Archive for November 29, 2023

Two Million Impacted By HR Analytics Platform Breach

Posted in Commentary with tags on November 29, 2023 by itnerd

This week, human resources data analytics company Zeroed-In Technologies sent out data breach letters to 2 million people who were affected by an August breach of its systems, including customers of retailers Dollar Tree and Family Dollar. 

A Fort Myers, Florida-based data company, the company provides a cloud-based HR analytics platform to collect, analyze, and visualize workforce data. According to the company’s website, it has 30K registered users.

Zeroed-In discovered suspicious activity in some of their systems on August 8th, 2023. Their investigation concluded August 31st and three months later on November 27th, they informed the Maine Attorney General’s office and began sending out notification letters. The company claims it’s “providing notice to individuals and regulators, as required.” But Florida law requires companies to report breaches in 30 days or less:

Florida Statutes 501.171

  • (3) NOTICE TO DEPARTMENT OF SECURITY BREACH.—
  • (a) A covered entity shall provide notice to the department (of Legal Affairs) of any breach of security affecting 500 or more individuals in this state. Such notice must be provided to the department as expeditiously as practicable, but no later than 30 days after the determination of the breach or reason to believe a breach occurred.


“… Zeroed-In conducted a review of the contents of the systems to determine what information was present at the time of the incident and to whom the information relates.” Files accessed in the hack included:

  • Names
  • DOBs
  • SSNs 

Troy Batterberry, CEO and founder, EchoMark:

   “When these serious breaches happen, “time to detect” and “time to remediate” are critical benchmarks to stop the “information bleeding”. Logging and monitoring are important aspects of the forensics analysis to detect and remediate breaches. However, we know they often do not go nearly far enough to pinpoint the source of data exfiltration quickly. This is especially true when an insider is involved, or their computing assets have been compromised. Information watermarking is a new technology that can help expedite time to remediate and help get the business up and running again.”

Let’s see what Florida does to Zeroed-In Technologies as it appears that Florida law was not followed in this case. And if that’s true, I hope that Florida makes an example of this company as that will give others a huge incentive to play by the rules and do what they are supposed to do when it comes to data breaches.

Leave a comment »

Bad Bots Make Up 30% Of Web Traffic And 68% Of Sites Are Unprotected

Posted in Commentary with tags on November 29, 2023 by itnerd

According to a DataDome report released yesterday, bots with malicious intent make up over 30% of all internet traffic and 68% of US websites are unprotected against bot attacks.

Of the over 9,500 large-company, US-based websites tested:  

  • 68.2% let through all nine different types of bots  
  • 10.2% blocked all false bot requests 
  • 21.6% detected and blocked some of the bots

Evidentiary of the findings is that CAPTCHAs are no longer effective against malicious bots. Of sites equipped with a CAPTCHA tool:

  • Less than 5% detected and blocked all bots  
  • 77% failed to stop even a single bot 

For sites with specialized bot detection and a CAPTCHA tool:

  • 15% blocked all bad bots
  • 30% blocked some 
  • 55% failed to block any

“Bots are becoming more sophisticated by the day, and U.S. businesses are clearly not prepared for the financial and reputational damage these silent assassins can cause,” Antoine Vastel, head of research at DataDome.

Ted Miracco, CEO, Approov Mobile Security had this comment:

   “The diminishing effectiveness of CAPTCHAs against malicious bots raises alarms, emphasizing the need for advanced bot detection measures. While this report sheds light on web vulnerabilities, it’s also crucial to recognize that bots can exploit weaknesses in mobile apps and their APIs, adding an additional blind spot. A comprehensive security strategy should include fortifying defenses across the entire digital ecosystem, including robust protection for the web, mobile apps and all APIs. This report serves as a wake-up call for organizations to invest in robust bot protection strategies to safeguard their online presence.”

Now the CAPTCHA’s are no longer effective, I hope someone is coming up with a “plan B”. Because it won’t take long before the bots take over the web if there isn’t one.

Leave a comment »

Remember The Okta Hack Where They Explained It Only Impacted 1% Of Customers? It Was Actually 100% Of Customers.

Posted in Commentary with tags on November 29, 2023 by itnerd

Okta has released a new statement in relation to that hack that they had a while ago. At the time, they said it only affected 1% of customers. Well, that statement that I referred to one sentence ago says something different:

We have determined that the threat actor ran and downloaded a report that contained the names and email addresses of all Okta customer support system users. All Okta Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) customers are impacted except customers in our FedRamp High and DoD IL4 environments (these environments use a separate support system NOT accessed by the threat actor). The Auth0/CIC support case management system was also not impacted by this incident. 

The threat actor ran a report on September 28, 2023 at 15:06 UTC that contained the following fields for each user in Okta’s customer support system: 

Created DateLast LoginFull NameUsernameEmail
Company NameUser TypeAddress[Date of] Last Password Change or ResetRole: Name
Role: DescriptionPhoneMobileTime ZoneSAML Federation ID

The majority of the fields in the report are blank and the report does not include user credentials or sensitive personal data. For 99.6% of users in the report, the only contact information recorded is full name and email address. 

Okta has around 18,000 customers according to the company’s website. So that’s a major problem for Okta. And an equally major problem for any Okta customer. And the fact that there’s no credentials in this report that the threat actors ran is irrelevant. A threat actor could still use this information to launch phishing attacks against any Okta customer to pwn them. Even if only 1% of those customers get pwned via a phishing attack or some other attack, it’s 1% too many.

Now to be fair, Okta does suggest the following mitigations be implemented ASAP:

We recommend all customers immediately take the following actions to defend against potential attacks that target their Okta administrators.  

  • Multi-Factor Authentication (MFA): We strongly recommend all Okta customers secure admin access using MFA at a minimum. We also strongly encourage customers to enroll administrative users in phishing resistant authenticators (such as Okta Verify FastPass, FIDO2 WebAuthn, or PIV/CAC Smart Cards) and to enforce phishing resistance for access to all administrative applications. Please refer to product documentation to enable MFA for the admin console (Classic or OIE).
  • Admin Session Binding: As communicated in the Security Incident RCA, customers can now enable an Early Access feature in Okta that requires admins to reauthenticate if their session is reused from an IP address with a different ASN (Autonomous System Number). Okta strongly recommends customers enable this feature to further secure admin sessions.
  • Admin Session Timeout: To align with NIST AAL3 guidelines and increase the security posture of every customer, Okta is introducing Admin Console timeouts that will be set to a default of 12-hour session duration and a 15-minute idle time. Customers will have the option to edit these settings. This will be available as an Early Access feature starting November 29th for preview orgs and December 4th for production orgs. The feature will be available for all production orgs by January 8th, 2024. An email was sent to all Super Admins regarding this change on November 27th, and a copy of that communication can be found in the Knowledge Base article: Admin Session Lifetime/Idle Timeout Security Enhancements.
  • Phishing Awareness: In addition, Okta customers should be vigilant of phishing attempts that target their employees and especially wary of social engineering attempts that target their IT Help Desks and related service providers. We recommend Okta customers implement our industry-leading, phishing-resistant methods for enrollment, authentication, and recovery. Please see Okta Solutions for Phishing Resistance for more information on protecting your organization from phishing. We also strongly recommend that customers review their IT Help Desk verification processes and ensure that appropriate checks, such as visual verification, are performed before performing high risk actions such as password or factor resets on privileged accounts.

While all of this is good advice, it doesn’t change the fact that this event really reflects poorly on Okta and I am not sure how any Okta customer could ever trust the company again. Which means that Okta really has to explain why customers should trust them going forward. And they need to do it fast.

Leave a comment »

Mujjo’s Leather Cases Named A Top Pick By Wirecutter

Posted in Commentary with tags on November 29, 2023 by itnerd

As many of you know, Apple stopped making leather cases for the iPhone 15 because of the environmental impact. Instead, they’ve gone to making what they call “FineWoven” cases. I’ve already had my say on that, but what do you do if you want a quality leather case. According to Wirecutter, you go out and get a Mujjo case:

Apple no longer makes a leather case for iPhones, but Mujjo’s leather case comes closest to the look and feel once offered by Apple. Mujjo’s case is made of high-quality leather and has a microfiber lining and clicky metal buttons. It also delivers solid all-around protection.

You can read the full review here. And here are links to some of Mujjo’s cases:

Leave a comment »

Guest Post: Internet Use Lowers Death Risk In Adults Aged 50 And Above

Posted in Commentary with tags on November 29, 2023 by itnerd

A new study reveals some unexpected health benefits of internet usage, especially for older adult populations.

According to the data presented by the Atlas VPN team, internet users aged 50 and older have a 33% lower risk of death than non-users. Engaging with new social connections and maintaining existing ones through the internet reduces social isolation and depressive symptoms, thereby decreasing the risks of death.

Additionally, older adults who use the internet have a 19% lower risk of a stroke than those who do not. Internet use among individuals aged 50 and above is also associated with a 17% lower risk of diabetes.

Utilizing web resources on maintaining diet, activity, and routine health screenings allows users to better monitor and safeguard their health.

Cybersecurity writer at Atlas VPN, Vilius Kardelis, shares his thoughts on internet usage for older adults:

“Increasing internet access for older adults appears as a promising approach to reduce risks of cardiovascular diseases and premature mortality mediated by relieving depressive symptoms. But societies must ensure underprivileged older citizens share the connectivity perks while remaining aware of risks such as internet addiction.”

Results vary by region

While the internet use strongly protects the over-50 population, the degree of risk reduction differs across the four regions analyzed.

Older adults who use the internet in China are 30% less likely to get diabetes or have a stroke than non-users. In addition, they have a 44% lower risk of mortality.

Mexicans aged 50 and above who use the internet have an 8% lower risk of diabetes, 1% lower odds of stroke, and a 9% lower risk of death.

Internet users in the US have a 42% lower risk of death than non-users. Besides that, they also have a 13% lower odds of diabetes and a 16% lower risk of stroke. On the other hand, Europeans who use the internet have a 40% lower risk of mortality, 25% lower odds of stroke, and 14% lower risk of diabetes.

To read the full article, head over to: https://atlasvpn.com/blog/internet-use-lowers-death-risk-in-adults-aged-50-and-above

internet-use-lowers-death-risk-in-adults-aged-50-and-above

1 Comment »

Technology’s Growing Impact On Canada’s Workforce And Economy Detailed In New CompTIA Report

Posted in Commentary with tags on November 29, 2023 by itnerd

Nearly 300,000 technology jobs have been created in Canada over the past six years, with more employment growth projected in 2023, according to a report from CompTIA, the nonprofit association for the information technology (IT) industry and workforce.

Net tech employment reached an estimated 1,352,210 workers in 2022 and is projected to grow by 1.3% this year, to nearly 1.4 million workers, CompTIA’s “State of the Tech Workforce Canada” reveals. All provinces are projected to see an increase in tech employment this year, with nearly 60% of growth in the Toronto, Montreal and Vancouver metro areas.

Software engineers and designers, IT support and network technicians, database analysts and administrators, and computer and information system managers are the occupations in highest demand, CompTIA’s examination of employer job postings shows. Nearly one-fourth of job postings were for positions in emerging technologies. Slightly more than half of tech job postings in 2022 specified a required level of work experience, with the remaining 40% unspecified.

The Toronto metropolitan area has the highest concentration of technology workers as a percentage of its overall workforce (10.3%), well above the national benchmark (6.6%). Vancouver (8.6%), Montreal (8.5%) and Calgary (6.9%) also are above the national rate.           

The tech industry – nearly 55,000 business establishments – delivers a direct economic impact estimated at $113.4 billion CAD, approximately 5.5% of the overall Canadian economy, an increase from $104.6 billion CAD in the prior year. There are also downstream indirect benefits, such as the employment multiplier effect of technology ecosystems. The estimated median annual wage for a technology worker in Canada is $88,233 (CAD), which is 48% higher than the median national wage for all occupations.

CompTIA’s “State of the Tech Workforce Canada” provides an in-depth look at employment, economic impact, technology trends, salaries, hiring activity and more across the provinces and metropolitan areas of Canada. The report draws upon a number of data sources including Lightcast, Canadian government statistics (StatsCan), CompTIA and others. The full report is available at https://www.comptia.org/content/research/comptia-state-of-tech-workforce-canada.

Leave a comment »