Archive for August 17, 2023

« Older Entries

GEICO Becomes Another Victim Of MOVEit

Posted in Commentary with tags on August 17, 2023 by itnerd

It appears that US insurer GEICO has become the latest victim of the MOVEit Flaw and that this might be bad. WKBW has the details:

A Geico spokesperson confirmed with 7 News that MOVEit, an outside software program that Geico uses to transfer data to third-party vendors, was involved in a data breach. MOVEit told 7 News that the company disclosed the vulnerability on May 31, and deployed a patch the same day.

However, employees and former employees feel that they are under threat:

Heather Dudziak said she worked for Geico and left the job about a month ago. She claims her information was hacked because the company has put cyber security on the back burner.”My information, my daughter’s information, my husband’s information and my step-father’s information was leaked due to this data breach,” Dudziak said. 

She said her social security number and her family’s social security number were shared with the company for her health insurance which she believes was then obtained by hackers. She added that her former co-workers have told her others are experiencing the same thing.

“This is a violation of not only my security, my daughter, my husband, my stepdaughters and I just don’t feel safe,” she added. 

That’s extremely bad. Damir J. Brescic, CISO, Inversion6 had this to say:

I would like to know what steps GEICO has taken to bolster their cybersecurity posture due to this incident.

A few thoughts pop to mind of what they could have done; starting with ensuring that MOVEit was regularly updated with the latest security patches and fixes.  They should have implemented a robust access control and authentication mechanism within MOVEit to prevent unauthorized access to sensitive data.  I am also a big fan of two-factor authentication, strong password policies, and role-based access control as effective ways to restrict access to authorized personnel only.

This incident serves as a reminder to customers to do their own due diligence, by considering several factors.  They should understand the potential risks involved and take steps to protect their own person information, such as using strong and unique passwords and enabling two-factor authentication whenever possible.  Regular monitoring of financial statements and credit reports can also help detect any suspicious activities that may result from a data breach.

MOVEit is going to continue to claim victims until companies who use MOVEit take whatever steps are required to ensure that their attack surface is as small as possible. Then they should go to every vendor, supplier, etc. and ensure that they are doing the same thing. Because as is the case here, these attacks don’t just affect companies, they affect people too.

Leave a comment »

Three Canadian women-led startups join the Google for Startups Accelerator: Women Founders class of 2023

Posted in Commentary with tags on August 17, 2023 by itnerd

Women in tech face disproportionate adversity compared to their male counterparts on the road to success that’s why providing high-quality mentorship opportunities and support for women in the tech startup ecosystem is integral. Today, Google announced the 11 North American startups joining the Google for Startups Accelerator: Women Founders class of 2023

Google is thrilled to share that among the cohort are three Canadian women-led startups from Toronto, Ottawa and Calgary – NLPatentBorderlessHRandMonark– have been selected to join the program this year. 

Recent studies highlight that women in tech across Canada and the US continue to face barriers to access and disproportionate adversity compared to their male counterparts;

  • Women account for nearly 50% of the workforce, but representation in the tech sector continues to lag behind.
  • In 2001, only 21% of Canadian tech workers were women, and now, over 20 years later, that number sits at 24%, a meager 3% increase.

Source: https://data.worldbank.org/indicator/SL.TLF.TOTL.FE.ZS?end=2022&locations=CA&start=1990

Now in its fourth year, the 10-week intensive digital accelerator program leverages the best of Google’s people and technology to provide equity free technical support and mentorship opportunities to incredible women founders from across North America who are looking to scale their businesses. The Google for Startups Accelerator: Women Founders program is an extension of Google’s commitment to leveling the playing field for women founders in North America. In fact, since the program launched in 2020, it has supported 36 women-led startups across North America, who have collectively raised $73.46M USD since graduating from their cohorts. 

The full blog post can be found here along with additional details on the participating North American startups below.  

  • Aravenda (Fairfax, VA) is a comprehensive consignment shop software that is leading innovation in the fastest growing segment of retail through resales.
  • BorderlessHR (Ottawa, ON) offers global talent solutions for small businesses, providing instant matches to pre-vetted talent and AI-powered interviewers, saving SMBs the cost and time spent hiring the right talent on time and within budget. Borderless HR also offers a free suite of HR products to help manage talent.
  • Cobble (New York City, NY) is a platform that helps people reach collaborative agreement with others on ideas. Cobble offers a combination of decision-making tools, curated content and AI-driven social connections.
  • Craftmerce (Delaware City, DE) is a B2B technology platform that links African artisans to mainstream retail partners by providing tools for distributed production, enterprise management, and financing.
  • Dreami (Redwood City, Calif.) powers data-driven career development programs for the 36 million people in the US who face barriers to employment.
  • Medijobs (New York City, NY) offers virtual recruiting for the healthcare industry.
  • Monark (Calgary, AB) is a digital leadership development platform, preparing the next generation of leaders through on-demand personalized learning.
  • NLPatent (Toronto, ON) is an AI-patent search and analytics platform that uses a fine-tuned large language model, built from the ground up, to understand the language of innovation.
  • Rejoy Health (Mountain View, Calif.) is an AI-powered mobile application that uses computer vision technology to deliver at-home physical therapy, enabling individuals to effectively manage and alleviate chronic musculoskeletal conditions like back and joint pain.
  • Shimmer (San Francisco, Calif.) is an ADHD coaching platform that connects adults with ADHD and expert ADHD coaches for behavioral coaching.
  • Total Life (Jupiter, FL) reimagines aging for older adults through an easy, one-click platform that connects users with a Medicare covered healthcare provider.

1 Comment »

LinkedIn Introduces Free Verification Feature in Canada

Posted in Commentary with tags on August 17, 2023 by itnerd

Today LinkedIn launched the CLEAR identity verification feature for use on LinkedIn in Canada. As of Thursday August 18, Canadian LinkedIn members will have the opportunity to add an extra layer of trust and authenticity to their profiles and verify their identity using CLEAR, a cutting-edge verification platform. 

With CLEAR, LinkedIn members can now verify their identity by using their Canadian government ID and phone number. This verification process sets a new standard for reliability and credibility on the platform, reinforcing LinkedIn’s commitment to fostering a trusted community of professionals in Canada. 

Many Canadian LinkedIn members can also verify their workplace using their work email addresses, enhancing the credibility of their professional information.  

LinkedIn aims to provide trusted and verified information for professionals in Canada, fostering a reliable platform for their career journeys. These new verification tools aim to provide LinkedIn members in Canada increased confidence when learning, applying for jobs, and networking. They are designed to facilitate engagement with professionals who are likely to be credible and trustworthy. 

For more information about this announcement, you can read the details here.  

Leave a comment »

Advertisers Pull Their Ads From Twitter After Their Ads Appear Next To Nazi Content

Posted in Commentary with tags on August 17, 2023 by itnerd

Twitter, X, or whatever it’s called today recently had its CEO Linda Yaccarino called for “hand to hand combat” to get advertisers back onto the platform. But according to CNN, that doesn’t seem to be working:

At least two brands have said they will suspend advertising on X, the platform formerly known as Twitter, after their ads and those of other companies were run on an account promoting fascism. The issue came less than a week after X CEO Linda Yaccarino publicly affirmed the company’s commitment to brand safety for advertisers. 

The nonprofit news watchdog Media Matters for America documented in a report published Wednesday that ads for a host of mainstream brands have been run on the account, which has shared content celebrating Hitler and the Nazi Party. 

Ads for brands including Adobe, Gilead Sciences, the University of Maryland’s football team, New York University Langone Hospital and NCTA-The Internet and Television Association were run alongside tweets from the account that had garnered hundreds of thousands of views, CNN observed.

Spokespeople for NCTA and pharmaceutical company Gilead said that they immediately paused their ad spending on X after CNN flagged their ads on the pro-Nazi account.

Here’s the problem for X/Twitter. You can’t expect advertisers to want to pay to put ads next to content like this. That’s common sense. Yet Elon seems to be fine with that, but at the same time can’t understand why advertisers are fleeing the platform. Until Elon wraps his head around the fact that he needs to create a safe platform that respects the rights of all people, and most importantly doesn’t contain the sorts of things that are outlined in this CNN story, then he’s not going to make X/Twitter a successful operation. Related to that, if I were Linda Yaccarino, I’d be looking for another job as working for Elon isn’t a winning strategy.

Leave a comment »

Guest Post: Latvians and Finnish use the most mobile data

Posted in Commentary with tags on August 17, 2023 by itnerd

Mobile data has become an essential part of daily life for many people worldwide. With smartphones and other web-enabled devices, we now have constant access to information, entertainment, and communication at our fingertips.

According to the data presented by the Atlas VPN team, Latvians and Finnish people use up the most mobile data per month among the Organisation for Economic Co-operation and Development (OECD) countries. In addition, each Estonian has about 2 mobile broadband subscriptions.

Latvians lead in mobile data usage, averaging nearly 42 gigabytes per month per mobile broadband subscription. Latvia’s high mobile data consumption may be driven by widespread access to high-speed mobile networks in urban areas and unlimited provider data plans.

Finland ranks second globally in monthly mobile data use, with citizens browsing away 41 gigabytes on average.

Austria has the third-highest rate of mobile data consumption, averaging around 30 gigabytes per month. Lithuanians also rank high in mobile data usage, browsing through 28 gigabytes monthly on average. Iceland demonstrates high mobile data consumption for its population as well, with citizens using 24 gigabytes per month on average.

The average mobile data usage among OECD countries is almost 9 gigabytes. Countries like the United States, UK, and Germany all fall below this average.

Cybersecurity writer at Atlas VPN, Vilius Kardelis, shares his thoughts on mobile data usage:

“Mobile connectivity is convenient, but it can lead to overuse and dependency. Moderation and balance are essential. As networks continue improving globally, average mobile usage rates will likely rise. The future will undoubtedly bring innovations integrating mobile technology even deeper into our lifestyles.”

Who is most connected?

Analyzing the volume of mobile data consumption reveals fascinating insights. However, looking at mobile broadband subscription rates per 100 inhabitants provides further knowledge on how much people browse.

Each Estonian has about 2 mobile broadband subscriptions. Estonia’s citizens extensively use mobile networks not just for smartphones but also for other internet-connected devices. 

Japan likewise has extremely high mobile broadband penetration, with citizens subscribed to nearly 2 mobile networks on average. The United States ranks third, with an average of 1.8 mobile broadband subscriptions per citizen.

Finland, which is second in mobile data consumption, has a broadband subscription rate of 1.6 per person. At the same time, Israel and Denmark demonstrate a rate of 1.4 mobile broadband subscriptions per citizen.

To read the full article, head over to: https://atlasvpn.com/blog/latvians-and-finnish-use-the-most-mobile-data

latvians-and-finnish-use-the-most-mobile-data

Leave a comment »

California Adopts A Resolution That Encourages The Responsible Use Of AI

Posted in Commentary with tags on August 17, 2023 by itnerd

California recently adopted an AI Resolution that’s in alignment with the Biden Administration’s guidelines for responsible AI. Spearheaded by Sen. Dodd, this resolution reinforces California’s influential role in shaping regulatory frameworks:

Senate Concurrent Resolution 17 highlights the significant challenges posed by the use of technology, data, and automated systems, including incidents of unsafe, ineffective, or biased systems and unchecked data collection that threatens privacy and opportunities. At the same time, the resolution recognizes the potential benefits of AI, including increased efficiency in agriculture and data analysis that could revolutionize industries.

The resolution affirms the state’s commitment to President Biden’s vision for safe AI and the principles outlined in the White House Office of Science and Technology Policy’s “Blueprint for an AI Bill of Rights.” The five principles — Safe and Effective Systems; Algorithmic Discrimination Protections; Data Privacy; Notice and Explanation; and Human Alternatives, Consideration and Fallback — will guide the design, use, and deployment of automated systems in California.

SCR 17 was approved Monday in the Assembly with a unanimous voice vote after being previously approved by the full Senate. It does not require the governor’s signature.

Ani Chaudhuri, CEO, Dasera had this comment:

Today, with the California Legislature adopting the nation’s first AI-drafted resolution, we’re witnessing a pivotal moment in the intersection of technology, governance, and society. As someone deeply entrenched in data security and governance, this resolution isn’t just a piece of legislative text; it’s a testament to how our society is evolving and the responsibilities we must shoulder as we traverse this path.

  1. Safe and Effective Systems: AI’s promise lies in its ability to improve our world, but this can only be realized if the systems themselves are safe and effective. Any AI system must be meticulously tested in controlled and real-world scenarios. But it’s more than just about ensuring systems don’t malfunction—it’s about ensuring they function in a way that aligns with our societal values and norms.
  2. Algorithmic Discrimination Protections: Biases in AI systems have made headlines repeatedly, tarnishing this transformative tech’s image. Eliminating biases isn’t a ‘nice-to-have’—it’s a fundamental necessity. Every stage of AI development, from data collection to model training, should be scrutinized to ensure no group is unduly disadvantaged.
  3. Data Privacy: In an era where personal data is often compared to oil in its value, safeguarding this data is paramount. While AI systems thrive on data, we must implement stringent measures to ensure data privacy isn’t compromised. From where data is stored to how it’s accessed to who has rights to it—every aspect needs to be governed with the utmost responsibility.
  4. Notice and Explanation: The days of black-box algorithms must end. Stakeholders, from the public to policymakers, should clearly understand how AI decisions are made. It’s not about revealing trade secrets but ensuring transparency so these systems can be trusted.
  5. Human Alternatives, Consideration, and Fallback: As magnificent as AI is, it isn’t infallible. There should always be a human touchpoint—a fallback mechanism—that can intervene when things go awry. Automated systems should be designed with the understanding that humans are the ultimate safeguard.

Sen. Dodd’s resolution serves as a blueprint for California, the entire nation, and potentially the world. The principles highlighted are about safe AI deployment and ensuring AI uplifts society without trampling on individual rights.

To my colleagues in the tech industry: let’s take this as a call to action. We have the responsibility not only to innovate but to ensure that our innovations are imbued with integrity, respect, and a profound sense of duty to the betterment of society.

AI has the potential to transform society. But it needs guardrails around it. Otherwise the potential exists for it to run amok and harm society instead of help it. Which is why I feel that this l feel that this resolution is a great move.

Leave a comment »

Clorox Discloses That Operations And Systems Were Taken Offline Due To ‘Unauthorized Activity’ 

Posted in Commentary with tags on August 17, 2023 by itnerd

This week in regulatory filings with the SEC, Clorox reported a cybersecurity incident that forced it to take several systems offline and is causing disruption to parts of the business’s operations.

“To the extent possible, and in line with its business continuity plans, Clorox has implemented workarounds for certain offline operations in order to continue servicing its customers,” the company said in an 8-K filing.

Clorox noted in its 10-k report that it has seen an increase in the number of cyber attacks since shifting to a hybrid remote work model, and while they are in the process of a multi-year technology upgrade, including transitioning to a cloud-based platform,:  

“The upgrade poses several challenges, including training of personnel, migration of data and the potential instability of the new system.

“[Clorox] may be vulnerable to increased risks, including the risk of security breaches, system failures and disruptions.”

Ted Miracco, CEO, Approov Mobile Security had this comment:  

“Clorox and many other companies are being adversely affected by a one two punch of a shift to remote work and the concurrent reliance on personal mobile devices. This dynamic has dangerously expanded the attack surface for cyber threats, especially business email compromise, cyber extortion, phishing, and other social engineering attacks.  

“Organizations must urgently prioritize protections for this new perimeter, and it is especially important to focus on remote workers whom may be using personal devices that are not as secure as company-issued devices.”

Steve Hahn, Executive VP, BullWall follows with this comment:   

“As Clorox indicated in their company 10K filings, cyber attacks have escalated in the last few years due to their new “hybrid” work from home model. Like many companies, this work model expands the attack surface and makes the job of securing the endpoints nearly impossible. Broadly speaking, we’ve seen a huge uptick as a result of increased efforts by threat actors who now have vastly more attack vectors to take advantage of.  

“It doesn’t seem to matter how good a company’s preventative posture is, with a determined threat actor it’s a matter of “when” not “if” the attackers are successful. Because of this companies need to adopt a post breach mentality that looks to respond and recover in milliseconds by containing the attack, and not just focusing on prevention.”

With hybrid work here to stay, companies have to think differently about how they secure themselves. And as evidenced by this case, make every effort to make sure that either the bad guys don’t get in, or they are forced out as quickly as possible.

2 Comments »

LinkedIn Accounts Pwned In Massive Hacking Campaign

Posted in Commentary with tags , on August 17, 2023 by itnerd

As reported by Cyberint, LinkedIn is being targeted in a surge of account hacks, takeovers and lockouts with the inability for users to resolve the issues through LinkedIn’s support.

“While LinkedIn has not yet issued an official announcement, it appears that their support response time has lengthened, with reports of a high volume of support requests,” reports Cyberint’s researcher Coral Tayar.

Meanwhile, users have taken to various online forums such as Twitter and Reddit to air their frustrations regarding LinkedIn’s lack of response and support in recovering the breached accounts, some reporting it’s been almost a week and they haven’t received assistance yet.

As observed by Cyberint in many accounts, the attackers appear to be using leaked credentials or brute-force to attempt to gain control. For accounts that are well protected, the takeover attempts only resulted in a temporary account lock, but when the hackers successfully took over LinkedIn accounts, they quickly swapped the associated email address, changed the password, and in some instances even turned on 2FA making the account recovery process even more difficult.

In some instances, the attackers demanded a small ransom to return the accounts back to the owners and in others they simply deleted the accounts without asking for anything.

Emily Phelps, Director, Cyware had this to say:   

“We live a significant part of our lives online, and we don’t want our online identities in the wrong hands. I have no doubt that LinkedIn is receiving a tremendous increase in support requests, which likely accounts for the slow response time, it is advisable to reach out to your customers and inform them of the steps you’re taking to rectify the situation.”  

If you maintain a LinkedIn account, now would be a good time to review the security measures you’ve activated, enable 2FA, and switch to a unique and long password. As for LinkedIn, I can’t find any evidence that they’ve commented on this. Which doesn’t look good on them at all.

Leave a comment »

Mass Exploitation Campaign Backdoors Almost 2000 Citrix NetScalers 

Posted in Commentary with tags , on August 17, 2023 by itnerd

A hacking group has exploited a critical vulnerability in Citrix NetScaler servers to compromise close to 2,000 servers in a massive campaign, before patches could be applied.

As of 8/14 Fox-IT researchers report that of some 31,127 vulnerable servers, more than 1,900 remain “backdoored” and of those found, 1,248 had already been patched, but were never checked for signs of successful exploitation.

The vulnerability, tracked as CVE-2023-3519, allows hackers to execute arbitrary code on the servers without authentication allowing them to do anything they want on the servers, including steal data, install malware, or disrupt operations.

Main Takeaways:

  • A set of vulnerabilities in NetScaler, one of which allows for remote code execution, were disclosed on July 18th. This disclosure was published after several security organizations saw limited exploitation of these vulnerabilities in the wild.
  • Fox-IT (in collaboration with the Dutch Institute of Vulnerability Disclosure) have scanned for these webshells to identify compromised systems. Responsible disclosure notifications have been sent by the DIVD.
  • At the time of this exploitation campaign, 31127 NetScalers were vulnerable to CVE-2023-3519.
  • As of August 14th, 1828 NetScalers remain backdoored.
  • Of the backdoored NetScalers, 1248 are patched for CVE-2023-3519.

David Mitchell, Chief Technical Officer, HYAS had this to say:  

“Unfortunately, this is far from the first time this has happened in recent memory. In previous campaigns, attackers gained footholds within F5, Fortinet and VMware appliances through exposed management interfaces in order to avoid detection by EDR software.  

“Regardless if the exploit is already in the wild, customers are expected to monitor their devices for the IOCs before and after the patch is applied — which is obviously not at an acceptable level. The reason for this gap may be education, outsourced managed devices or division of security labor within an organization, but I do not expect attacks on network devices to stop anytime soon.”

Clearly simply patching everything isn’t enough. You also have to make sure that the bad guys aren’t already in. Which means that you need to take more rigorous steps to make sure that you’re not on the wrong end of a headline.

Leave a comment »

Flashpoint Releases July Cyber Threat Intelligence Index

Posted in Commentary with tags on August 17, 2023 by itnerd

Flashpoint has published its July 2023 Cyber Threat Intelligence Index.  Here are some numbers from July:

  • There were 515 ransomware attacks
  • 1994 new vulnerabilities with 312 of them being missed by the Common Vulnerabilities and Exposures (CVE) and National Vulnerability Database (NVD)
  • 529 Data Breach events

The Index also deals with Insider Threats and the state of malware. You can read it here.

Leave a comment »

« Older Entries