Archive for September 3, 2022

BlackFog August State Of Ransomware Report Released

Posted in Commentary with tags on September 3, 2022 by itnerd

BlackFog has released the August State of Ransomware Report. You can read the report here. And I have commentary from Dr. Darren Williams, CEO and Founder of BlackFog:

     “August represents the second biggest month of ransomware attacks since we began recording ransomware attacks back in 2020. 

We continue to see increased attack rates in sectors with low levels of protection and aging infrastructure such Education and Government, with increases of 15% and 20% respectively. This month we also saw dramatic increases in Healthcare and Services sectors of 33% and 35% respectively as attackers look to broaden their targets.

Lockbit continued its dominance along with Conti at 14% and 16.5% respectively. The top 4 variants now contribute to 50% of all new attacks.

Lastly, this month we also saw that attacks leveraging the PowerShell for the first time hit 80%, a new record.”

I would give this report a read as it illustrates what those in on cybersecurity teams have to defend against.

HelpSystems Acquires Outflank

Posted in Commentary with tags on September 3, 2022 by itnerd

HelpSystems announced today the acquisition of Outflank, a well-regarded IT security leader with deep expertise in adversary simulation; specialist cyber security trainings; and a unique cloud-based software offering for red teams, Outflank Security Tooling (OST). Based in Amsterdam, the team of experts works with prominent financial institutions, multinational firms and other parties that require the highest level of security by employing ethical hacking methods that closely mimic those of real cyber criminals. The business joins the HelpSystems Offensive Security portfolio of vulnerability managementpenetration testing, and red teaming/adversary simulation solutions to help customers evaluate and prevent risk from many angles.

Many organizations seek advanced security assessments in the form of red teaming operations, yet few have the internal resources to carry out this critical task effectively. Some red teamers develop their own tools or look to niche, open-source options to undertake engagements. Outflank provides consulting, trainings, and a SaaS-based software toolkit that allows stringently vetted organizations to evaluate their defenses in light of today’s high-stakes security environment. In fact, the company developed its flagship Outflank Security Tooling solution to work in tandem with HelpSystems’ Cobalt Strike for a robust approach to adversary simulation.

HelpSystems is a software and services company focused on helping exceptional organizations secure and automate their operations. Their cybersecurity and automation solutions protect information and simplify IT processes to give our customers peace of mind. They know security and IT transformation is a journey, not a destination. Let’s move forward. Learn more at helpsystems.com.

Outflank is a highly specialized IT security company. All team members are seasoned professionals with many years’ experience in security testing and red teaming. The team has performed hundreds of security tests and red teaming engagements and trained nearly 1,000 IT and security professionals.  Their strong offensive experience is complemented with deep expertise in IT security defense. Outflank’s OST product is the market’s first solution offering a full spectrum toolset that supports other red teams in their critical jobs of testing security and organization’s resilience to advanced adversary simulations. The team recognizes the vital role of the infosec community and supports this by regularly sharing highly technical research from their specialists, but also advancing the development of the red team framework TIBER.

TELUS Waiving Long Distance Charges For Calls And Texts Made To Pakistan… And More

Posted in Commentary with tags on September 3, 2022 by itnerd

As a result of the monsoon flooding in Pakistan, I wanted mention what TELUS is doing to help their customers stay connected with loved ones.

Effective immediately, TELUS is waiving all roaming charges for calls, text and data overages for customers currently in Pakistan, as well as long distance home phone, mobile calls and SMS charges for those in Canada reaching out to friends and family in Pakistan.

In addition, TELUS is committing $50,000 to support the Canadian Red Cross Pakistan Floods Appeal.

Customers can also help support the relief efforts for those impacted by the monsoon rains through text-to-donate. To donate $10, customers can text PAKISTAN to 20222 from their personal mobile device.

For more information and new updates on this announcement, follow TELUS on Twitter and check out the TELUS website where they will continue to share the latest information. 

The Honeymoon Is Over With Bell

Posted in Commentary with tags on September 3, 2022 by itnerd

Now when I punted Rogers to get Bell’s Internet offering, I was under no illusions that they were the best telco. Sure they have a great Internet offering that destroys what Rogers offers by a lot. And their fibre footprint is massive compared to Rogers as well. But the one thing that Bell hasn’t got its head around is customer service. It’s pretty bad and likely isn’t helped by the fact that they outsource and offshore their customer service. And having a quality customer service organization might have helped in the situation that I found myself in this past Thursday.

On Thursday I went down to the car to get something that I had left in it. On my way back I encounter a Bell tech who was going into the building’s telco room. Now this really didn’t get my attention at the time because Bell since the Rogers outage on July 8th has been in this building a lot flipping people over from Rogers to Bell. But once I got upstairs and had my Internet and home phone go down within a minute of my arrival, the encounter with the Bell tech sprung to mind. Clearly he did something to take me offline. Instead of running downstairs, I phoned Bell. And that’s where the adventure, if you want to call it that starts.

The first person I got after waiting for seven minutes hung up on me when I started to explain my issue. That was rude. But I had heard that their call centre agents are known to do that when you phone in for technical support. So I called back and got another agent after waiting for another seven minutes. And I explained to him that I was seeing these error codes on the modem, along with the fact that a Bell tech was in the telco room of the building moments before this happened:

Now error 1201 is something that requires a Bell tech to fix. It’s the fiber signal failing somewhere along the chain, and not necessarily at the physical connection point to the modem. Error 2000 is the modem being unable to connect to the network.

In short, I needed a tech to come out and fix this. Or the dimwit from Bell who was downstairs to undo whatever he did. But the call centre rep didn’t see it that way. After accusing me of not knowing what I was talking about, which was very insulting, and trying to “boost” the signal according to him from his end, he gave up and booked me for an appointment for “maybe” Friday between 5 and 9 PM.

So let’s think about this. A Bell tech enters a building, and within minutes I lose Internet and home phone, and instead of going down the path of figuring out who was in the building so that they could fix the problem quickly, they’re going to leave a customer without Internet access for a day or more. Maybe. I guess that makes sense to Bell, but it sure didn’t make sense to me. So I escalated the issue and got a woman who tried to hold the party line. But when I pointed out that I have been a Bell customer for just over one billing cycle, and I came over from Rogers, and right at that moment they aren’t looking any better than Rogers, she changed her tune. It did take her 20 minutes, but she got me an appointment for 5 PM on Thursday which I took.

Let’s fast forward to 5PM. Or more specifically 5:10 PM when I got a call from the Bell tech to let me know that he was en route. After I hung up with him I realized that without a home phone, there was no way for me to let him into the building. So I went downstairs to meet him. When he arrived I identified myself and explained why I was down there. That’s when he told me that since the Rogers outage, he’s been in the building so often doing installs that the property manager gave him and three other techs proximity keys to the building.

Rogers should be freaking if that’s the case.

I escorted him into my unit where he ran some tests on the modem, and the fibre cables in my unit. All of them were fine. He then went down to the telco room and came back 10 minutes later. He said that “a cable was disconnected and I all did was plug it back in.” I told him about my encounter with the Bell tech earlier in the day, and how my Internet went out minutes later and his response was a nervous laugh and he didn’t comment further. Now while I don’t want to climb inside anyone’s head, I am going to guess that he wasn’t surprised by this and he knew who it was that did this.

A few minutes later, I was back on the Internet. But unfortunately the modem had reset itself to factory defaults. That wasn’t a big deal as after thanking the tech and sending him on his way, I set it up in this manner again which only took a few minutes.

So, I will give the tech who fixed my issue top marks for both actually fixing the problem, but being professional which is a backhanded way of saying that he didn’t throw his coworker under the bus. In fact, any Bell tech I have ever dealt with either personally or on behalf of a client of mine has been great to work with. But their call centre reps on the other hand get a failing grade from me. One hung up on me, one really didn’t listen to what I was saying and kind of insulted me, and the last one is the only one who came close to understanding my issue and getting the resolution that I wanted.

Frankly, Bell has to do way better on that front if they truly want to take out Rogers.

I’ve said it before and I will say it again. If I were Mirko Bibic the CEO of Bell, I’d be doing everything possible to improve the customer experience as my experience with their call centre reps was not that good. And improving the customer experience should include ending their practice of outsourcing and offshoring their customer service staff. I say that because Rogers doesn’t have outsourced and offshore staff, and their customer experience is far better than Bell’s. And that was enough for my wife and I to hang in with them despite the fact that their Internet offering was substandard in comparison to what Bell offers. That is until their outage issues forced us to Bell. But to be clear, if Rogers somehow is able to get their act together and comes up with an Internet offering that is actually competitive with Bell and actually reliable, and Rogers customer service continues to better than Bell, then they may have the means to lure us back. Because having great customer service is what matters. And right now, Bell doesn’t have that. At least not at the call centre level.