Archive for April 25, 2022

BREAKING: Elon Musk Buys Twitter For $44 Billion

Posted in Commentary with tags on April 25, 2022 by itnerd

I got up this morning to news that a deal was on the horizon. Now it’s official:

Twitter, Inc. (NYSE: TWTR) today announced that it has entered into a definitive agreement to be acquired by an entity wholly owned by Elon Musk, for $54.20 per share in cash in a transaction valued at approximately $44 billion. Upon completion of the transaction, Twitter will become a privately held company.

Under the terms of the agreement, Twitter stockholders will receive $54.20 in cash for each share of Twitter common stock that they own upon closing of the proposed transaction. The purchase price represents a 38% premium to Twitter’s closing stock price on April 1, 2022, which was the last trading day before Mr. Musk disclosed his approximately 9% stake in Twitter.

Here’s why Musk is buying Twitter:

“Free speech is the bedrock of a functioning democracy, and Twitter is the digital town square where matters vital to the future of humanity are debated,” said Mr. Musk. “I also want to make Twitter better than ever by enhancing the product with new features, making the algorithms open source to increase trust, defeating the spam bots, and authenticating all humans. Twitter has tremendous potential – I look forward to working with the company and the community of users to unlock it.”

We’ll see if that actually happens. I for one am skeptical that he’s capable of doing that as he quite the loose cannon who gets himself into trouble from time to time. But who knows? Maybe he’s smartened up? Or maybe Twitter is about to driven into the ground by Musk. We’re about to see which is going to happen.

Leave a comment »

Quantum Ransomware: The Fastest Ransomware Out There

Posted in Commentary with tags on April 25, 2022 by itnerd

The DFIR Report has released findings on Quantum Ransomware, one of the fastest ransomware cases they have observed. Researchers with The DFIR Report observed an IcedID payload go from initial access to domain wide ransomware in under four hours. Once the initial IcedID payload was executed, approximately 2 hours after initial infection, the threat actors appeared to begin hands-on-keyboard activity. Cobalt Strike and RDP were used to move across the network before using WMI and PsExec to deploy the Quantum ransomware. This case exemplified an extremely short Time-to-Ransom (TTR) of 3 hours and 44 minutes. 

I have a pair of comments on this. The first is from Chris Olson, CEO of The Media Trust had this to say:

“The speed of Quantum ransomware is consistent with recent findings that network defenders only have 43 minutes on average to stop a ransomware attack once it begins. Ultimately this shows that it is futile to respond to ransomware and encryption attacks after the fact. To protect themselves, organizations must pivot to prevention over treatment.”

“Importantly, today’s businesses must work to gain a detailed understanding of the way that ransomware attackers compromise their systems, from the reconnaissance phase through to execution. It’s easy to overlook the importance of digital attack surfaces such as the Web and mobile devices – but this is exactly where many ransomware incidents begin.”

The second comment is from Saryu Nayyar, CEO and Founder of Gurucul:

“This is an example of an attacker using multiple known methods that are linked together but are easily able to evade static flow-chart based machine learning and artificial intelligence found in most traditional SIEMs and XDR systems today. The key for security teams is to assume that “compromise is inevitable” and take a stance in improving their operations to handle quickly spun-up malware variants and changes in layered attack techniques that shows a high degree of persistence by threat actors. Organizations need to incorporate behavior-based analytics, a plethora of machine learning models, and more importantly self-trained machine learning that does not require vendor updates to detect these new attack campaigns.”

Clearly threat actors are becoming more and more advanced in how they launch attack campaigns, and they attacks themselves are even more sophisticated than ever before. That means that your organizations ability to detect threat actors really need to be priority one.

Leave a comment »

New BotenaGo Variant Targets IoT Devices

Posted in Commentary on April 25, 2022 by itnerd

Nozomi Networks Labs has discovered a new variant of BotenaGo malware, which is specifically targeting Lilin security camera DVR devices. BotenaGo malware, which has been deployed with over 30 exploit functions, is currently putting millions of IoT devices at risk of potential cyberattacks.

Chris Olson, CEO of The Media Trust had this to say:

“The existence of Lilin Scanner shows that malicious actors are exploiting simple and highly accessible code bases like BotenaGo to design malware with a far-reaching impact. This is especially concerning when BotenaGo – and similar exploit kits – contain vulnerabilities for Web servers and many other commonly used devices.”

“In my experience, most organizations are not sufficiently prepared for attacks that leverage Web, mobile and other digital surfaces – they are focused on classic channels like email and social engineering. But today’s attackers have caught on, and they are changing tactics in response. It’s critical for organizations to continually monitor their digital ecosystem if they want to remain in control and protect their customers.”

Your best defence in terms of keeping your IoT devices safe is to ensure that they are up to date in terms of firmware, and try to limit their access to the Internet. Otherwise you run the risk of getting pwned by this or some other malware that goes after IoT devices.

Leave a comment »

French Hospital Pwned In Cyberattack…. Data For Sale On The Dark Web

Posted in Commentary with tags on April 25, 2022 by itnerd

The GHT Coeur Grand Est. Hospitals and Health Care group in France has disconnected all of their incoming and outgoing internet connections after they discovered a cyberattack, which has sadly resulted in the theft of patient data. The cyberattack occurred on the 19th of April  and is leaving the hospitals nine locations and 6k employees without internet in order to protect and secure information systems and data, according to a translated statement from GHT and reported by Bleeping Computer which is very much worth reading as it contains a lot of detail, including the fact that this data appears to be for sale on the dark web. Which is not good.

Darren Williams, CEO, BlackFog had this to say about this cyberattack:

“Unfortunately attacks on healthcare are nothing new and they’ll always be a focus for cybercriminals, as the wealth of personal and private data is a virtual treasure trove for hackers. As the statement says, the hospitals are cutting internet connections to prevent further data theft, while investigating the flaw that ‘allowed’ the bad actors access to their network. When in reality, how they got in really doesn’t matter. History tells us that if an attacker really wants to find a way into a device or network, they will. If organizations continue to rely on cybersecurity tools that focus on keeping intruders out, the exfiltration of data leading to data loss and devastating breaches will continue. It’s time for IT leaders to think about cybersecurity in a new way, by focussing on preventing the exfiltration of data. Continued reliance on antiquated defensive cybersecurity approaches will only see hackers continuing to focus on and profit from extortion.”

This shows that having a strong defence system to keep the bad guys out is the only way not to end up as a headline story. Because that never ends well for anyone.

Leave a comment »

Trend Micro Announces Trend Micro One

Posted in Commentary with tags on April 25, 2022 by itnerd

Trend Micro Incorporated has announced the launch of Trend Micro One, a unified cybersecurity platform with a growing list of ecosystem technology partners that enables customers to better understand, communicate, and lower their cyber risk.

Organizations are battling on all fronts to face mounting cyber risks from their complex and growing attack surface with stretched teams and siloed security products. The unified security platform approach delivers a continuous lifecycle of risk and threat assessment with attack surface discovery, cyber risk analysis, and threat mitigation and response.  

Inaugural partners of the Trend Micro One technology ecosystem include: Bit Discovery, Google Cloud, Microsoft, Okta, Palo Alto Networks, ServiceNow, Slack, Qualys, Rapid7, Splunk, and Tenable.

According to Gartner®, “vendors are increasingly acquiring or developing these adjacent technologies and integrating them into a single platform. The benefits are best realized when this integration minimizes consoles and configuration planes and reuses components (e.g., endpoint agents) and information.”

As a unified platform, Trend Micro One delivers powerful risk assessment capabilities, but the ecosystem partners extend that to make it the most complete in the industry. Joint customers benefit from truly connected visibility, better detection and response capabilities, and comprehensive protection across security layers and systems.

Trend Micro One supports this approach by enabling customers to:

  • Discover the attack surface: Identify, monitor, and profile cyber assets in customers’ environments.
  • Understand and continuously assess risk: Analyze risk exposure, the status of vulnerabilities, the configuration of security controls, and types of threat activity.
  • Effectively mitigate risk: Ensure the right preventative controls and take swift action to mitigate risk and remediate attacks across the enterprise by leveraging Trend Micro’s threat and risk intelligence. 

Trend Micro One unified cybersecurity platform is available now. To see how it works and find out more, please visit: https://www.trendmicro.com/en_us/business/products/one-platform.html

Leave a comment »

Guest Post: Over 30 Million New Malware Samples Found In 2022 As Cyber Threats Evolve

Posted in Commentary with tags on April 25, 2022 by itnerd

A new year brings new cyber threats. According to the Atlas VPN team’s analysis, over 34 million new malware samples have already been discovered year-to-date. It means that, on average, hackers have been creating more than 316 thousand malware threats daily in 2022. 

Malware is a collective term for all types of malicious software, including computer viruses, worms, spyware, ransomware, and many others. It is one of the key reasons behind hacks and data breaches today.

Looking at the malware statistics month by month, January saw the biggest number of new malware developments. In total, 11.41 million new malware samples were registered in the first month of the year.

In February, new malware samples dropped by 22% to 8.93 million. They decreased again in March by 2% to 8.77 million. However, the newly discovered malware threats still amounted to 29.11 million in Q1 2022.

While April is not over yet, 5.65 million new malware samples have been discovered this month, bringing the total cumulative number of malware samples to 1,347.39 million in 2022.

Windows users are most at risk of new malware

Nowadays, no internet user is safe from malware. Cybercriminals continually develop new malware threats to exploit both computers and mobile devices. However, some operating systems are targeted more than others. 

Windows users are most at risk of catching malware, with 25.48 million new Windows malware samples detected year-to-date, the majority of which are Trojans. 

Windows is not only the most popular operating system in the world but also is known to have many vulnerabilities across different versions of its operating systems, making it an easy target for cybercriminals. 

Never before seen Android malware threats were also identified this year. In total, more than 536 thousand new Android malware samples have been found. Meanwhile, when it comes to macOS, we see over 2 thousand new malware threats. 

To read the full report, head over to: https://atlasvpn.com/blog/over-30-million-new-malware-samples-found-in-2022-as-cyber-threats-evolve

Leave a comment »

Review: Kensington Multi-Device Dual Wireless Compact Keyboard

Posted in Products with tags on April 25, 2022 by itnerd

An item that I have thought about adding to my desk setup is a keyboard. Now I’ve been using the keyboard on my MacBook Pro because it is so fantastic and has Touch ID to allow me to unlock the MacBook Pro quickly. But in the interest of seeing if I could I could do better, I gave the Kensington Multi-Device Dual Wireless Compact Keyboard a shot. Here’s what you get in the box.

Besides two AAA batteries and a 2.4 Ghz USB-A receiver, you get the keyboard. The keyboard is plastic, but it feels like high quality plastic. By the way, if black isn’t your thing, you can get it in white.

One handy design feature is that you can store the 2.4 GHz receiver inside the battery compartment. That way you should never lose it should you need it in the future.

The keyboard has some weight to it. That’s important because it means that will not move on your desk while you type. It’s pretty compact so you can travel with it without having it take up a lot of real estate in your bag. You’ll also note that it has a layout that works with PC or Mac. Thus you can use it with either platform, or both platforms via its marquee feature, which is that this keyboard has the ability to connect to three devices at the same time and switch between them using Bluetooth 3.0, Bluetooth 5.0, and 2.4 GHz wireless. That’s handy if you run multiple computers as part of your workflow. Once paired, you use the F10 key to switch between keyboards. And it worked without issue for me during my testing between a pair of Macs via Bluetooth, as well as a Mac and PC via Bluetooth and 2.4 GHz wireless.

From a typing perspective, the keyboard has a great feel. The keys are a bit firm, but they have great travel as the keys are scissor switches. That means that for people like me who learned to type on typewriters back in the age of the dinosaurs, it feels familiar. The keys are also about the same size as ones that you typically find on most notebooks. Which again will feel familiar. Meaning that you can type without having your brain go through gymnastics to deal with something that it perceives as being radically different.

Finally, the keyboard also claims AES-128 encryption as well for data that’s shuffled from the keyboard to the computer. There’s not a whole lot of documentation on this, but it’s nice to know that your keystrokes can’t be sniffed by a threat actor.

So will I use this keyboard going forward? As good as this keyboard is, I like to keep my desk minimal so I won’t be using it. However my wife works with both a PC and Mac at the same time, and she is also in the midst of re-doing her desk setup. So I’ll be setting this so that she can use it as it fits her use case much better than my use case. The Kensington Multi-Device Dual Wireless Compact Keyboard has a MSRP of $39.99 CAD and is absolutely worth having a look at if you juggle multiple computers and you only have space for one keyboard, or you need a small keyboard for when you travel.

1 Comment »

Elon Musk Could Take Over Twitter As Early As Today

Posted in Commentary with tags on April 25, 2022 by itnerd

It seems that the stars are aligning for Elon Musk to take over Twitter. Bloomberg is reporting via sources that this could happen as early as today:

Twitter Inc. is in the final stretch of negotiations about a $43 billion sale to Elon Musk that could rank as one of the biggest-ever leveraged buyouts of a listed company, people with knowledge of the matter said. 

The social media company is working to hammer out terms of a transaction and could reach an agreement as soon as Monday if negotiations go smoothly, according to the people, who asked not to be identified because the information is private. Musk is lining up partners for the acquisition and continues to speak to potential co-investors, one of the people said. 

Discussions between the billionaire Tesla Inc. founder and Twitter’s board about a takeover at $54.20 per share continued overnight into the early hours of Monday, the people said. Shares of Twitter jumped as much as 6.2% in pre-market U.S. trading Monday, hitting as high as $51.98.

Now whether this is a good thing for Twitter users is another question altogether. After all, Musk is best known for being a loose cannon. And having him at the helm of Twitter may not end well. But I guess we’ll have to if that’s the case. Assuming that this deal does close.

1 Comment »