06 | April | 2023 | The IT Nerd

Archive for April 6, 2023

Western Digital Got Pwned…. And Customers Cannot Access Their Data In Western Digital’s Cloud

Posted in Commentary with tags Western Digital on April 6, 2023 by itnerd

Something that I tell clients all the time is that “the cloud” is just someone else’s computer. Which means it is subject to all the problems that one can have with a computer. Including the fact that it can get pwned by threat actors. A case in point is the fact that hard drive manufacturer Western Digital has been pwned by threat actors three days ago. Though they might have been pwned earlier:

On March 26, 2023, Western Digital identified a network security incident involving Western Digital’s systems. In connection with the ongoing incident, an unauthorized third party gained access to a number of the Company’s systems.

Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts. This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities.

The Company is implementing proactive measures to secure its business operations including taking systems and services offline and will continue taking additional steps as appropriate. As part of its remediation efforts, Western Digital is actively working to restore impacted infrastructure and services. Based on the investigation to date, the Company believes the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data.

While Western Digital is focused on remediating this security incident, it has caused and may continue to cause disruption to parts of the Company’s business operations.

And as a result of that pwnage, a bunch of Western Digital services were shut down. You can see the list here. There’s currently no word on when these services may come back up. But that’s not the worst of it. From what I can tell, thousands of people are without their files and Western Digital’s customer service department isn’t keeping its customers updated about what is happening or the progress.

You can read more about what people are experiencing here. But here’s the bottom line this isn’t a good look for Western Digital.

I personally have recommended their hard drives for years. They’re reliable and they haven’t caused myself or any of my clients issues. Their cloud service on the other hand is something I have never recommended. Instead, I direct people towards a service like Blackblaze which is purpose built for backing up your data off site. And I do that because I have never been 100% convinced that what Western Digital is offering would be safe and robust. I believe that I might have been proven right on that front. That’s not to say that Backblaze couldn’t get pwned as well. I guess what I am saying that I have a lot more trust in Backblaze than I do with Western Digital.

1 Comment »

Guest Post: VPN downloads in Italy skyrocket by 400% after ChatGPT block

Posted in Commentary with tags Atlas VPN on April 6, 2023 by itnerd

OpenAI, the developer of the popular generative AI chatbot, ChatGPT, has begun geoblocking access to its service in Italy. This decision comes after the local data protection authority ordered OpenAI to halt processing Italians’ data for the ChatGPT service.

As a result, there has been a significant surge in VPN downloads in Italy, with a staggering 400% increase in usage.

During March, Italians installed one of the top 10 VPN apps about 4213 times on average daily. However, on the day OpenAI announced its geoblock in Italy, VPN installs jumped by 121%, which is equal to 9302 downloads.

On April 1st, VPN downloads originating in Italy skyrocketed by 404%. The following day, the total number of VPN installs was 359% larger than the March average. Finally, on April 3rd, the downloads started to slow down but were still significantly higher at 270% above the pre-ban levels of ChatGPT services.

While users can use a VPN to bypass the block by switching to a non-Italian IP address, ChatGPT accounts initially registered in Italy may no longer be available. Consequently, users may need to create a new account using a non-Italian IP address to access ChatGPT.

Cybersecurity writer at Atlas VPN, Vilius Kardelis, shares his thoughts on Apple overtaking Samsung as the most popular smartphone:

“The ChatGPT geoblock in Italy and the subsequent surge in VPN usage highlight that people will try to access the online services they need, despite internet restrictions. This is a powerful reminder of the importance of internet freedom and the role that tools like VPNs can play in ensuring access to information and communication.”

Looking for a VPN

Naturally, as Italians started looking for ways to bypass the restriction of ChatGPT services, VPNs became a more popular search.

Google Trends data indicates that the keyword “VPN” gained a lot of interest in Italy after the ChatGPT ban. Google Trends measures search interest on a scale of 0 to 100, with 100 representing peak popularity for a term.

Days before the geoblock of ChatGPT, Italians’ interest in VPNs was relatively low. At the end of March, interest hovered around 15 point mark. However, on April 1st, interest grew significantly from 14 to 100, which indicates a 600% increase. The interest in VPN remained high, without falling below 50, during the following days.

To read the second part and the full article, head over to: https://atlasvpn.com/blog/vpn-downloads-in-italy-skyrocket-by-400-after-chatgpt-block

Elon Musk Has Another #Fail On His Hands As Only 3% Of Verified Users Have Signed Up For Twitter Blue

Posted in Commentary with tags Twitter on April 6, 2023 by itnerd

Remember when Elon Musk threatened to take away the blue checkmarks of verification from everyone unless they signed up for Twitter Blue? Well, ignoring the fact that the checkmarks have not disappeared, very few people who have been previously verified have signed up for Twitter Blue according to this:

Only 12,305 of roughly 420,000 legacy verified accounts have subscribed to a paid Twitter Blue plan as of Tuesday. That’s just above 3 percent of the celebrities, pro athletes, influencers, and media personalities who make up the platform’s power users.

While Twitter Blue does provide some additional features such as being able to edit tweets and write longer posts, the major selling point promoted to users is the ability to simply get a checkmark next to your username by paying $8 per month (or $11 on mobile devices.)

The latest Twitter Blue data comes from independent researcher Travis Brown, who has been tracking Twitter data since January. Brown’s data accounts for roughly 90 percent of all Twitter Blue subscribers. Previous internal Twitter Blue data leaks have matched with Brown’s estimates.

The bad news doesn’t end there for Elon:

If one adds government accounts with grey verified badges and business accounts which appear alongside a gold checkmark to the pool of legacy verified Twitter Blue subscribers, those numbers go up just slightly to around 15,000 users (or 3 and a half percent of these accounts in total).

Again, this is after Elon Musk threatened to take away approximately 420,000 users’ verified blue checkmark badges. And this is also following Musk’s announcement that only Twitter Blue subscribers would be promoted in Twitter’s default “For You” feed.

With its biggest motivator yet to subscribe – the removal of the blue tick – Twitter was seemingly unable to even double its legacy verified Twitter Blue subscribers. One week before the April 1 date, Twitter had only converted 7,901 government, business, and legacy verified accounts into paying subscribers, so there was a slight uptick in subscribers as the April 1 date loomed. However, many celebrities – from LeBron James to Jack Black – have since gone public saying that they were not planning to pay for Twitter Blue.

And if to further highlight how ineffective Elon has been in terms of getting people to sign up for Twitter Blue, there’s this:

Over the course of the nearly 4 months the subscription service has been live, Twitter has just barely crossed the 500,000 Twitter Blue subscriber threshold, according to Twitter Blue data from Brown. This would put Twitter Blue’s revenue at approximately $4 million per month.

Honestly, Elon looks less and less like the genius that he portrays himself to be. And I have to believe that he lies awake at night wishing he never bought Twitter as it is exposing him for what he is. A charlatan who has gotten lucky in life, and was able to build a public image around it. But because of Twitter, those days are over and Elon is likely re-evaluating his life choices.

3 Comments »

New QuickBooks Double Spear Email Phishing Attack Detected During Peak Tax Scam Season

Posted in Commentary with tags Avanan on April 6, 2023 by itnerd

The new wave of phishing that researchers at Avanan, a Check Point Software Company, recently talked about is BEC 3.0. Hackers can sign up for a free account somewhere, send out an invoice or other communication, and embed the malicious activity within that. Avanan’s covered this ability in PayPal, Google, and more.

Last year, they wrote about how hackers can do something similar in QuickBooks. Now, they’re back at it. In this attack brief, hackers create free accounts in Quickbooks to steal money and information from end-users by sending fake invoices from a legitimate domain.

You can read the attack brief here.

Elon Musk Shows That He Can’t Do Anything Right As Twitter Users Who Quit Twitter Blue Still Have Their Checkmarks

Posted in Commentary with tags Twitter on April 6, 2023 by itnerd

If any one thing shows that Elon Musk is incapable of managing ants at a picnic, never mind Twitter, this story from NBC illustrates this perfectly:

Before Ryan Garcia bought Twitter Blue, he was unverified on the platform. He hoped that buying a subscription to the service, which offers verification and other features, would help him reach a wider audience.

But he found the service cumbersome and decided to unsubscribe, last paying for the service in February.

To his surprise, though, Twitter has yet to remove his verified check mark.

Garcia is among eight former Twitter Blue subscribers who spoke to NBC News who gained verification through the service, canceled their memberships, and have kept their check marks weeks past the end of their subscriptions.

“If I woke up tomorrow and I saw my verification badge was gone, I would be overjoyed,” Garcia said.

The Twitter Blue users described being frustrated with their continued verification, saying they’re subjected to dayslong reviews when they want to change either their profile picture or their display name. Despite still being verified, they no longer have access to an edit button or long-form tweets, which are perks of the subscription. Technology news website Gizmodo first documented that some Twitter Blue users retained their verification after canceling their subscriptions.

Talk about a #fail. You would think that this process would be automated. But clearly not. Either that or like other things that Elon has done in regards to Twitter, he didn’t think through what would happen if someone stopped subscribing to Twitter Blue. Either way, it illustrates what a gong show his management of Twitter is.

The IT Nerd