Archive for January, 2023

« Older Entries
Newer Entries »

Hacker Claims That Hilton Hotels Data From 2017 On 3.7 Million Users Of Their Loyalty Program Is For Sale

Posted in Commentary with tags on January 25, 2023 by itnerd

Having personally been a victim in the Marriott hack where data on millions of guests went into the dark web, I am sensitive to other hacks of this type. Which is why this story about Hilton Hotels got my attention:

User data of Hilton Hotels have been put on sale on a dark web forum. A forum user under the alias IntelBroker has offered a database of 3.7 million users belonging to the Hilton Hotels Honors program.  

“Today I have uploaded the Hilton Hotels Honors 2017 Database for you to download,” said the post. 

According to the threat actor, the data contains personally identifiable information (PII) such as honors ID, address, name etc. However, the hotel group’s spokesperson denied any possibility of a data breach news

There is no evidence to suggest Hilton systems have been compromised, and we can confirm that no guest passwords, contacts or financial information have been disclosed,” the spokesperson told The Cyber Express. 

“We are investigating this report closely and taking all appropriate measures to ensure the continued security of our Hilton Honors members’ and guests’ information.”   

So, until someone tests this claim by verifying the information, which to be clear dates back to 2017, we have no confirmation that this is legit. And even though Hilton was previously pwned in 2015, there’s no indication that they have been pwned again. At least not yet.

David McCaw, Co-Founder & CRO, Dasera had this to say:

“The recent alleged data breach of Hilton Hotels’ Loyalty Program is a bit unsettling. With the high probability of any company being the victim of a data breach, it’s worrying that a hacker could possibly lie about a data breach of this magnitude and draw attention, eroding at least a bit of the organization’s reputation. Regardless, Hilton’s prompt response and due diligence into the alleged hack should be commended. Data security is of the utmost importance, and more than anyone, Hilton understands the concerns the recent news may have caused for its customers, myself being one of them. We all need to fully accept and recognize that data breaches can happen to any organization and it is crucial to have strong data governance and security measures in place to prevent them. This includes regular security audits, access controls, encryption, employee training on security best practices, and incident response plans in case of a security breach. We hope for Hilton’s and their customers’ sake that the situation will be resolved quickly and efficiently and that they remain committed to keeping their customers’ personal information secure.”

This is one of these situations where we will have to watch and see if this is legit and how bad this is. And more importantly, how Hilton responds to this.

Leave a comment »

Riot Games Pwned And The Company Gives The Hackers Behind It A Big Middle Finger

Posted in Commentary with tags on January 25, 2023 by itnerd

I report on companies getting pwned by hackers. But I rarely get to report on companies that have been pwned flipping the bird metaphorically speaking to said hackers. Take Riot Games. They were hacked last week.

Yesterday, the company updated this situation with a very interesting response:

So the company had source code stolen. But they aren’t going to pay the hackers who were apparently were asking for $10 million.

While in the short term, I can see a scenario where cheats for various Riot Games appear, this is the right decision because stolen data is only valuable if the hackers get paid. So how valuable is the data that was stolen I ask? And also, Riot has been very transparent. More so than I am used to seeing.

David Maynor, Senior Director of Threat Intelligence, Cybrary had this to say:

   “This is one of the better way to handle an ransomware event. They laid everything out include potential downsides but ends on a cherry note that most of the stolen code was prototype and was never designed to be released. This is transparency personified.”

Michael Slipsager, CEO, BullWall follows up with this commentary:

   “Riot Games will not be paying the $10 million ransom demand to stop the leak of their source code.  Good for them and for practicing full transparency on the breach, as paying the ransom not only emboldens hackers to continue their attacks, but it also does not guarantee that the stolen data will not be released.

   “Despite taking steps to protect their data, even companies with strong security measures in place can still fall victim to a ransom attack and can still suffer the consequences of a ransom attack, such as loss of sensitive data, reputational damage, and financial losses. 

   “Even well-prepared companies like Riot Games may find themselves vulnerable to a ransom attack and it is important for all companies to stay vigilant and have a robust incident response plan in place to minimize the impact of such attacks.”

I applaud Riot Games for taking this stance. If more companies would do something like this as opposed to paying the ransom, hackers would be out of business shortly thereafter.

Leave a comment »

ThreatConnects Announces Industry-First Platform Explicitly For Threat Intelligence Operations

Posted in Commentary with tags on January 25, 2023 by itnerd

Today, cyber threat intelligence company ThreatConnect released the industry’s first threat intelligence (TI) platform explicitly designed for TI Ops. The new release radically increases the effectiveness of threat intelligence analysts and security operations teams by bringing together the power of human analysis,  ML-powered analytics and intelligence, and automation. 

The ThreatConnect Platform enables organizations to achieve alignment between security operations and the critical risks to the business, better security efficiencies, and greater effectiveness, including faster time to mitigate essential vulnerabilities and faster mean time to detect (MTTD) and respond (MTTR) to threats. In a recent survey of ThreatConnect customers, more than 68% of respondents said that the product helped them improve their MTTR by more than 50%.

In the same study, 95% of respondents noted that ThreatConnect enabled them to get more value from their existing security tools, such as SIEM, XDR, and SOAR. Customers can now go beyond just managing threat intel to operationalizing it and fusing it across every part of your security program, from threat investigation to incident response to vulnerability management with ThreatConnect’s ML-Powered Global Intelligence and Analytics with CAL™ v3.0, Native Reporting Engine, and Built-in Enrichment.

For more information, there’s a blog post that you can read a this link: ThreatConnect 7.0: The Industry’s First Threat Intelligence Operations (TI Ops) Platform.

Leave a comment »

Bell Is Rolling Out New Firmware To The Gigahub [UPDATED]

Posted in Commentary with tags on January 25, 2023 by itnerd

You might have been following my coverage of Bell’s rollout of the new Gigahub which is the hardware that they supply to their Bell Fibe customers. Out of the box, it had issues. And I put out a request for help identifying these issues as I was getting a lot of emails asking for help. Ultimately Bell identified these issues via a Bell employee who frequents the DSLReports.com forums called “Bell_Dom”. A firmware update then came out that fixed the initial rollout had. But you had an ask for it.

That seems to have changed in the last few days as according to this thread on DSLReports.com, Bell appears to be rolling this out widely. The firmware is version 1.7.8.1 and it is specific to the Gigahub. One bonus of this new firmware is that it finally fixes the issue of WiFi re-enabling when you reboot the Gigahub. That’s something that I wish that Bell would bring that down to the HH4000 as that bug is annoying.

Have you received this update on your Gigahub? What has your experience been? Please leave a comment below and share your experience.

UPDATE: This firmware is for the HH4000 and not the Gigahub. The Gigahub is apparently getting version 1.6 of its firmware pushed out to it.

10 Comments »

Early Morning Microsoft Outage Caused By “Network Change”

Posted in Commentary with tags on January 25, 2023 by itnerd

Early this morning, Microsoft had an outage that affected, but were not limited to the following services:

  • Teams
  • Xbox Live
  • Outlook
  • Microsoft 365 
  • Minecraft
  • Azure
  • GitHub
  • Microsoft Store

The issue started at about 2.30 a.m. EST and ended about 2 hours later. What’s interesting is that Microsoft said this:

So Microsoft made a change that broke a lot of their online services and had to roll it back. That does happen from time to time with the best example that I can think of is Rogers and their July outage. But that creates issues for people who rely on said services. My question for Microsoft, which I hope they answer is what specifically happened and what will they do to ensure that it doesn’t happen again. Microsoft does give some version of this information out, so I for one will be interested to see what they say.

1 Comment »

UWindsor Secures $5M Partnership With TELUS To Propel 5G Research

Posted in Commentary with tags on January 25, 2023 by itnerd

The University of Windsor (UWindsor) and TELUS today announced the launch of a 5G connected campus and commercial lab to support advanced research with 5G technology and establish the university as a go-to centre for innovation. TELUS, a world-leading communications technology company, is investing $5 million as part of a multi-year agreement that began in 2020 to fuel the development of new applications for 5G technology. The collaboration will not only support multidisciplinary research in the agriculture, advanced manufacturing, and connected and autonomous vehicles (CAVs) sectors, but will transform UWindsor campuses to enhance teaching, innovation and collaboration.

Beyond the development of the 5G commercial lab, the central space in the Ed Lumley Centre for Engineering and Innovation will be named the TELUS Atrium. The area is fostering collaborative concept discovery, ideation and creativity as students and researchers build solutions that meet today’s global challenges. Initial joint projects include:

Equipping connected vehicles for cross-border travel using 5G

  • Working with the Ontario Vehicle Innovation Network (OVIN), Original Equipment Manufacturers (OEMs) and policy makers to better equip connected vehicles to solve cross border challenges, including congestion and supply chain obstacles, using 5G.

Developing new cybersecurity applications for connected and autonomous vehicles (CAVs) 

  • In collaboration with Mitacs, a nonprofit national research organization, this project will explore the use of artificial intelligence (AI) and deep learning to identify potential vulnerabilities and access points in CAVs, enhancing safety and security.

Exploring the effective use of AI and Internet of Things (IoT) sensors in high-tech greenhouses to enable more efficient food production

  • UWindsor has partnered with Horteca to launch a two-acre, fully-operational connected research greenhouse in Harrow, Ontario. Using 5G network technology, the greenhouse will use IoT and compute capabilities to make food production more scalable, while reducing cost and footprint.

TELUS’ next generation networks are unleashing human productivity and contributing to improved health and educational outcomes, supporting environmental sustainability, fostering entrepreneurship, bridging the socio-economic divide, and driving economic growth. The agreement will build on the strength of existing partnerships to provide UWindsor and industry and community partners with the infrastructure, expertise and processes to enable new collaborations driving future public-cooperation agreements.

The TELUS 5G network currently reaches approximately 80 per cent of the Canadian population from coast-to-coast as part of its significant $70 billion investment to further develop infrastructure and operations through 2026, demonstrating its commitment to connecting Canadians and driving remarkable social outcomes in our communities. To learn more about TELUS’ 5G network visit telus.com/network.

To learn more about UWindsor’s research and innovation programs, visit http://uwindsor.ca/research-partnerships.

Leave a comment »

New Research Details Bounce The Ticket And Silver Iodide Attacks In Azure AD

Posted in Commentary with tags on January 25, 2023 by itnerd

Silverfort research has found adversaries could attack the new Microsoft Azure AD Kerberos authentication protocol to move laterally around hybrid environments.

Made generally available in August 2022 to enable cloud authentication for IaaS workloads such as servers and file shares, the new protocol is exposed to the two new techniques which evolve long-standing Silver Ticket and Pass the Ticket attacks – both of which are already well-used by threat actors to move laterally. 

The new version of Pass-The Ticket, called Bounce the Ticket, allows an attacker to steal Kerberos tickets from memory and use these to manipulate the Azure Ticket Granting System into granting malicious access to cloud workloads such as servers. This could be used to pivot around hybrid environments.   

In the enhanced Silver Ticket attack, called Silver Iodide, the Silverfort research team was able to attack Azure Files and forge Kerberos tickets to demonstrate how a threat actor could escalate privileges on the cloud-based File Share. 

Like many attacks on identity systems, the issues described lie in the underlying logic of the protocol. Fixing them would require re-engineering Kerberos – it is not simply a case of patching code. Both techniques were shared with Microsoft’s MSRC team prior to publication. 

You can read the research here.

Leave a comment »

Apple Has Done It Again…. Base Model M2 Macs Have Slower SSD’s…. And That Includes The Pro Models

Posted in Commentary on January 25, 2023 by itnerd

Back in June when the new MacBook Air and MacBook Pro both with the M2 processor shipped, a controversy erupted when it was discovered that the base model computers had slower SSD’s installed versus the base model M1 equivalent computers. At the time I said this as to the reason why they were slower:

This is due 256GB model is equipped with only a single NAND flash storage chip. The M1 version had two NAND chips that were likely 128GB each. This creates a RAID like setup that resulted in better performance. The only reason why I can think that Apple did this to save a few bucks so that they can have higher margins on the computer. And what makes that worse is that Apple raised the price this time around. 

I then declared that the base model was a bad deal and you should skip it entirely and upgrade to 512GB. It now seems that Apple has done it again. Both MacRumors and 9to5Mac are reporting that the new Mac mini at the base model level has a single NAND chip. And what’s worse, Apple’s cost cutting has now seemed to have spread to their “pro” as 9to5Mac is reporting that the base model 14″ MacBook Pro with the M2 Pro chip comes with a single NAND SSD setup. Which means that it has similar performance, meaning it has bad performance.

Now while I don’t like the fact that Apple’s cost cutting affects their entry level computers, I get it. Those are built to a price point. But for it to hit their “pro” computers where people willingly pay a premium for is inexcusable. I honestly don’t understand why Apple would do that. I can only conclude that Apple is counting on the fact that most “pro” users will custom order their computers with higher storage options which avoids this problem entirely. If that’s the case, that’s really a cynical view by Apple.

And just generally, Apple doing this again after getting significant blowback when they did this last summer is just mind blowing as you’d think that Apple would have wanted to avoid a second go round of this controversy. One person that I know suggested that Apple really must want to screw over their customers. I wouldn’t go that far, but the optics of this situation do not look good for Apple. And I guess that going forward, if you want to buy a Mac, and you expect decent levels of performance, you need to spend more money because Apple is basically forcing you to do so.

That’s really not a good look for Apple if you ask me.

Leave a comment »

BREAKING: Federal Court Dismisses Rogers/Shaw Appeal

Posted in Commentary with tags , , on January 24, 2023 by itnerd

In a blow to consumers, the Federal Court of Appeal has shot down the Competition Bureau’s request to blog the merger of Rogers and Shaw. That leaves this whole thing up to federal Innovation Minister François-Philippe Champagne. And he Tweeted this:

At this point, the Federal Government hasn’t shown any interest in shooting what is clearly a merger that harms consumers out of the sky. Thus I do not have high hopes that Champagne will do anything but allow this merger to go through. And consumers will literally pay the price at the end of the day.

It’s truly too bad that Canada doesn’t have a federal government who recognizes that Canada pays far too much money for their telco services and is prepared to address the issue. While I am free to be surprised on that front, I don’t think I will be.

1 Comment »

DOJ Slaps Google With An Antitrust Lawsuit

Posted in Commentary with tags on January 24, 2023 by itnerd

News has just dropped that Google has been hit with an antitrust lawsuit. Actually, it’s the second one in two years that has Google has been served up with. CNBC has the details:

This lawsuit, which is focused on Google’s online advertising business and seeks to make Google divest parts of the business, is the first against the company filed under the Biden administration. The department’s earlier lawsuit, filed in October 2020 under the Trump administration, accused Google of using its alleged monopoly power to cut off competition for internet search through exclusionary agreements. That case is expected to go to trial in September.

Google’s advertising business generated $54.5 billion in the quarter ended Sept. 30 from Search, YouTube, Google Network ads and other advertising.

Google also faces three other antitrust lawsuits from large groups of state attorneys general, including one focused on its advertising business led by Texas Attorney General Ken Paxton.

The states of California, Colorado, Connecticut, New Jersey, New York, Rhode Island, Tennessee and Virginia joined the DOJ in the latest lawsuit.

This is likely a sign of things to come as big tech is in the crosshairs of the US Government. Companies like Microsoft and Apple are likely to get served with similar lawsuits at some point. But in the here and now, execs at Google must be not be very happy about this.

Leave a comment »

« Older Entries
Newer Entries »