Clearview AI Set To Get A Patent…. Which Is All Sorts Of Wrong

Posted in Commentary with tags on December 7, 2021 by itnerd

I haven’t written about notorious facial recognition company Clearview AI in some time. But they’re back in the news as it looks like that they are going to get a patent for some of their tech:

Clearview AI, the notorious facial recognition company which has partneredwith over 2,400 law enforcement agencies across the U.S, is about to receive a patent for what it describes as a first of its kind, “search engine for faces.”

Politico, which was the first to discover the patent originally filed in August 2020, determined the U.S. Patent and Trademark Office had sent Clearview a notice of allowance last week. That means Clearview essentially has the patent in the bag so long as it pays its administrative fees. And with well over $38 million raised so far in funding according to Crunchbase, paying the bill shouldn’t be a problem.

In an interview with Politico, Clearview CEO Hoan Ton-That claimed his company’s tool would represent the first of its kind to use “large-scale internet data.” That translates to, the first facial recognition service to scrape billions of photos from social media and other publicly available databases, almost always without users’ consent. That sweeping database of faces includes somewhere around 10 billion images, according to Ton-That.

This is all sorts of wrong that has privacy advocates freaking out. And rightly so.

Mark Stamford, Cyber Security Expert and Founder of OccamSec had this to say about the patent:

Well first, it’s not really AI. They collect a bunch of pics, use some machine learning, and then match faces to names.

Then he goes on to say the following:

  • From a privacy standpoint its mostly awful – their long term plan (judging by the patent application) is to give everyone the ability to scan faces and work out who people are. 
  • So we can imagine a situation where you meet someone, and can quickly get their background info and determine if you should talk to them. 
  • Seems harmless enough, but how about I work out who in the environment is worth robbing? Or kidnapping? Or I can use these to determine who someone is, find out how much they might be worth, and use the info to launch a social engineering attack against them leading to me emptying their bank account (it will save me hours of time if I can just see a face and get all its info).

He concludes, “Beyond that, its full on black mirror land.

I’ve said it before and I will say it again. Clearview AI is a clear and present danger. No company should be allowed to do what it is doing, and given that countries worldwide along with numerous companies have tried to curtail if not stop what it is doing, one can hope that it will drive them out of existence.

Guest Post: Almost 100k Americans Fell Victim To Credit Card Fraud In 2021 Q3 Says Atlas VPN

Posted in Commentary with tags on December 7, 2021 by itnerd

Credit card fraud has become one of the most popular ways for criminals to make a quick buck. Credit card identity theft is relatively easy to carry out, and it’s also significantly less risky than traditional types of crimes, which is why it’s the most common type of identity theft in the last quarter.

Data extracted and analyzed by Atlas VPN reveals that 97 thousand Americans were the victims of credit card fraud in Q3 2021. This type of identity theft most commonly victimized people ages 30-39.

The analysis is based on the complaints submitted to the Federal Trade Commission (FTC) via their official website identitytheft.gov. Here, US citizens can report identity theft and get help by receiving a personal identity theft recovery plan.

The FTC received 263 thousand identity theft reports in the third quarter of 2021. More than a third of those – 37%, were identity theft complaints concerning credit card fraud.

The majority of the victims belong to the age group of 30-39. As many as 27 thousand victims were in this age group, representing 34% of the total. 

The second most affected group was in the age brackets of 40-49 and 20-29, with 18 thousand and 17 thousand victims, respectively.

How is credit card fraud carried out?

Apart from being less risky than other crimes, credit card fraud is attractive to criminals because it is relatively easy to carry out. On top of that, profits are substantial and immediate due to the nature of the crime.

We will cover the steps the thief has to complete to carry out credit card fraud for educational purposes.

To read the full article, head over to: https://atlasvpn.com/blog/almost-100k-americans-fell-victims-to-credit-card-fraud-in-2021-q3

Trend Micro Prediction Report Forecasts Cyber Fightback In 2022

Posted in Commentary with tags on December 7, 2021 by itnerd

Trend Micro Incorporated today predicted global organizations will emerge more alert and better prepared in 2022 thanks to a comprehensive, proactive, cloud-first approach to mitigating cyber risk.

Research, foresight, and automation are critical for organizations to manage risk and secure their workforce. Trend Micro blocked 40.9 billion email threats, malicious files and malicious URLs for customers in the first half of 2021 alone – a 47% year-over-year increase.

Trend Micro researchers predict that threat actors in 2022 will focus ransomware attacks on cloud and datacenter workloads and exposed services to take advantage of the large number of employees continuing to work from home. Vulnerabilities will be weaponized in record time and chained with privilege escalation bugs to drive successful campaigns, according to the report.

IoT systems, global supply chains, cloud environments, and DevOps functions will be in the crosshairs. More sophisticated commodity malware strains will be aimed at SMBs.

However, Trend Micro predicts that many organizations will be ready for the challenge as they build out and implement a strategy to proactively mitigate these emerging risks via:

  • Stringent server hardening and application control policies to tackle ransomware
  • Risk-based patching and a high-alert focus on spotting security gaps
  • Enhanced baseline protection among cloud-centric SMBs
  • Network monitoring for greater visibility into IoT environments
  • Zero Trust principles to secure international supply chains
  • Cloud security focused on DevOps risk and industry best practices
  • Extended detection and response (XDR) to identify attacks across entire networks

To read a full copy of Trend Micro’s 2022 predictions report, please visit:https://documents.trendmicro.com/assets/rpt/rpt-toward-a-new-momentum-trend-micro-security-predictions-for-2022.pdf

Waze Posts Their “Year in Rear View”……. And Serves Up A Santa Experience For Users

Posted in Commentary on December 7, 2021 by itnerd

Ever wondered what types of locations Canadians drove to the most in 2021 or what the soundtrack was to this year’s drive? Waze answered these questions and more in its inaugural ‘Year in Rear View’ survey, which launches today. Using first- and third-party data, Waze takes a look back at our year in travel to see the places we drove the most, the music that kept us entertained, and what quirky driving habits we all shared during 2021.

Waze asked respondents in Canada, U.S., U.K., France, Italy, Israel, Brazil and Mexico about their behind-the-wheel driver behaviours, favourite forms of entertainment, fun facts and aspirations, and what they experienced on the road this year. Following a year where most of us stayed close to home, 2021 opened up new opportunities to hit the road and get back to travelling.

2021 Year in Rear View Results Behind-the-Wheel Behaviours: What behaviours, trends or quirky habits did drivers showcase in 2021?

  • 70% of Canadians said shopping was the main reason they drove this year, with family visits (48%), visiting friends (37%) and commuting for work (36%) accounting for other top reasons for getting in the car
  • Residences and restaurants were top navigations for Canadians in 2021
  • 52% of Canadian drivers would wait patiently instead of using their horn if someone ahead of them wasn’t moving. 60% of those in the Atlantic region would wait compared to 48% from Central Canada
  • 66% of Canadian respondents are happy drivers, rating themselves an 8 or above (out of 10) compared to 60% globally
  • Older Canadians are more confident parallel parkers: while 38% of 18 to 24 year olds refused to parallel park in 2021, only 3% of those 65 and over refused\
  • Ed Sheeran’s “Bad Habits” was the 2021 song that best reflected Canadians’ year on the road (15%)

Entertainment: What kept drivers entertained this year? 

  • Canadian artists topped the charts: globally, the top five songs drivers listened to via the Spotify integration on Waze included ‘STAY’ by The Kid LAROI with Justin Bieber (#1) and ‘Blinding Lights’ by The Weeknd (#5)
  • Sweets and candy were the top snack of choice for drivers globally, except in Canada and the U.S. where drivers prefer fast food 
  • Listening to music was the top way Canadian drivers entertained themselves behind the wheel (82%), similar to the 76% of global respondents who did the same
  • When asked what they did while driving in 2021, Canadians showed regional differences: 
  • 45% said they belted the music to their favourite song, but that number was higher in the Prairies at 54% and lower in Central Canada at 40%
  • 36% said they waved at another driver, but drivers in the Prairies were the most friendly with 48% waving, while only 29% of drivers in Central Canada waved

Driving Dreams: What were drivers’ wish-lists of favourite cars, passengers or aspirations for driving?

  • James Bond’s Aston Martin (40%) was the car of choice for Canadian drivers, followed by Batman’s Batmobile (24%)
  • Globally, Jennifer Lopez and Elon Musk are the top female and male celebrities who made headlines that drivers would most like to have in their passenger seat, while in Canada, Adele took top honours
  • 32% of Canadians would give up alcohol for a year in exchange for no traffic, while just 5% would give up their phones

Local Canada Navigations:

  • Between January 1 and November 2, 2021, August showed the highest increase in nationwide driving (+70%) compared to pre-COVID numbers
  • In what cities did Wazers drive the most this summer (June-September)?
  1. Toronto
  2. Montreal
  3. Mississauga, Ont.
  4. Laval, Que.
  5. Vaughan, Ont.
  6. Ottawa
  7. Brampton, Ont.
  8. Hamilton, Ont.
  9. Longueuil, Que.
  10. Québec City
  • Are you planning to travel for the holidays this year? 
  1. No (41%)
  2. Yes, to another city/outside my local area (24%)
  3. Yes, within my city/local area (16%)
  4. I don’t know yet (15%)
  5. Yes, to another country (9%)

Additional data related to travel and COVID-19 over the last year can be found at waze.com/covid19.

 **Research conducted by OnePoll between 10.27.2021 to 11.09.2021 using a sample of 11,000 adults in Canada, the UK, US, Brazil, France, Italy, Mexico and Israel. OnePoll are members of ESOMAR and employ members of the MRS.

Finally the new Santa experience is launching today and it will offer Canadian Waze users two Santas to choose from on their drives. Select the sleigh, voice, and Mood for a holly jolly Santa who brings optimism to every drive, or Mall Santa, who will bring cheer and laughs alongside a Mood and vehicle inspired by mall Santas everywhere. Either choice means a more magical ride.

Also available for this new experience: A Mall Santa playlist [in partnership with Universal Music] and a Santa playlist [in partnership with Universal Music].

Vayyar To Provide Fall Detection Powered By Touchless Technology Compatible With New Amazon Alexa Together Service

Posted in Commentary with tags on December 7, 2021 by itnerd

Vayyar Imaging, the Israeli supplier of 4D imaging radar-based solutions, has teamed up with Amazon to make Vayyar Care, Vayyar’s touchless fall detection solution, compatible with the new Alexa Together service from Amazon, launching today. 

Wall-mounted sensors use point cloud imaging technology to constantly monitor their surroundings, providing peace of mind while respecting privacy. Vayyar Care detects falls in all lighting conditions, including pitch darkness, and even dense steam, making it ideal for use in bathrooms where 80% of falls happen and where customers may not want to have cameras. 

After a fall, standard buttons and cords are often out of reach and even wearables cannot guarantee round-the-clock protection: a third of seniors forget to put on their devices, while a fifth refuse to use them, fearing loss of independence.

In fact, over 90% of seniors now prefer to continue to live independently rather than move into an assisted living community. 

When the Vayyar Care device detects a fall, it will send a signal to Alexa to ask if the customer wants to call the Alexa Together Urgent Response emergency helpline. Alexa will also send a notification to the aging loved one’s caregiver. 

Vayyar Care builds on the global success of the company’s B2B platform, which provides real-time fall detection and supports advanced activity analytics for senior living communities in the U.S., EU, China, Australia, and beyond. 

The multifunctional sensing technology relies on low-power radio frequency waves, providing a safe, robust, and reliable solution for elderly people who want 24/7 protection without compromising their privacy or independence. 

Vayyar Care is available now from amazon.com.

Globally 1 in 5 Employees Fail Global Phishing Test: Terranova Security

Posted in Commentary with tags on December 7, 2021 by itnerd

The new edition of the Terranova Security Phishing Benchmark Global Report, drawing on results from the 2021 Gone Phishing TournamentTM, reveals that overall end user click rates remained high in the face of this year’s phishing simulation. It also details the rise in the number of users who would’ve compromised their devices with malware had the phishing simulation not been a safe testing environment. 

The 2021 Phishing Benchmark Global Report results emphasize the growing need for all organizations to address the human element of cyber security by implementing engaging, informative security awareness training programs that leverage real-world phishing simulations to change the right end user behaviors. 

These revelations come at the end of a year where digital transformation accelerated at many workplaces worldwide. The widespread adoption of remote or hybrid work cultures and related technologies enhanced collaboration and productivity, but it also meant cyber security awareness levels were tested much more frequently and with increasingly complex cyber threats. 

The 2021 Gone Phishing Tournament took place over two weeks in October 2021 to coincide with Cybersecurity Awareness Month. In all, close to 1 million phishing simulation emails in 20 different languages were sent to end users during this stretch. 

2021 Phishing Benchmark Global Report: Key Results 

The 2021 Gone Phishing Tournament revealed that, in general, a significant portion of end users are still inclined to click on phishing email links and, in the case of this year’s simulation template, download malicious file attachments when prompted.  

Nearly one in every five end users (19.8%) who received the phishing simulation email clicked on the initial message’s phishing link, which is on par with the 2020 edition of the event. In total, 14.4% of all end users failed to recognize the simulation’s resulting webpage as unsafe and clicked on the malicious file’s download link. 

These realities mean that the number of initial clickers who ended up downloading the phishing simulation’s webpage file exceeded 70%, representing an increase of nearly three percentage points from the previous year. 

Other key data highlights from the third edition of this event include: 

  • When it came to downloading the malware document, North America fared best as a region (11.8%), while Europe took the runner-up slot (14.9). The Asia Pacific region finished with the highest malware download rate. 
  • For click rates by industry, Education, Finance and Insurance, and Information Technology exhibited the highest totals, all scoring over 25%. Meanwhile, Healthcare, Transport, and Retail all kept their click rates under 10%. 
  • Information Technology had the highest click-to-download ratio across all industries, with 84% of those who clicked on the initial phishing link eventually downloading the malware file. 

2021 Phishing Benchmark Global Report: Methodology 

This year’s email and webpage templates were supplied by Microsoft and reflected a real-world scenario all end users may encounter in their daily lives. The template’s scenario, selected by the Terranova Security leadership team, measured several end user phishing behaviors, including clicking on a link in the body of a phishing email and delivering malware in a downloadable file through a phishing webpage. 

The email and webpage spoofed the Microsoft SharePoint interface for an authentic look and feel. The email message even included instructions on how to download the file, which further enticed the end user to complete the action once they landed on the webpage. These decisions were made to give recipients a realistic sample of the increasingly complex nature of current phishing threats affecting professionals across many different industries. 

End users who clicked on the webpage link to download the malware file were met with a feedback page that offered a powerful learning moment. It pointed out warning signs the user may have missed during the simulation and highlighted best practices to keep in mind moving forward, giving them the tools needed to detect and avoid future threats consistently. 

Download the 2021 Phishing Benchmark Global Report to get all the results and facts from the latest edition of the Gone Phishing Tournament. 

Test Takers Sought for CompTIA Linux+ Beta Exam

Posted in Commentary with tags on December 7, 2021 by itnerd

Information technology (IT) professionals with a year or more of on-the- job experience working with Linux servers are invited to serve as beta testers for a new version of the CompTIA Linux+ certification exam, CompTIA, the nonprofit association for the IT industry and workforce, announced today.

CompTIA Linux+ is intended for early career IT professionals who support Linux systems in a range of applications, including the cloud, cybersecurity, mobile and web administration. The beta test is a precursor to the new CompTIA Linux+ exam scheduled to debut in June 2022.

Beta testers have the opportunity to take the new CompTIA Linux+ exam before it is generally available for the discounted price of $50. Individuals who pass the beta test will earn their CompTIA Linux+ certification. Beta test results will not be revealed to test-takers until the new exam launches in June 2022. To register for the CompTIA Linux+ beta exam visit https://home.pearsonvue.com/comptia.

CompTIA recommends that beta test takers have at least 12 months of hands-on experience working with Linux servers in a junior Linux support engineer or junior cloud/DevOps support engineer job role. Certification in CompTIA A+, Network+ and Server+ or similar certifications and knowledge are also recommended.

CompTIA Linux+ is the only job-focused Linux certification that covers the current foundational skills demanded by hiring managers in concepts such as system management, security, scripting, containers and automation and general troubleshooting. The exam includes performance-based and multiple-choice questions. It covers tasks associated with all major distributions of Linux, establishing a solid baseline of knowledge.

The CompTIA Linux+ beta exam may be taken online from home, a closed-door office or any private location with an internet connection. In-person testing at any of the thousands of Pearson VUE test centers around the world is also an option. For more details on test-taking options visit https://www.comptia.org/testing/testing-options/about-testing-options.