Archive for October 24, 2023

TELUS Friendly Future Foundation Launches National Auction To  Support Youth Mental Health 

Posted in Commentary with tags on October 24, 2023 by itnerd

TELUS Friendly Future Foundation’s third-annual Friendly Future Online Auction launches today, with one hundred per cent of proceeds going directly to Canadian charities that promote youth mental health and well-being. Recent research from the Canadian Institute for Health Information estimates that up to 20 per cent of children and youth in Canada are affected by a mental health disorder. Amidst the ongoing youth mental health crisis, TELUS Friendly Future Foundation provides support to charities in communities across Canada that provide under-served youth with access to the resources they need to learn, make connections, and stay healthy, opening up new opportunities for them to reach their full potential. 

With a fundraising goal of $150,000, Canadians can bid online on hundreds of auction items, generously donated from partners across the country, including weekend getaways, phones and tablets, tickets to sporting events and signed memorabilia. Since the inaugural Friendly Future Online Action in 2021, the Foundation has raised more than $250,000 through this event in support of charities across Canada that address youth mental health and foster a sense of belonging.

 TELUS Friendly Future Foundation along with TELUS’ 13 Canadian Community Boards collaborate to enhance the lives of two million youth annually. Last year alone, the Foundation provided more than $10 million in grant funding to more than 500 charitable organizations across the country, including Big Brothers Big Sisters CanadaCovenant House and Step Stones for Youth.

The Friendly Future Online Auction runs until November 7. To learn more about the auction, including how to bid or make a donation, visit friendlyfutureauction.com 

Leave a comment »

Okta Gets Pwned…. And The Downstream Effects Of That Are Starting To Be Felt

Posted in Commentary with tags , on October 24, 2023 by itnerd

On Friday, Okta disclosed a hack of its support systems.Here’s what Okta had to say about that:

The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases. It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted. In addition, the Auth0/CIC case management system is not impacted by this incident.

Note: All customers who were impacted by this have been notified. If you’re an Okta customer and you have not been contacted with another message or method, there is no impact to your Okta environment or your support tickets.

Now Okta has had a rough time of it lately as its products have been implicated in a number of high profile hacks. That would include a spate of intrusions at casinos that crippled Las Vegas hotel rooms for days. The MGM hack is an example of this along with the Caesar’s hack. But the hack of Okta itself has had significant downstream effects. 1Password it turns out was affected by this hack:

On September 29, we detected suspicious activity on our Okta instance that we use to manage our employee-facing apps. We immediately terminated the activity, investigated, and found no compromise of user data or other sensitive systems, either employee-facing or user-facing.

Since then, we’ve been working with Okta to determine the initial vector of compromise. As of late Friday, October 20, we’ve confirmed that this was a result of Okta’s Support System breach.

See our internal Okta Incident Report for additional details.

Cloudflare was also affected by this hack:

On Wednesday, October 18, 2023, we discovered attacks on our system that we were able to trace back to Okta – threat actors were able to leverage an authentication token compromised at Okta to pivot into Cloudflare’s Okta instance. While this was a troubling security incident, our Security Incident Response Team’s (SIRT) real-time detection and prompt response enabled containment and minimized the impact to Cloudflare systems and data. We have verified that no Cloudflare customer information or systems were impacted by this event because of our rapid response. Okta has now released a public statement about this incident.

This is the second time Cloudflare has been impacted by a breach of Okta’s systems. In March 2022, we blogged about our investigation on how a breach of Okta affected Cloudflare. In that incident, we concluded that there was no access from the threat actor to any of our systems or data – Cloudflare’s use of hard keys for multi-factor authentication stopped this attack.  

Ken Westin, Field CISO, Panther Labs had this to say:

Okta is a prime target for attackers and by compromising their systems, they seek to gain access to their customer’s infrastructure and data. The pivot to 1Password should be a wake-up call for organizations to ensure they are monitoring Okta logs, as well as other identity and password applications.

Clearly Okta needs to do some work here as it’s bad enough that Okta gets hacked. It’s worse that its customers are also affected by said hack. Thus Okta and companies that provide similar services need to get their collective acts together to maximize their security or we are all in very deep trouble.

2 Comments »

BREAKING: 41 States And DC Sue Meta Claiming That Facebook And Instagram Are Harming The Mental Health Of The Young

Posted in Commentary with tags on October 24, 2023 by itnerd

From the “Meta might be in trouble here” department comes a lawsuit that has been filed by 41 states and DC which has a very interesting claim:

A federal lawsuit and parallel state lawsuits allege that Meta knowingly designed and deployed harmful features on Instagram and Facebook that purposefully addict children and teens.

The states also allege Meta routinely collects data on children under 13 without informing parents or obtaining parental consent.

“Its motive is profit, and in seeking to maximize its financial gains, Meta has repeatedly misled the public about the substantial dangers of its Social Media Platforms,” the lawsuit said. “It has concealed the ways in which these Platforms exploit and manipulate its most vulnerable consumers: teenagers and children. And it has ignored the sweeping damage these Platforms have caused to the mental and physical health of our nation’s youth. In doing so, Meta engaged in, and continues to engage in, deceptive and unlawful conduct in violation of state and federal law.”

According to this story, the lawsuits are intended to force Meta who owns Facebook and Instagram to change their products to stop this from happening. Seeing as Meta is known to have products that collect all sorts of data about you to monetize it in any way they can, these lawsuits are a direct threat to their business model. Thus you can be sure that Mark Zuckerberg is freaking right now while tying to figure out how not to be taken to the woodshed if these lawsuits go to trial.

This will be a fun one to watch.

1 Comment »

Uber Canada Reveals Annual Nightlife Index Report

Posted in Commentary with tags on October 24, 2023 by itnerd

If one thing can be said about Canadians, it’s that we really know how to part-EH! With Halloween just around the corner, Canadians will be revving up to hit the town and BOOgie on one of the biggest partying nights. That’s why Uber Canada is releasing its annual Nightlife Index, revealing what Canadians have been getting up to during their nighttime escapades throughout the year.

It seems that Londoners in Ontario have solidified themselves as the wildest night owls in the country, taking the top partying city spot for a second year in a row. To recover from a night out, the top food order is a classic cup of coffee, followed by some hashbrowns to soak it all up. And if you’re curious about what Canadians are shopping for in the late hours, a Unicorn pillow takes the top spot as the most unexpected item.

As Canadians revel in their city’s nightlife, we also want to share an important message that just because you drove to the party, it doesn’t mean you are capable of driving home. No matter how you get home, Uber and MADD Canada are supporters of all rides that get you there safely. Alcohol and cannabis can stay in your system as long as the next day, so don’t drive to pick up food and take advantage of getting it delivered right to your doorstep with Uber Eats. 

Party city – Top 10 Partying Cities in Canada: 

*based on the average # of late night trips (10PM-2AM) riders in each city take every month

  1. London, Ontario
  2. Toronto
  3. Winnipeg
  4. Halifax
  5. Kitchener-Waterloo
  6. Regina
  7. Edmonton
  8. Vancouver
  9. Ottawa
  10. Kingston

Best days to get down on the dancefloor – Top 5 biggest partying nights across Canada 

*based on volume of rides between 10PM and 2AM 

  1. New Years Day
  2. St Patrick’s Day 
  3. Canada Day 
  4. Halloween 
  5. May long weekend 

Food to soothe the soul and the scaries – Top 5 hangover foods across Canada

*based on volume of orders between 9AM and 1PM on Saturdays and Sundays 

  1. Coffee 
  2. Hash browns
  3. Bagels 
  4. Bacon, cheese, egg breakfast sandwich
  5. Donut 

The largest hangover food ordered through Uber Eats in Canada was placed on Saturday, May 13, 2023 in Winnipeg, MB for $995. One–or more, no judgment–hungry eater ordered 10 spaghetti and meatballs, 5 chicken and mushroom fettuccine, 15 bolognese penne, and 13 “create your own” pasta dishes. 

In the mood for a midnight snack – City that orders the most Uber Eats deliveries between 10PM and 4AM

  1. Windsor 
  2. Kingston 
  3. Niagara Region 
  4. London 
  5. Kitchener-Waterloo
  6. Thunder Bay 
  7. Winnipeg 
  8. Saskatoon 
  9. Sault Ste Marie 
  10. Toronto 

Confessions of a late night shopaholic – Most unexpected late night order (not food related)

  1. Unicorn pillow 
  2. Instant pot 
  3. Digital food steamer 
  4. Nintendo switch 
  5. Wooden rat traps

Leave a comment »

EU To Elon Musk: Comply With Our Laws Or GTFO

Posted in Commentary with tags on October 24, 2023 by itnerd

Much as I expected when I wrote this story, the EU has sent Elon Musk a clear message about Twitter and its relationship with the 27 nation bloc:

X owner Elon Musk will have to comply with European Union law and clamp down illegal content on the social network if it wants to keep on doing “good business” in the region, the EU’s digital chief Věra Jourová said today.

“With Mr. Musk, the dialog doesn’t go well, very simply,” Jourová told reporters in the wake of an EU probe into how the platform shows graphic illegal content and disinformation linked to Hamas’ attack on Israel.

The tech mogul denied a report last week that he was considering pulling X out of Europe to avoid new requirements for digital platforms. X is used by over 101 million Europeans in the bloc. Under the EU’s Digital Services Act (DSA), the company must swiftly take down content and ensure the network limits disinformation and cyberviolence.

The problem is that even though Elon has denied that he is wanting to take Twitter out of the EU, he hasn’t exactly done anything to stop misinformation from spreading on Twitter. And he’s even spread a fair amount of misinformation himself. Thus you have to wonder what his next move is. I don’t see him complying with the EU as that hasn’t been his style to this point. And he certainly doesn’t want to be forced by the EU to do things that he doesn’t want to do. But at the same time, I am guessing that he hasn’t pulled the plug on the EU because that will limit his ability to make money. So to me, it seems like he’s stuck in a less than ideal position. The question is, what will do next?

Leave a comment »

New Survey From Abnormal Security Reveals 98% Of Security Leaders Worry About the Risks of Generative AI

Posted in Commentary with tags on October 24, 2023 by itnerd

Abnormal Security has announced the launch of a new report, “The State of Email Security in an AI-Powered World.” The report reveals security leaders’ greatest concerns about the growing threat of generative AI in the enterprise—particularly via the email vector—and how they are preparing to adapt their defenses in response.  

Based on a survey of 300 senior cybersecurity stakeholders from organizations of all sizes across multiple industries, the research found that nearly all security leaders (98%) are concerned about the cybersecurity risks posed by ChatGPT, Google Bard, WormGPT, and similar tools. 

Their leading worry is the increased sophistication of email attacks that generative AI will make possible—particularly, the fact that generative AI will help attackers craft highly specific and personalized email attacks based on publicly available information. Not only are security leaders feeling nervous about these threats, many are already experiencing them. Four-fifths (80.3%)  of respondents confirmed that their organizations have either already received AI-generated email attacks or strongly suspect that this is the case.

Despite widespread concern, the vast majority of security leaders are not adequately prepared to protect against AI-generated email attacks. The majority of respondents are still relying on their cloud email providers or legacy tools for email security, with over half (53%) of respondents still using secure email gateways to protect their email environments. Unfortunately, this approach does not seem to be working, as nearly half of respondents (46%) lack confidence in traditional solutions to detect and block AI-generated attacks.

The research highlights an opportunity for an alternative approach with AI-driven security as the next frontier of email protection, as 92% of survey participants see the value in using AI to  defend against AI-generated email threats. Additionally, more than 94% of survey participants say that AI will have a major impact on their cybersecurity strategy over the next two years.

You can download the full report, The State of Email Security in an AI-Powered World, here

Leave a comment »

Guest Post: TikTok removed nearly 107 million videos in Q2 2023

Posted in Commentary with tags on October 24, 2023 by itnerd

According to data presented by the Atlas VPN team based on TikTok’s Community Guideline Enforcement reportTikTok removed 106,476,032 videos for violations in Q2 2023.

The platform also wiped a total of 107,917,818 accounts in Q2 2023. Notably, most removed accounts belonged to users under 13, in line with the minimum age requirements to create an account on the platform. 

A rise in removals comes amidst concerns over TikTok’s ability to protect its users from harmful content and exploitation. The Data Protection Commission recently found that in the latter half of 2020, TikTok’s default settings did not do enough to protect children’s accounts, resulting in a €345 million fine. 

The results of Q2 2O23 show a noticeable 19% uptick from the previous quarter (91,003,510 videos removed) and a 26% increase compared to Q4 2022 (85,860,819 videos removed). 

An increase in removals could be connected with several revisions to TikTok’s community guideline policy since April 2023, following discussions that the platform should be banned in the United States for national security. Subsequent updates to the policy were released in May and August. 

Mature themes — biggest offender

Of all the nearly 107 million videos removed in Q2 2023, almost 39.1% contained sensitive and mature themes, such as nudity and body exposure or graphic images. Thankfully, moderators deleted around 83.1% of all these videos before they had a single view.

Regulated goods and commercial activities were the second-largest deletion category, comprising 28% of all removals. This ranges from consuming and promoting drugs, alcohol, and tobacco to conducting scams or fraud.

Safety and civility violations — such as bullying, hate speech, and youth exploitation — round out the top three, equal to 14.5% of all cases. This is closely followed by the mental and behavioral health category, which was the main reason for removal 10.1% of the time.

Privacy and security were slightly less common, with content featuring personal information warranting removal in only 7.1% of all cases. The remaining 1.2% was covered by integrity and authenticity violations, such as spreading misinformation or paid political content. 

While TikTok has taken steps to address safety concerns, there is a need for more substantial and consistent efforts to ensure a safe environment for its vast user base. The ongoing issues with content removal and user protection indicate that the platform may need to invest more in proactive measures to address these critical safety issues effectively.

To read the full article, head over to: https://atlasvpn.com/blog/tiktok-removed-nearly-107-million-videos-in-q2-2023

Image
Image

Leave a comment »

City Of Philadelphia Has Been Pwned…. And The Threat Actors Had Access For Months

Posted in Commentary with tags on October 24, 2023 by itnerd

The City of Philadelphia announced that it is investigating a five-month-old data breach where attackers “may have gained access” to City email accounts containing personal and protected health information.
 
The breach was discovered by officials on May 24th following suspicious activity in the City’s email environment, but investigators found that threat actors may have had access to accounts for at least two months after the City initially became aware of the incident between May 26, 2023 and July 28, 2023.

Also, in August, investigators became aware that the email accounts impacted may contain personal health data. The types of information disclosed may include individual’s:

  • Name
  • Address
  • DOB
  • SSN
  • Contact information
  • Medical diagnosis information
  • Treatment-related information
  • Limited financial information
  • Claims information

 
City officials have not provided details on how the attackers breached the City’s email accounts or why they delayed disclosing the incident for five months.

Dave Ratner, CEO, HYAS had this to say:

   “Too often bad actors are discovered to have had access for months or longer, staying hidden and stealing data at will.  Organizations need to increase their focus on the real-time visibility and observability inside their environment, to determine what is anomalous and what isn’t, and ensure that breaches don’t lead to multiple-months of unfettered access. It’s for this reason (among others) that CISA and the NSA recommend the deployment of Protective DNS as part of a security-in-depth strategy for operational and business resiliency.”

This is a #fail given the threat actors had access for a significant amount of time. This is the perfect example as to why everyone needs to have the tools to detect and prevent these sorts of attacks in their early phases.

Leave a comment »

Iranian Hackers Were Lurking For 8 Months In A Government Network 

Posted in Commentary with tags on October 24, 2023 by itnerd

Broadcom’s Symantec cybersecurity unit is reporting on a meticulous eight-month-long espionage campaign.  The Iranian Crambus espionage group, also known as OilRig and APT34, targeted a Middle Eastern government between February and September 2023. During the extended stay, the attackers compromised numerous computers and servers. They executed a range of activities, including the theft of files and passwords.

The attackers implanted a PowerShell backdoor named PowerExchange, which allowed them to monitor incoming emails from an Exchange Server and execute commands through surreptitious emails. The attack affected a minimum of 12 computers, and there are indications that backdoors and keyloggers were placed on dozens more systems.

In addition to deploying malware, the attackers used the publicly available administration tool Plink to configure port-forwarding rules on the compromised machines, granting them remote access through the Remote Desktop Protocol (RDP).

Evidence also suggests the attackers manipulated Windows firewall rules to facilitate remote access.

Emily Phelps, Director, Cyware had this comment:

   “Advanced persistent threat (APT) groups such as Crambus have the resources to maintain ongoing targeted attacks. The importance of organizations and government entities moving from a reactive to proactive cybersecurity posture cannot be overstated. Investing not only in threat intelligence but in technologies that enable organizations to take action on intelligence is mission critical to outpacing motivated adversaries.”

David Mitchell, Chief Technical Officer, HYAS adds this:

   “While this is not surprising, it further reinforces the need for network wide visibility and protection. Without knowing the details of said governments’ security posture internally, it appears they did not utilize protective DNS, network traffic visibility or log analysis — a combination of methods that would’ve most assuredly detected this behavior. Siloed security products continue to give customers a false sense of security and need to be deployed up and down the OSI stack in order to be effective.”

Much like the North Korean’s, the Iranians are a threat to your cybersecurity that cannot be ignored. Thus your security posture needs to take that into account or bad things will happen. As was the case here.

Leave a comment »