Archive for November 20, 2023

Idaho National Laboratory Pwned…. And Data On Employees Has Leaked

Posted in Commentary with tags on November 20, 2023 by itnerd

The Idaho National Laboratory got pwned over the weekend. Here’s what happened next:

Idaho National Laboratory experienced a massive data breach on Sunday night, leading to the leak of employee addresses, Social Security numbers, bank account information and much more.

INL media spokesperson Lori McNamara tells the breach is being investigated and federal law enforcement are involved.

“Earlier this morning, Idaho National Laboratory determined that it was the target of a cybersecurity data breach, affecting the servers supporting its Oracle HCM system, which supports its Human Resources applications. INL has taken immediate action to protect employee data,” says McNamara. “INL has been in touch with federal law enforcement agencies, including the FBI and the Department of Homeland Security’s Cyber Security and Infrastructure Security Agency to investigate the extent of data impacted in this incident.”

According to INL, more information will be shared as the situation progresses.

Slight problem though, they didn’t protect employee or any other data: was able to download and view the hacked information. We have been able to confirm the authenticity of the leaked information from several employees. The information impacts thousands of local workers. 

A politically-motivated hacking group has claimed responsibility for the data breach on various social media platforms. is not naming the group, due to the nature of the sensitive information, which is now publicly available. 

As of 11 a.m., INL officials could not the confirm the identity of the hackers.

Lovely. John Gunn, CEO, Token has this comment:

90% of data breaches start with a successful phishing attack, yet most organizations are using 20-year old legacy multifactor authentication (MFA) technology as their primary means of securing access. So many headlines and so many breached companies. and all from the same vulnerability – people falling victim to sophisticated phishing attacks and it will only get worse as cybercriminals expand their use of AI.

This attack based on what we know is pretty bad. And I suspect that as more details emerge, the scope of how bad this is will become clear.

UPDATE: I did say that as more details emerged, the scope of how bad this is will become clear. Here’s some additional details. In a Telegram post on Sunday, hacking group SiegedSec claimed to be behind this hack.

The group claims to have accessed servers supporting its Oracle human resources applications, gaining access to detailed information of current and former employees.

Another data point, INL operates under the Department of Energy and scientists work on national security programs, including protecting critical infrastructure like the U.S. power grid. INL is also the premier lab for nuclear energy focusing on energy security, reliability and cybersecurity.

Corey Brunkow, Dir of Eng Operations, had this comment based on the above:

   “Oracle Human Capital Management is an application under the Oracle Fusion Cloud SaaS suite which is listed on the FedRAMP Marketplace with an agency authorized Authority to Operate (ATO). This SaaS has been provided authorization to operate by at least 5 separate Authorizing Agencies after going through an extensive and expensive FedRAMP process. The fact that this service was breached and could lead to the breach of the at least 10 other agencies that have provided an ATO or reused the ATO for this product leads me to conclude that the US Government’s over-reliance on exhaustive check-list based compliance and security theater through documentation is not a fail-safe against the myriad of negative outcomes in cybersecurity. Compliance programs like FedRAMP authorization is only one portion of a complete cybersecurity posture, and the current rate of threat generation and activity is much faster than any human auditor can keep pace with.

   “The negative outcome here beyond the initial breach of data is a clear national security concern due to the sensitive nature of the work and capable people that do the work at our national labs. With the data revealed through this hack, the Department of Energy should prepare for individual or organizational blackmail campaigns, individual threats, and possibly the departure of critical and highly skilled workforce members. The SiegedSec hacktivist group, now armed with detailed information about employees could pose a significant risk to the likelihood of insider threat problems due to the stress and situation that the newly breached employees now face with their personal sensitive data exposed to a hacktivist group that has previously targeted NATO entities and other government services.”

Cybersecurity Isn’t Front And Center In The Open AI Soap Opera

Posted in Commentary with tags on November 20, 2023 by itnerd

The Open AI saga is frankly a bit crazy. And it might be hard to keep track of what is going on. To that end, I’d like to point you towards this explainer by The Guardian which I think that should clear things up. At least for now. But there’s an angle of this that isn’t being covered by many which is cybersecurity. That’s where Damir J. Brescic, CISO, Inversion6 comes in to offer his opinion:

The recent development at OpenAI, particularly the departure of Sam Altman as CEO, could have significant implication for the broader AI industry. It’s more than clear that Altman and the board at OpenAI do not see eye-to-eye and that the shift in leadership, with a focus on increasing transparency and collaboration in AI research, will have a significant impact on the future of OpenAI.

I recall the story of Steve Jobs being removed from Apple, back in the day, due to a similar spat with the Apple board on the direction of the company. We all saw how that turned out – they did so well without someone steering their ship, that they had to beg Jobs to return. In his case, Jobs started another company and knew Apple was desperate that he forced them to buy it just to get him back…, you have to love capitalism!!!!

From the cybersecurity perspective, as AI systems become more integrated into our daily lives, it is essential that they are designed with cybersecurity in mind. This means that OpenAI and the broader AI community must prioritize the development of secure AI systems that are designed to protect user data and prevent cyber-attacks.

Overall, I find it interesting that Microsoft has made it known that they are interested in hiring Sam Altman to run a new advanced artificial intelligence research team.  This could change the landscape of AI as we know it.

Only time will tell, or when the Cylons take over….

I honestly have to wonder how this will turn out. And if we’ll all be working for our new AI powered overlords. Only time will tell.

Australian Government Announces $18M For SMB Cyber Security Support 

Posted in Commentary with tags on November 20, 2023 by itnerd

According to a joint announcement by Minister for Cyber Security Clare O’Neil and Minister for Small Business Julie Collins, the Australian government is pledging an $18.2 million investment to help SMBs improve their cybersecurity resilience and response as part of the 2023-2030 Australian Cyber Security Strategy.
$7.2 million will be put towards establishing a voluntary cyber health-check program for SMBs to check their cyber security maturity and gain access to educational tools and materials they need to upskill. Also, high risk SMBs will have access to “a more sophisticated, third-party assessment to provide additional security across national supply chains.”
The remaining $11 million will go towards the Small Business Cyber Resilience Service which will provide one-on-one assistance to help small businesses navigate their cyber challenges, including walking them through the steps to recover from a cyber-attack.  

“Uplifting the cyber security of our small businesses is integral to a cyber secure and resilient nation, and this dedicated support will make a huge difference in their preparedness and resilience,” O’Neil said in a statement.

According to the Australian Small Business and Family Enterprise Ombudsman, there are more than 2.5 million small businesses in Australia, making it 97% of all businesses.

George McGregor, VP, Approov Mobile Security:

   “This is an important initiative – small businesses are especially vulnerable to cyber-attacks and don’t have the resources to invest heavily in skills and technology to defend their business. They also depend heavily on services and APIs offered by larger companies and without adequate protections can inadvertently provide a path for attackers to target those services too. We need to see more of these initiatives by governments to make implementing best in class security practices easy for SMBs.”

Anything that helps SMBs to protect themselves from cyberattacks is a good thing. SMB’s get the fact that they need to be protected, but they might need some help to get them across the finish line so to speak.

Canadian Government Warns Of Data Breach Impacting 25 Years Of Public Service Employee Data

Posted in Commentary with tags , on November 20, 2023 by itnerd

In a press release on Friday, the Canadian government warned current and former public service employees and members of the Royal Canadian Mounted Police and Canadian Armed Forces that their personal and financial information may have been accessed in a data breach involving two relocation support companies.

The breach occurred on October 19th and affects federal government data that was held by Brookfield Global Relocation Services and SIRVA Worldwide Relocation & Moving Services. Data may include any personal and financial information provided to the companies from as early as 1999.

“Given the significant volume of data being assessed, we cannot yet identify specific individuals impacted,” said the release.

“The Government of Canada is not waiting for the outcomes of this analysis and is taking a proactive, precautionary approach to support those potentially affected.

Jason Keirstead, VP Collective Threat Defense, Cyware had this comment:

   “Breaches that involve third-party subcontractors are increasingly one of the most challenging issues to manage on an organization’s risk register. One way an organization can reduce their own risk is by leveraging their capabilities to help protect their suppliers – for example by sharing both threat intelligence and defense information downstream with their supply chain.”

Given that Canada has very robust laws when it comes to this sort of thing, I fully expect that a robust investigation will take place. And I will be looking to see what the Canadian Government does to stop this sort thing from happening in the future based on said investigation.

There’s So Much Twitter News Today That I Created A Roundup For Your Reading Pleasure

Posted in Commentary with tags on November 20, 2023 by itnerd

It’s one of those days where news about Twitter is everywhere. Thus here’s the highlights for you to peruse.

The latest hit to Twitter’s bottom line comes from the UK Government. According to The Telegraph, they’ve completely pulled ads from Twitter. While they claim that this was a move that was planned in advance and has nothing to do with Elon Musk being antisemitic, that’s going to hurt Twitter seeing that the UK Government is still spending a lot of money on other forms of social media. And for the record, I do not believe that this has nothing to do with Elon Musk being antisemitic. I think that’s the excuse that they are using to avoid blow back from Elon.

Meanwhile, an author has said that Elon has banned meetings of more than two Twitter employees as he feared that someone in those meetings would sabotage him or the company. Talk about paranoia:

Elon Musk grew so paranoid when he was CEO of X, formerly Twitter, that he banned meetings of more than two employees, the author of “Breaking Twitter” told Business Insider.

“There’s a lot of examples of Elon spiraling out of control,” Ben Mezrich said in an interview. “He got so paranoid at one point that he disallowed any meetings of more than two people at Twitter because he was afraid of a mutiny.”

Mezrich said the Tesla CEO was afraid employees would sabotage the site and that there was a plot to bring him down.

This says a lot about Elon’s state of mind. And his state of mind at the moment doesn’t appear to be in a good place. Which means that we might expect him to do more and more irrational and extreme things as the pressure mounts on him.

Embattled Twitter CEO Linda Yaccarino appears to be rolling the dice on her son to help to turn the fortunes of Twitter around:

Linda Yaccarino, the CEO of X, formerly Twitter, has turned the service’s Hail Mary bet on an imagined $100 million political advertising business over to someone she trusts: her son Matt Madrazo.


In recent weeks, Madrazo, who previously headed ad sales at the non-political, creator-focused media firm Studio71, has been privately introducing himself to influential figures in the political ad world in Washington, D.C. He’s part of what’s essentially a two-man operation to restart X’s political advertising business with the goal of capitalizing on the massive amounts of money that campaigns are about to spend during the 2024 elections.

According to three people with knowledge of the situation, Madrazo has been tasked with outreach to Republican digital advertising firms and spenders. Jonathan Phelps, a Pandora and Univision veteran who also joined X in recent months, is handling the platform’s (far less promising) outreach to Democrats. Working occasionally out of Tesla’s D.C. offices, the duo are hoping to resuscitate a line of cash at a moment when the company is desperate for new revenue.

This really has the feel of being a Hail Mary to be honest. But I am free to surprised as I can see scenarios where the Republican Party spends money on Twitter because the platform is full of right wing types that would be receptive to their message. Whether that’s enough to fill Twitter’s bank account with cash to allow it to survive, I’m not sure. But like I said, I am free to be surprised.

Finally, if you need a quick refresher in terms of how we got to this point, this will help you. It really does a good job of spelling out what happened to lead us to where we are today without consuming a ton of your time.

Linda Yaccarino Is Facing Calls For Her To Quit Twitter

Posted in Commentary with tags on November 20, 2023 by itnerd

If Twitter CEO Linda Yaccarino isn’t reconsidering her decision to join Twitter, friends and colleagues are saying that she should be according to this story. Check this out:

X CEO Linda Yaccarino, the longtime NBC advertising executive tapped to bring back revenue and credibility to the company from big advertisers, is facing her own credibility crisis as advertisers halt spending over Elon Musk’s endorsement of antisemitic abuse on the social media platform.

Forbes has confirmed that Yaccarino has been contacted by a groundswell of leading advertising executives who questioned why she is risking her reputation to shield Musk’s behavior—and suggested that she could make a statement about racism and antisemitism by stepping down.

The fact that Yaccarino is still there speaks volumes in my opinion. Especially because of this:

The personal outreach to Yaccarino by leading advertising executives comes as X, previously known as Twitter, struggles to right itself under its mercurial owner and to battle the advertiser-unfriendly content his behavior has emboldened. After nearly a dozen years at NBCUniversal as its top advertising executive, where she also launched a partnership with the Foundation to Combat Antisemitism, Yaccarino was brought in six months ago to ease advertisers’ nerves over the surge in hate speech and other toxic content on Twitter since Musk bought the platform for $44 billion.

So Yaccarino launched a partnership with the Foundation to Combat Antisemitism, which means that she is sensitive to this issue. But she won’t address this issue in any way other than some meaningless words when it comes to Twitter, the company she now is the CEO of. That further validates what I said here:

The fact is that she’s got to know that everything that her buddy Elon is doing is killing Twitter. And she’s letting it happen. Maybe she hasn’t got the will to speak truth to power? Maybe she’s outright complicit in everything that Elon is doing? I don’t know. But I do know this. None of this is a good look for her.

I don’t know if she’s complicit in all of this or she hasn’t got the will to stand up to Elon. But I do know this. Her reputation is in a tailspin right now. And maybe Yaccarino should listen to her friends and colleagues and quit Twitter to save what’s left of her reputation before it’s too late.

Black Friday/Cyber Monday Data Shows 135% Increase in Fake Online Retail Stores: Netcraft

Posted in Commentary with tags on November 20, 2023 by itnerd

Netcraft, a cybersecurity company specializing in phishing detection, cybercrime disruption, and website takedown, has revealed new research that identified a staggering 135% increase in fake retail sites compared to last year – up from the 63% increase over the previous year. The annual increase has more than doubled in the last 12 months, and the growth is alarming. 

Netcraft’s new report analyzes prominent fake retail websites and cybercriminals’ techniques for tricking users and ultimately impacting brand credibility and reputation. 

The data provides real examples of fraudulent retail sites Netcraft detected and since taken down, including fake shops with Black Friday promo targeting Lowe’s, Rakuten, and Vionic Shoes. 

You can read the report here.