Archive for July 6, 2023

BREAKING: Petro Canada FINALLY Says Something About Being Pwned

Posted in Commentary with tags on July 6, 2023 by itnerd

For the last few weeks now, it’s been public knowledge that it has been pwned in some sort of “cybersecurity incident.” For context, here’s a list of stories that I’ve written about this:

Today is July 6th and Petro Canada finally, and I do mean FINALLY has something to say on the matter. This email just hit my inbox:

You can also read the email online here.

So since I am a member of the Petro Points program, the threat actors now have my name, mailing address, and email address along with my phone number and date of birth. That pretty much guarantees that I along with every other member of the Petro Points program are going have very targeted attacks aimed at me in the near future. Not to mention the threat actors will make attempts at stealing my identity. I can also say that it’s a pretty safe bet that someone is going to find this response by Petro Canada to be inadequate and contact a lawyer to file a class action lawsuit. If that happens, I will be joining said lawsuit.

Honestly, after reading this I will not be able to trust Petro Canada again. Sure they could come out with a more detailed statement offering up how they got pwned, and what they’re doing to ensure that they don’t get pwned again. And they can do something more than offer up a credit of Petro Points. For example. Credit monitoring for the next year or two for every Petro Points customer would be a good start. But I don’t see that happening. Thus when this is resolved, whenever that is, I will be cashing out my Petro Points and I will not be doing business with Petro Canada again. But I will be watching this story closely as I fully expect that there will be a lot of developments in the days and weeks ahead.

Leave a comment »

Now We Know Why Elon Musk Is Freaking Out…. Threads Has 30 Million Signups In 24 Hours

Posted in Commentary with tags on July 6, 2023 by itnerd

Earlier today, news filtered out that Elon Musk had threatened to sue Meta over Threads. Specifically because he claimed that Meta stole Twitter employees that he fired and used them to spin up Threads. It is likely that this claim by Elon is dubious at best, and the truth likely is that he’s more afraid of the fact that Meta has managed to get 30 million signups on Thread in 24 hours. Here’s a screen shot of Mark Zuckerberg announcing this on Threads:

Elon Musk just must be losing his mind. He’s taken Twitter and his poor decisions have turned it into the most epic train wreck next to a dumpster fire that history has ever seen. Now he has Meta coming for his breakfast, lunch and dinner. And the thing is that he clearly has no answer to that. I have speculated that Threads as much as I don’t like it, may be the thing that ultimately kills Twitter. Based on how fast the platform is getting people to sign up, that may be about to come true. And Elon is going to be at least $44 billion poorer as a result. Not that I fee sorry for him or anything.

Leave a comment »

Elon Musk Is So Spooked By Threads That He’s Threatening To Sue Meta

Posted in Commentary with tags , on July 6, 2023 by itnerd

I am guessing that Elon Musk is spooked by the launch of Threads today and the fact that 10 million people signed up in a matter of hours. So spooked in fact that a lawsuit is now on being floated by Twitter:

On Wednesday, Instagram parent company Meta introduced Threads, a text-based companion to Instagram that resembles Twitter and other text-based social platforms. Just hours later, a lawyer for Twitter, Alex Spiro, sent a letter to Meta CEO Mark Zuckerberg accusing the company of engaging in “systematic, willful, and unlawful misappropriation of Twitter’s trade secrets and other intellectual property.”

“Twitter intends to strictly enforce its intellectual property rights, and demands that Meta take immediate steps to stop using any Twitter trade secrets or other highly confidential information,” Spiro wrote in a letter obtained exclusively by Semafor. “Twitter reserves all rights, including, but not limited to, the right to seek both civil remedies and injunctive relief without further notice to prevent any further retention, disclosure, or use of its intellectual property by Meta.”

Spiro accused Meta of hiring dozens of former Twitter employees who “had and continue to have access to Twitter’s trade secrets and other highly confidential information.”

He also alleged that Meta assigned those employees to develop “Meta’s copycat ‘Threads’ app with the specific intent that they use Twitter’s trade secrets and other intellectual property in order to accelerate the development of Meta’s competing app, in violation of both state and federal law as well as those employees’ ongoing obligations to Twitter.”

Here’s what Meta had to say:

A Meta source told Semafor that Twitter’s accusations are baseless.

“No one on the Threads engineering team is a former Twitter employee — that’s just not a thing,” the source said.

Elon is clearly running scared. He’s afraid that Meta is about to destroy him by providing an alternative to Twitter which he has spent a lot of time finding new and creative ways to kill via his own stupidity. So he’s playing the lawsuit card hoping that it scares Meta into backing off. The thing is, I am 99.9% that Meta doesn’t care about this threat. And I am also 99.9% sure that if Elon follows through on his threat, he’d lose. But it would be fun to watch Elon lose, and be humiliated in the process.

1 Comment »

Cloud Range Partners with ActiveBytes Innovations 

Posted in Commentary with tags on July 6, 2023 by itnerd

Cloud Range, the industry’s leading cyber range solution to reduce cyber risk across the organization, today announced an agreement with ActiveBytes Innovations LLC, a provider of high-quality information security solutions, to be the preferred distributor of Cloud Range products and services in the Middle East including the United Arab Emirates, Qatar, Kuwait, Bahrain, Lebanon, Jordan, Iraq and Egypt.

According to Frost & Sullivan, the Middle East’s cybersecurity market is projected to be worth $31 billion by 2030 as cybersecurity awareness and readiness grow in the region that is home to some of the world’s largest oil producers. As industrial organizations in industries such as oil and gas pursue digital transformation initiatives, they increase their cyber risk and exposure to the ransomware and cyber attacks that have become pervasive. Governments and enterprises are prioritizing cybersecurity—in particular ICS/OT cybersecurity—to build cyber resilience and protect their critical infrastructure. Yet they are challenged with a lack of talent and skills specific to their region and industries.

Together, Cloud Range and ActiveBytes Innovations will enable organizations in the Middle East to reduce cyber risk and increase operational efficiencies by ensuring their cybersecurity teams are prepared to meet any challenge in the face of an ever-evolving threat landscape. ActiveBytes Innovations will provide and distribute Cloud Range’s full suite of products and services, including:

Cloud Range helps close the cyber skills gap with an innovative cyber range platform that ensures cyber defenders gain the skills and experience they need to protect organizations and critical infrastructure against detrimental and potentially deadly cyber attacks. The realistic and customizable cyber range is a safe, virtual environment that emulates actual networks, infrastructure, and technology and gives practitioners hands-on experience in detecting and mitigating real attacks.

ActiveBytes Innovations provides a comprehensive security portfolio to protect customers across endpoints, infrastructure, applications, and in the cloud. Its team proactively researches the ever-evolving threat landscape and develops solutions to defend against complex malware and cyber attacks.

 Learn more at cloudrangecyber.com.

Leave a comment »

iPhone eSIM Quick Transfer now supported at TELUS

Posted in Commentary with tags on July 6, 2023 by itnerd

The news is out that TELUS is the first wireless carrier in Canada to support iPhone eSIM Quick Transfer! 


Available to TELUS and Koodo customers with compatible iPhone XS, iPhone XS Max, iPhone XR, or later with iOS 12.1 or later, this exciting new capability allows users to conveniently manage their existing SIM Card directly on their iPhone any time, anywhere – without needing to step foot into a store or calling in!

With iPhone eSIM Quick Transfer, customers now have the ability to:

  1. Convert their physical SIM card into an eSIM directly on their iPhone with ease
  2. Transfer their phone number from either an existing physical SIM card or eSIM on a previous iPhone to a new iPhone seamlessly.

TELUS customers have access to all the latest 5G-enabled devices – including the Apple iPhone 14 lineup – on an award-winning 5G network that gives back to Canadians in-need through programs, like Mobility for Good, which helps youth aging out of foster care and low-income seniors stay connected to what matters most.

You can find out more at telus.com/eSIM

Leave a comment »

Threads Is Live… But I Will Not Be Signing Up For Two Reasons

Posted in Commentary with tags on July 6, 2023 by itnerd

Meta’s Twitter killer Threads is now live in most parts of the world. I did think about getting a Threads account just to test it out and joining the 10 million or so users who apparently signed up in the last 10 hours or so. But I have to admit that I have thought twice about doing so and will avoid it like Superman avoids Kryptonite. Here’s why:

  • Privacy: As I have mentioned before, Threads appears to be a privacy nightmare. So much so, that Threads didn’t launch in the EU as I am guessing that Meta didn’t want to get smacked by the EU. Given those facts, and Meta’s past behaviour, I would suggest that this is a key reason to avoid Threads.
  • Threads was rushed to market: This isn’t a shock as Meta is clearly trying to get something out there to try and kill Twitter. 9to5Mac has a list of some of the notable omissions and failings of Threads. Including the fact that you can’t delete your account without deleting your Instagram account which I think may not an omission but a deliberate design decision. Some of the design issues may change over time, but clearly on top of Threads users being the product as is typical for any Meta product, they’re also beta testers.

There’s one other reason that I am avoiding Threads. We’ve kind of seen this sort of thing before with Google+. If you don’t remember Google+, this will help you to get up to speed. Google+ signed up millions of users very quickly in 2011, but was dead by 2019 as Facebook and other social networks became more popular that it. Thus Threads might be “the new hotness” at the moment. But it doesn’t mean that it will be “the new hotness” long term.

Having said all of that, Threads is a serious threat to Twitter and Elon Musk. And I am sure that Elon is very concerned as he’s shot himself in the foot so many times, it likely won’t take much for a Twitter competitor to come in and yank the rug out from under him. I just question if Threads is the one to do just that. And I most certainly won’t get an account to find out.

1 Comment »

CISA Warns Of A Vulnerability In Medtronic’s Software

Posted in Commentary with tags on July 6, 2023 by itnerd

The CISA is warning of a severe (9.8 out of 10) vulnerability in Medtronic’s Paceart Optima software that runs on the healthcare organization’s Windows server which stores and retrieves cardiac device data from programmers and remote monitoring systems from all major cardiac device manufacturers.

Medtronic said the vulnerability is within the Paceart Optima software’s messaging service which allows healthcare organizations to send fax, email, and pager messages within the system.

Medtronic has not seen any exploitation of the bug so far but said in a security bulletin:  

“This vulnerability could result in a healthcare delivery organization’s Paceart Optima system’s cardiac device data being deleted, stolen, or modified, or the Paceart Optima system being used for further network penetration.”

Medtronic’s security bulletin includes immediate and temporary steps for healthcare delivery organizations and encourages those affected to work with Medtronic Paceart technical support to install an update to eliminate the vulnerability.

George McGregor, VP, Approov had this comment:

   “The Optima software aggregates and displays cardiac data collected from multiple sources so a vulnerability here can have major consequences.  But it is also important to evaluate the interplay of embedded devices such as insulin pumps, cardiac monitors and pacemakers and the associated mobile apps which are increasingly used to collect data and control the device.  A look at medical device manufacturer security advisories seems to suggest that this can be a major attack surface which must be protected.”

Roy Akerman, Co-Founder & CEO, Rezonate follows up with this:

   “Healthcare is constantly at the forefront dealing with an expanded attack surfaces – as in the case of the Optima software with a vulnerable MIoT (Medical Internet of Things). As RCE can be enabled if exploited, instant patching based on guidance provided by Medtronic is advised. Most often priority is defined based on exploitability, overall risk and impact, and access, in this case, when the risk may include deadly consequences, priority should be applied for an immediate patch and monitoring.”

Given how much we now rely on tech in healthcare, issues like these should not happen. Companies need to take more care to ensure that vulnerabilities like these aren’t threats to patient care.

Leave a comment »

Trustwave Creates A Honeypot Network And Gathers Some Interesting Intel

Posted in Commentary with tags on July 6, 2023 by itnerd

There’s a very interesting blog post that was put up by Trustwave which speaks to the fact that they have a network of honeypots around the world, and are able to gather some pretty interesting intel on threat actors and the attacks that they carry out:

During a six-month period that ended in May 2023, we collected and analyzed vast amounts of data from over 38,000 unique IPs and downloaded more than 1,100 unique payloads served during exploitation attempts. Almost 19% of the total recorded web traffic was malicious, and botnets were responsible for over 95% of the malicious web traffic detected.

We encountered multiple targeted attacks directed at specific honeypots, where threat actors sought to exploit the enterprise applications under examination. The primary objective of these attacks was to upload a web shell, enabling attackers to carry out further actions against the potential victims that our sensors were mimicking. A web shell is a malicious script or program that provides unauthorized access and control over a compromised website or web server. It is typically uploaded by an attacker to gain administrative-level privileges and execute arbitrary commands on the target system.

Joe Saunders, CEO, RunSafe Security  has this comment on Trustwave’s work:

“Fixing and patching is too late. Threat actors are very efficient and move with speed, as demonstrated by Patel & Cieslak. What we need is a new approach to cyber protection that protects against classes of exploits even when a patch is not available.

I encourage you to read the blog post as it is pretty eye opening. And hopefully it can serve as a guide to allow you to protect your enterprise.

Leave a comment »