Archive for July 22, 2024

L.A. County Courts Pwned In Ransomware Attack

Posted in Commentary with tags on July 22, 2024 by itnerd

This isn’t a good look. The L.A. County Courts, as in all of them, have been shut down because they were hit with a pretty devastating ransomware attack:

The attack was detected Friday and doesn’t appear to be related to the CrowdStrike software update that paralyzed Windows computers around the world and affected governments, airlines and other agencies last week, court officials said in a Sunday news release. 

This closure extended to all 36 courthouses in the county, and officials did not expect it to last beyond Monday.

“While the Court continues to move swiftly towards a restoration and recovery phase, many critical systems remain offline as of Sunday evening,” presiding Judge Samantha Jessner said in the release. “One additional day will enable the court’s team of experts to focus exclusively on bringing our systems back online so that the Court can resume operations as expeditiously, smoothly and safely as possible.”

The affected court systems span the My Jury Duty Portal and the court’s website, as well as the court’s case management systems, according to the release.

Rogier Fischer, CEO, Hadrian had this to say:

It was prudent from the court’s side to clarify that the whole incident is unrelated to the Crowdstrike-Microsoft incident, noted Rogier Fischer, CEO of Netherlands-based cybersecurity company Hadrian.”Apart from the legal obligations, it becomes a moral obligation of the key stakeholders of a cybersecurity incident to clear the air and shut the possibilities of any form of miscommunication,” he said.According to him, organizations hit by a ransomware attack must immediately execute these basic defense steps: isolate the infected systems and notify the respective IT department, senior management, and relevant authorities such as the FBI or CISA.”Investigate the scope of the attack, document your actions, and carefully decide whether to pay the ransom, consulting legal counsel and cybersecurity experts. Finally, restore systems from clean backups, implement stronger security measures, and communicate transparently with stakeholders while reviewing the incident to improve future responses,” he added. 

It appears that even the justice system isn’t immune from cybercrime. Thus it reinforces that everyone needs to take action to make cybercrime less devastating than it is now.

Leave a comment »

A New And Slightly Different Canada Post Delivery #Scam Email Is Making The Rounds

Posted in Commentary with tags on July 22, 2024 by itnerd

Today in my inbox I got a new Canada Post delivery scam email that I want to share with you. Let’s dive in.

Let’s start with what’s wrong with this email. For starters, Canada Post would never send you an email like this. Besides that, that there’s no name, address or tracking number on this email. Those should be immediate red flags. Then there’s this:

    An email address that isn’t Canada Post. #Fail.

    So far this is a pretty low effort scam email that is likely to have a success rate that is close to zero. But what would they be after. Not that you should, but I clicked on the “My Package” button and I got taken to this website.

    The first #Fail with this website is that if you look at the address bar, this website isn’t Canada Post as the real website is https://www.canadapost-postescanada.ca. So that should scare you into running from this website as quickly as possible. But let me go deeper to find out what their game is.

    I haven’t typed in a single thing and it somehow knows that a delivery attempt was made. How is that possible? It isn’t is the correct answer. But if you ignore that, I apparently owe $2.99. Seeing as there’s nothing that identifies me, I don’t know how that is possible as well.

    First it asks for your name and address. You can see that I filled in some information.

    And here we go. It’s asking for my credit card info. That’s interesting seeing as the email that I got said this.

    I guess they’re hoping that you won’t notice that part. Now I couldn’t get past this point as this website had code to validate that the credit card was legitimate. But I think that you get the point. It’s one of many Canada Post delivery scams that has a slightly different flavour in order to fool you. Thus if you see this email hit your inbox, delete it and move on with your life.

    Leave a comment »

    769 Million Records Exposed in Mexico’s Largest ERP Software Provider Data Breach 

    Posted in Commentary with tags on July 22, 2024 by itnerd

    Documents belonging to ClickBalance, Mexico’s largest Enterprise Resource Planning (ERP) technology providers, were exposed as reported by cybersecurity researcher Jeremiah Fowler.

    What happened: 769,333,246 records with a total size of 395 GB were exposed. The database contained email addresses, API keys, IP addresses, payments indicating the bank name, account number, ID numbers, and much more.

    Why it matters: A data breach of any company that provides ERP or data services can have severe potential long term consequences, as cyber criminals could exploit exposed credentials to gain unauthorized access to applications, databases, and other services.

    If you want to know more about Jeremiah’s findings you can read the full report here: https://www.websiteplanet.com/news/clickbalance-breach-report/

    UPDATE:  BullWall Executive, Carol Volk had this comment:

    “There is no escaping our reliance on the supply chain. The fact that so many links in that chain have not even the most basic cyber defenses in place, assures us that our data will be used against us and our networks in future attacks. Being prepared for that eventuality is our only option if we wish to remain in business. 

       “With the average recovery cost from a ransomware attack exceeding $2.7 million in 2024, events such as the ClickBalance data exposure remind us that Cyber defensive systems are table stakes and not optional. Seriously, when your data is freely available to hackers, including access tokens, API keys, secret keys, bank account numbers, tax identification numbers, and email addresses, you’d better be following best practices in your defensive stack and make sure you’ve included a ransomware containment system for the day your exposed data comes back to attack you.”

    Leave a comment »

    HP launches world’s highest performance AI PC and only trusted-integrated AI model development platform

    Posted in Commentary with tags on July 22, 2024 by itnerd

    HP recently announced two new innovations to make it easier for business leaders, IT decision makers and users to unlock the power of AI, including the world’s highest performance AI PC and the first integration of a trust framework into an AI model development platform.

    With only 33% of data scientists who are satisfied with their current AI tools and 81% who lack confidence in their company’s ability to deploy them, both products underscore the company’s commitment to make AI real for organizations and people with transformative experiences across its PCs, software and partner ecosystem.

    • New Updates to Z by HP AI Studio: HP is adding new capabilities to the Z by HP AI Studio, the world’s most comprehensive workstation solution for AI development. The platform empowers data scientists and AI creators to create models they trust with the integration of Galileo by Z, making HP the only manufacturer to develop an AI platform for workstations with built-in generative AI trust for LLM development.
    • Experiencing AI on HP PCs:
      • The new HP OmniBook Ultra enables users to run workloads faster, customize models and maintain privacy – all locally on the device.
      • The HP OmniStudio X All-in-One Desktop PC offers creation and entertainment in a sleek modern design with built-in-AI features.

    Canadian Pricing + Availability:

    • Z by HP AI Studio with Galileo integration is expected to be available in the fall of 2024.
    • The HP OmniBook Ultra 14-inch Next Gen AI PC will be available in mid-September starting at $1,899 CAD.
    • The HP OmniStudio X 27- and 31.5-inch All-In-One Desktop PCs will also be available in September starting at $2,299 CAD.

    Leave a comment »

    Microsoft Comes Up With A Tool To Fix The Issues Caused By CrowdStrike

    Posted in Commentary with tags , on July 22, 2024 by itnerd

    Since Friday, I’ve been fixing the the issue where Windows computers blue screen on startup because of a bad antivirus update from CrowdStrike. The basic fix takes about five minutes. But it’s five minutes per computer that you need to have physical access to. Which means it will take days for a decent sized company to get back up and running.

    Enter Microsoft. They’ve come out with a recovery tool that creates a USB stick that fixes the issue faster than either you or I can. And on top of that, if the drive is encrypted with Microsoft’s BitLocker encryption, it will prompt for the BitLocker recovery key. Which hopefully you have handy. Regardless, this will speed up getting this issue dealt with. Kudos to Microsoft for helping to fix CrowdStrike’s screw up.

    You can get this tool here along with instructions on how to use it.

    Leave a comment »