Archive for February 2, 2023

Public School In Massachusetts Gets Pwned In Ransomware Attack

Posted in Commentary with tags on February 2, 2023 by itnerd

On Tuesday, a public school in Nantucket Island, Massachusetts suffered a ransomware attack, forcing them to shut down:

“Together with outside data security experts, our Information Technology Department has been working very hard all day to restore our computers and internet service,” Superintendent Beth Hallett said Tuesday in a message to the the school community.

Students in the island’s five public schools were sent home at noon Tuesday and told not to use school-issued electronic devices. The district has nearly 1,700 students, according to state records.

“All student and staff devices have been shut down, and our safety and security systems, including phones and security cameras, are also disabled,” Hallett said in an email to parents.

Brian Johnson, CISO at Armorblox shared his thoughts on this topic:

Educational institutions have one of the largest attack surfaces of all industries. There are thousands of faculty, parents, students and even alumni all accessing the same network through their laptops, phones, and tablets on a daily basis. All it takes is for one of them to click a link or open an attachment in a phishing email to compromise the whole thing for financial gain, to disrupt classes, or for other potentially destructive purposes. We’ve seen every variation of phishing email possible—from “schools” asking alumni for donations to “teachers” asking students to login with their credentials and review an important document. There’s no amount of cybersecurity training or education that can cover such a broad user base. With limited budgets and staff, educational institutions need to automate their security operations as much as possible. And with ChatGPT making it easier than ever for cybercriminals to spin up legitimately looking phishing and business compromise emails, schools and universities need to invest in their own natural language-based AI defenses that are trained to spot even the most realistic looking and sounding phishing emails and stop that one person who would have clicked from having to even think about it.  

The challenge that schools have is that they are often cash strapped. So that makes them prime targets for being pwned. Hopefully they can scale up their defences so that they stop being targets.

66% of Black Business Owners Paid Expenses And Employees With Personal Funds: Intuit QuickBook Study

Posted in Commentary with tags on February 2, 2023 by itnerd

In acknowledgement of Black History Month, Intuit QuickBooks released new small business survey findings, emphasizing the persistent economic and social hurdles the Black entrepreneurial community faces. 

The survey reveals that 55% of Black business owners have been denied a business loan at least once. Despite this, and the many barriers Black business owners face, they have the courage to take risks, show up for their community, and support future generations of business owners. In fact, 70% view their success as important for the success of future generations of Black entrepreneurs.

Key themes and findings from Black business owners in Canada for 2023 include:

  1. Financial struggles and disparities are barriers to success 
  • 66% have had to pay expenses and/or employees with personal funds in the last two years 
  • 58% needed $10,000 or more to start their businesses – compared to only 41% of non-Black business 
  • 56% of Black business owners were able to pay themselves in 2022 – compared to 71% of non-Black business owners
  1. Community is crucial 
  • 83% have volunteered their personal time to community service in the last year 
  • 70% feel a need for their business to give back to the Black community
  • 49% of Black business owners agree that successful Black businesses are critical for a thriving Black community
  1. Educate and inform future generations
  • 75% think mentorship of the next generation of Black business owners is important for the advancement of successful Black businesses  
  • 52% of Black business owners think the next generation will experience less hardships than they have

Methodology and Sample 

Intuit QuickBooks commissioned online surveys, completed in December 2022, of 1,000 (500 Black and 500 non-Black) business owner respondents in Canada (adults aged 18+). There were 432 small business owners out of 500 Black respondents and 456 small business owners out of 500 non-Black respondents. The approximate average annual revenues are $71,200 for Black business owners and $83,750 for non-Black business owners. The average number of employees per business is 36 for Black business owners and 35 for non-Black business owners. Among Black business owners, 35% have 1-10 employees. Among non-Black business owners, 41% have 1-10 employees. Percentages have been rounded to the nearest decimal place so values shown in charts and graphics may not add up to 100%. Responses were collected in online surveys using Pollfish audience pools and partner networks with double opt-ins, random device engagement sampling, and post-stratification based on local census data to ensure accurate targeting and results. Respondents received remuneration.

New Cisco AppDynamics research reveals how a security approach for the full applications stack is now a priority for Canadian and global organizations

Posted in Commentary with tags on February 2, 2023 by itnerd

Cisco AppDynamics research called “The shift to a security approach for the full application stack.”  has just hit the streets. I’ve highlighted some Canadian specific findings.  

95% of Canadian technologists admit that the rush to rapidly innovate and respond to the changing needs of customers and users has come at the expense of robust application security during software development, according to new Cisco AppDynamics research, “The shift to a security approach for the full application stack.”  

The research reveals that 88% of Canadian technologists report that their organization has experienced an expansion in its attack surfaces over the last two years. As IT teams have accelerated release velocity and built more dynamic applications across more platforms, application security hasn’t kept pace. And 49% of Canadian technologists admit that their organization often ends up in “security limbo” because they don’t know what to focus on and prioritize. 

However, Canadian organizations are now looking ahead and are willing to break down the silos within the IT department and bridging the gap between IT operations and security. 45% have already started taking a DevSecOps approach, and 44% are currently considering making the shift. 

The shift to a security approach for the full application stack” research was conducted between July and August 2022 and includes finding from 1,150 IT professionals interviewed across 13 markets worldwide, including Canada.  

Key takeaways from the report include: 

  • Top global applications security challenges for 2023 include: lack of visibility into attacks surfaces and difficulty prioritizing threats 
  • 76% of Canadian technologists report that a lack of application security skills and resources is now an issue for their organizations 
  • 77% of Canadian technologists feel that their organization is vulnerable to a multi-staged security attack over the next 12 months  
  • 94% of Canadian technologists believe that it’s important to be able to contextualize security 
  • More than a third of technologists report that their ITOps teams only collaborate with security teams when there is a potential issue, if at all 
  • 75% of Canadian technologists state that the implementation of a security approach for the full application stack is now a priority for their organization

You’ll find the full story around the research here.

Discord Voice Chat Coming Soon to PlayStation 5

Posted in Commentary with tags , on February 2, 2023 by itnerd

Today, Discord and PlayStation officially announced a new chapter in their partnership and another step forward for cross-platform gaming: Discord voice chat on the PlayStation 5 console. This highly anticipated integration is available now for PS5 beta participants and will be coming later this year for all PlayStation 5 console owners.

Discord has been the go-to place for gamers on PC, mobile, and console to talk together while playing their favorite games. Last year in January, Discord took that one step further with PlayStation by giving users the ability to link their PlayStation Network account from Discord and display their PlayStation 4 or PlayStation 5 game activity in their user profile. Now, with this newest integration, more players from all over the world will be able to connect with their friends and play the games they love, no matter where they play — including your PlayStation 5 console.

Using Discord voice chat on the PlayStation 5 console will be easy — to get started, users who are part of the beta test should:

  • From the PS5 console, connect their PlayStation Network account to their Discord account to grant Voice Access to their console.
    • Note: if you’ve linked your PSN and Discord accounts in the past to display what game you’re playing, you’ll need to link your accounts again on your PS5 console to grant the new permissions needed for Discord voice chat.
  • Join the desired voice channel on Discord.
  • From the Discord client (desktop, browser, or mobile app) select the option to Transfer to Console and choose the PlayStation 5 console associated with the PSN ID connected to their Discord account.
  • Press Transfer Voice and use Discord voice chat on their PlayStation 5 console.

You can learn more information on the integration in the blog post here. I also have a video for your viewing pleasure below:

Guest Post: This is how much hacked streaming accounts cost on the dark web

Posted in Commentary with tags on February 2, 2023 by itnerd

With the rising popularity of streaming services, they have also become the prime target of cybercriminals. Some hackers may be after a free ride on your Netflix or Spotify account, others after your personal details, while a chunk of hackers try to profit by selling hacked streaming accounts on the dark web. 

The Atlas VPN team, using data from Whizcase, reports that dark web accounts for popular streaming services are sold for an average of $11.

The cheapest accounts belong to SoundCloud users. They are being sold for as little as $6. 

On the other side of the spectrum are Apple Music and Disney+. They have the biggest price tag among hacked streaming accounts on the dark web, around $15 and $14, respectively. 

Spotify and Netflix accounts are offered at $12 each, while Hulu and Twitch accounts are sold for $11, followed by HBO Max at $10. In the meantime, hacked accounts of Amazon Prime Video users are being offered for $9.

Streaming accounts typically contain not only the user’s name, surname, date of birth, and contact information but also often have linked payment methods, making them a valuable target for cybercriminals.

Fraudsters frequently gain unauthorized access to people’s streaming accounts using login credentials obtained from data breaches. This happens because many people use the same login information for multiple accounts. If one of the accounts gets compromised in a breach, others are also at risk. Hackers can also use phishing scams to trick people into giving away sensitive information that can then be used to access their accounts.

To read the full article, head over to:

New Research: Hackers Leverage ClickFunnels Online Building Tool to Redirect Users to Malicious Links

Posted in Commentary with tags on February 2, 2023 by itnerd

Avanan, a Check Point Software Company, has released its latest research that analyzes how hackers bypass security services by leveraging ClickFunnels, an online service that helps entrepreneurs and small businesses generate leads, build marketing engines and grow their businesses. 

In this attack, recipients are presented with an email that they have a file ready to be reviewed, and encourages them to click on the provided link to view the document. However, clicking on the “Document Review” link redirects them to a malicious download that introduces them to a malicious credential harvesting document. 

You can read Avanan’s research here.

Southwest Airlines Brand Used In Phishing Scam

Posted in Commentary with tags on February 2, 2023 by itnerd

INKY has published a new Fresh Phish, in which INKY’s cybersecurity research analyst explains how the Southwest Airlines brand was used as the lure for a credential harvesting phishing scam.

This report details how the phisher used a survey and gift card scam via legitimate, newly created domains to deliver emails that have been able to circumvent most email security systems. 

You can read the research here.

Silverfort Launches Free Identity Risk Assessment 

Posted in Commentary with tags on February 2, 2023 by itnerd

Silverfort, today launched the most comprehensive free identity risk assessment available to help organizations discover the gaps and hygiene issues in their identity attack surface which may cause cyber insurance compliance failures. Intended to be used by companies with 250 or more employees, the assessment will help meet expanding cyber insurance requirements in advance of a policy application or renewal.   

Simple to deploy and providing visibility into all user authentications, Silverfort’s identity risk assessment operates at a directory level to report with in-depth visibility on the identity attack surface. The report summarizes risky user accounts and authentications as well as risk indicators such as shadow admins, passwords that never expire, admins liable to Kerberoasting, pass-the-ticket and lateral movement attempts, authentications using weak encryption protocols, unprotected Service Accounts and more.  

These common attack paths are used by threat actors to move laterally around an organization and propagate the ransomware responsible for more than half of all cyber insurance payouts last year. For this reason, identity security hygiene has become increasingly important to insurance underwriters.          

Cyber insurance premiums continue to increase due to the routine manner by which adversaries use these gaps in identity to spread in their victim’s environment and ultimately extort them for payment. In response, insurance carriers and brokers have added detailed identity security requirements and increased scrutiny around how controls are deployed and managed. MFA is now required to protect an expanded range of internal apps, interfaces, and systems, including VPNs, file shares, networking equipment, legacy systems, and CLI admin tools. Insurers are also increasing Privileged Access Management (PAM) requirements for highly privileged and non-human users, with the discovery and password hygiene of Service Accounts coming under particular scrutiny.  

The free assessment is part of a broader program to improve the identity security maturity of organizations for insurance compliance attestation. Major brokers such as AcrisureHowden Group and other insurance carriers and intermediaries are now offering Silverfort’s Unified Identity Protection solution to help more customers qualify for cyber insurance policies.  

To request an assessment, simply register on the Silverfort website and a representative will be in touch to assist.  

US Senator To Apple And Google: Remove TikTok From Your App Stores

Posted in Commentary with tags on February 2, 2023 by itnerd

There’s a growing momentum to ban Chinese owned TikTok on the grounds of national security. And over the last few months there have been moves to ban TikTok from government devices for example. But CNN is reporting that one US senator is calling on Apple and Google to ban TikTok outright:

A member of the Senate Intelligence Committee is calling on Apple and Google to remove TikTok from their app stores over concerns about national security, in the latest indication of mounting scrutiny on the short-form video app from members of Congress. 

In a letter sent to the two tech giants on Thursday, Colorado Democratic Sen. Michael Bennet calls TikTok “an unacceptable threat to the national security of the United States.”


We should accept the very real possibility that [China] could compel TikTok, via ByteDance, to use its influence to advance Chinese government interests,” Bennet wrote, “for example, by tweaking its algorithm to present Americans content to undermine U.S. democratic institutions or muffle criticisms” of China’s handling of Hong Kong, Taiwan or ethnic minorities.

This isn’t the first time that someone has called on Google and Apple to ban TikTok. And neither company is likely to respond to this in any meaningful way. What that will likely mean is if politicians want TikTok banned, they will have to do it themselves and not rely on Google and Apple to do it for them. And seeing how anything China related is a hot button issue in the US right now, I can see that happening. Eventually.

Twitter Kills Free Access To APIs As Elon Musk Desperately Looks For Sources Of Income… Or To Hide How Bad Twitter Has Become

Posted in Commentary with tags on February 2, 2023 by itnerd

The latest attempt by Elon Musk to find a way for Twitter to make money is now coming in the form of this:

So Twitter is cutting off free API (Application Programming Interface) access, and instead wants to get paid for API access. Besides developers who use the Twitter API for scores of things such as tracking changes among Twitter accounts and offer alerts, researchers use the Twitter API to do things like track hate speech and misinformation. So besides the need of Elon to make money as fast as possible by charging for API access, the cynic in me wonders if he’s also trying to cut off access to Twitter so that it becomes much harder to see what a toxic cesspool Twitter has become since he took over. After all, the people who track this sort of stuff aren’t swimming in cash. Thus this would be a blow to them. But it would be great for Elon as stories about hate speech exploding on Twitter for example would drop. Then there’s the fact that the Twitter API is also used by the newsgathering service Dataminr to alert journalists to information that emerges on Twitter in real time. That really bad if you’re a New York Times, or a CNBC.

All of this comes after Twitter in the dark of night changed the rules so that third party clients were banned. Which means you have to wonder what is next from Elon. I guess we won’t have long to find out as there’s no evidence that Twitter hasn’t stopped bleeding cash. Which means that Elon will simply get more desperate to make money.