Archive for December 14, 2021

Guest Post: A Record Number Of Data Leak Sites Detected In 2021

Posted in Commentary with tags on December 14, 2021 by itnerd

Falling victim to a ransomware attack is one of the worst things that can happen to a company from a cybersecurity standpoint. No other attack damages the organizations’ reputation, finances, and operational activities like ransomware.  

Getting hit by ransomware means that hackers were able to steal and encrypt sensitive data. Usually, cybercriminals demand payment for the key that will allow the company to decrypt its files. Also, fraudsters promise to either remove or not make the stolen data publicly available on the dark web.

However, the situation usually pans out a bit differently in a real-life situation. Hackers tend to take the ransom and still publish the data. This is commonly known as double extortion.

Atlas VPN analysis builds on the recent Hi-Tech Crime Trends report by Group-IB.

Findings reveal that the second half of 2021 was a record period in terms of new data leak sites created on the dark web.

Researchers only found one new data leak site in 2019 H2. However, the situation took a sharp turn in 2020 H1, as DLSs increased to a total of 12. Similarly, there were 13 new sites detected in the second half of 2020.

2021 is a record year in terms of how many new websites of this kind appeared on the dark web. DLSs increased to 15 in the first half of the year and to 18 in the second half, totaling 33 websites for 2021, a 32% growth YoY.

Record number of companies affected

Last year, the data of 1335 companies was put up for sale on the dark web. However, this year, the number surged to 1966 organizations, representing a 47% increase YoY.

Yet, this report only covers the first three quarters of 2021. Meaning, the actual growth YoY will be more significant.

Organized crime groups to blame

Some people believe that cyberattacks are carried out by a single man in a hoodie behind a computer in a dark room. However, that is not the case.

Ransomware attacks are nearly always carried out by a group of threat actors. For example, a single cybercrime group Conti published 361 or 16.5% of all data leaks in 2021.

To read the full article, head over to: https://atlasvpn.com/blog/record-number-of-data-leak-sites-detected-in-2021

Leave a comment »

Upgrading To macOS Monterey 12.1 Was A Pain In The A$$

Posted in Tips with tags on December 14, 2021 by itnerd

Yesterday Apple released macOS Monterey 12.1, and I of course tried to install it on my new 16″ MacBook Pro. The thing is, that it seemed that the MacBook Pro didn’t want it. At first, I couldn’t get it to show up in Software Update. A quick look at Twitter indicated that I wasn’t alone in that department:

His experience mirrored my experience. But there were others:

https://twitter.com/RobertoC_73/status/1470764935063883777

In my case, I briefly saw the update. But when I tried to download it and install it, the update failed and then caused my CPU to spike with a service called “NRDUpdateD” chewing up a massive amount of CPU time. And rebooting the Mac wouldn’t fix that. My guess was that my operating system was in some state where it couldn’t perform the update properly because the service in question was going haywire. Thus I needed to take action via reinstalling the OS.

Now the best way to reinstall macOS is via recovery mode. The reason is that the Mac boots to a completely separate OS which makes it way less complicated for the installer application to install the OS as any customizations or applications like anti-virus applications don’t enter the picture. This document details how to enter recovery mode. And once you’re in it, I started the macOS installer.

Now here’s where things get time consuming. Once you get into this installer, it will download roughly 12.5 GB as this installer always installs the latest version available. So you need to have a fast internet connection or you will be waiting a very long time. In my case, it took about an hour to download and reinstall the OS. After that, I was on macOS Monterey 12.1 and everything worked.

I am now starting to do some testing. Specifically, to see if the memory leak issue is fixed. Apple didn’t specifically say so on the release notes. But here’s hoping that it is fixed. I do notice that my MacBook Pro is running slightly cooler with less CPU being used. I’ll follow up on that front and with whatever else I find.

UPDATE: A reader asked if my data remained intact after the reinstall. It did. But it goes without saying that you should have a backup just in case.

2 Comments »

Kronos Gets Pwned And Could Be Down For Weeks [UPDATED]

Posted in Commentary with tags on December 14, 2021 by itnerd

Kronos workforce management solutions provider has suffered a ransomware attack that will likely disrupt many of their cloud-based solutions for weeks:

As we previously communicated, late on Saturday, December 11, 2021, we became aware of unusual activity impacting UKG solutions using Kronos Private Cloud. We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident affecting the Kronos Private Cloud—the portion of our business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed. At this time, we are not aware of an impact to UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, which are housed in separate environments and not in the Kronos Private Cloud.

We are working with leading cyber security experts to assess and resolve the situation, and have notified the authorities. The investigation remains ongoing, as we work to determine the nature and scope of the incident.

Their UKG solutions using ‘Kronos Private Cloud’ are unavailable due to a weekend ransomware attack on December 11th.

Ayal Yogev, CEO and Cofounder, Anjuna Security:

“We continue to see that even the most fastidious SaaS companies struggle to protect their business because today’s computing paradigm equates host access with unfettered data and process access.  A new generation of powerful secure computing technologies uncouple this dangerous link that is the enabler of so many breaches today.”

This isn’t a good look for Kronos as a lot of companies rely on their services. And they could go elsewhere which will cost the company both in terms of money, and to their reputation.

UPDATE: Eddy Bobritsky, CEO of Minerva Labs had this to say:

Ransomware attacks are becoming bolder and more sophisticated, using evasive malware techniques to get around regular EDR antivirus solutions. As we can see here, even with quick detection and immediate action, a small ransomware attack can result in damages that can take “up to several weeks to restore system availability”. This is why, despite its difficulty, it is important to start moving towards a prevention approach, rather than a detect and respond one.

1 Comment »

CN Partners with Google Cloud 

Posted in Commentary with tags on December 14, 2021 by itnerd

CN and Google Cloud today announced a seven-year strategic partnership to transform CN’s supply chain as part of digital scheduled railroading, deliver new customer experiences, and modernize its technology infrastructure in the cloud. The companies will collaborate on new services to revolutionize the North American railway system, combining CN’s world-leading expertise in the transportation and logistics industry with Google Cloud’s technology and culture of innovation.

Through this partnership, CN and Google Cloud will set a new standard for the railway system that delivers better experiences for customers across industries–from materials and resources, to manufactured products, to consumer goods. CN’s work with Google Cloud will drive the railway’s ability to achieve continued growth and execute on transformational business initiatives, while supporting its sustainability goals, as Google’s platform is the cleanest cloud in the industry.

As part of the partnership, CN and Google Cloud will collaborate on the following initiatives:

  • Enabling better connectivity and collaboration with customers and supply chain partners: CN will develop an intuitive digital platform, powered by Google Cloud’s artificial intelligence (AI) and machine learning (ML) tools, ultimately giving customers and supply chain partners more visibility into the logistics journey of planning, shipping, tracking and payment.
  • Delivering new experiences for CN’s customers through co-innovation initiatives: This multi-year partnership will combine CN’s industry expertise with Google Cloud’s leadership in data analytics, AI, and ML to deliver new solutions and next-generation experiences for CN’s employees, customers, and partners, such as simplified ordering and automated tracking to further enhance predictive maintenance capabilities.
  • Modernizing CN’s infrastructure in the cloud: CN will gradually and securely move the large majority of its digital infrastructure, including SAP applications, from on-premises to Google Cloud’s always-on global network. Moving to the cloud will allow CN to scale with customer and industry demands, simplify the company’s IT estate, create efficiencies, and reduce product delivery lead times.

CN is a world-class transportation leader and trade-enabler. Essential to the economy, to the customers, and to the communities it serves, CN safely transports more than 300 million tons of natural resources, manufactured products, and finished goods throughout North America every year. As the only railroad connecting Canada’s Eastern and Western coasts with the U.S. South through a 19,500-mile rail network, CN and its affiliates have been contributing to community prosperity and sustainable trade since 1919. CN is committed to programs supporting social responsibility and environmental stewardship.

Google Cloud accelerates organizations’ ability to digitally transform their business with the best infrastructure, platform, industry solutions and expertise. We deliver enterprise-grade solutions that leverage Google’s cutting-edge technology – all on the cleanest cloud in the industry. Customers in more than 200 countries and territories turn to Google Cloud as their trusted partner to enable growth and solve their most critical business problems.

Leave a comment »