Archive for August 21, 2024

Microchip Technology Pwned In Cyberattack

Posted in Commentary with tags on August 21, 2024 by itnerd

It has been disclosed via a regulatory filing with the SEC that Arizona based Microchip Technology has been pwned in some sort of cyberattack:

On August 17, 2024, Microchip Technology Incorporated (the “Company”) detected potentially suspicious activity involving its information technology (“IT”) systems. Upon detecting the issue, the Company began taking steps to assess, contain and remediate the potentially unauthorized activity. On August 19, 2024, the Company determined that an unauthorized party disrupted the Company’s use of certain servers and some business operations. The Company promptly took additional steps to address the incident, including isolating the affected systems, shutting down certain systems, and launching an investigation with the assistance of external cybersecurity advisors. 

As a result of the incident, certain of the Company’s manufacturing facilities are operating at less than normal levels, and the Company’s ability to fulfill orders is currently impacted. The Company is working diligently to bring the affected portions of its IT systems back online, restore normal business operations and mitigate the impact of the incident. 

As the Company’s investigation is ongoing, the full scope, nature and impact of the incident are not yet known. As of the date of this filing, the Company has not yet determined whether the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.

Ted Miracco, CEO, Approov had this to say:

   “Microchip Technology’s involvement in sectors like aerospace, defense, and communications makes it a strategic target for cyberattacks. Given the nature of this attack, the most likely culprits would be nation-states including Russia, Iran, or North Korea, rather than China. While China typically focuses on intellectual property theft, especially in the semiconductor industry, the attack on Microchip Technology seems more aligned with the disruptive tactics often employed by Russia and Iran or the financially motivated ransomware attacks linked to North Korea. 

   “The disruption of multiple manufacturing facilities aligns with the strategic goals of nation-states like Russia and Iran, which have a history of cyber operations intended to cause chaos or weaken their adversaries. This contrasts with China, which usually aims to acquire technology and trade secrets to bolster its own industries. This attack underscores the importance of maintaining resilience in manufacturing operations, especially those integral to national security.”

 Tom Marsland, VP of Technology, Cloud Range follows with this comment:

“The 8-K filing does not go into any more details than what is necessary for the report to the SEC, so this is definitely an item that requires closer observation. This goes along with other attacks we’ve observed, such as Volt Typhoon, probing our infrastructure and threatening our utilities, manufacturing, and defense industrial base. I am pleased to see the quick reporting by Microchip, and remain eager to see what our government will do to protect critical infrastructure, which includes suppliers such as Microchip. These companies can be major points of failure for the defense, manufacturing and other critical industries, and will undoubtedly remain a large target as threat actors try to find weak points in our supply chains.

Unfortunately, these companies are big targets because of the potential for disruption to the defense industrial base and/or various sectors of critical infrastructure. It’s one thing to directly attack defense networks, which is largely difficult to do, but if a company that is responsible for helping them “keep their lights on”, so to speak, can be attacked easier, that’s where the threat actors tend to go.

Our government needs to lean in on helping investigate these attacks, and consider an attack on our critical supply chains, on our utilities and critical infrastructure, and on our defense industrial networks as attacks on the United States itself, and take appropriate actions, especially if this is determined to be a nation-state actor.  On the regulatory side, there needs to be incentives for these companies to keep their networks secure. Oftentimes, the cost of the breach is on par with the proper security controls that could’ve been in place from the beginning. Increasing oversight and penalties for companies that do not have adequate security controls is a necessary and logical next step.”

Given how important the chip sector is to the US and beyond, this is something that will need to be watched closely. And besides that, Microchip Technology needs to disclose what happened, and how they will stop it from happening again.

Leave a comment »

Fortra Unveils Interoperable Bundles for Email Security

Posted in Commentary with tags on August 21, 2024 by itnerd

Fortra announced today the availability of new Core, Advanced, and Elite bundles for Email Security. These new bundles bring together multiple Fortra products and services to provide comprehensive protection across the entire email threat lifecycle. 

Fortra’s new Core email security bundle includes:

  • Cloud Email Protection – an integrated cloud email security solution (ICES) that uses AI, threat intelligence, and automation to detect and remediate advanced email threats.
  • Terranova Security Awareness Training – a comprehensive training solution that enables organizations to develop positive security behaviors and measurably reduce human risk. 
  • Suspicious Email Analysis – expert triage and response to suspicious messages reported by users, ensuring timely user feedback and prompt threat remediation. 

The Advanced Email Security bundle includes all solutions in Core and adds Agari DMARC Protection, which prevents email domain spoofing by simplifying policy deployment and ongoing monitoring. The Elite bundle includes all solutions in Advanced but adds PhishLabs’ Domain Monitoring to proactively detect and suspend look-alike domains, which are often used in phishing attacks, BEC, and other threats.

To learn more about Fortra’s Email Security bundles, visit: https://emailsecurity.fortra.com/resources/datasheets/fortra-email-security-bundles-datasheet.

Leave a comment »

The Banks Who Gave Elon Musk Money To Buy Twitter May Be Reconsidering Their Life Choices

Posted in Commentary with tags on August 21, 2024 by itnerd

A Reuters story lays out the pain and suffering that banks who were dumb enough to lend Elon Musk money to buy Twitter are going through. Here’s the reason why they are suffering:

Banks typically sell such loans to investors at the time of the deal. But Twitter’s lenders, led by Morgan Stanley, could face billions of dollars in losses if they tried to do so now, as investors shy away from buying risky debt during a period of economic uncertainty, market participants said. In addition, Twitter has seen advertisers flee amid worries about Musk’s approach to policing tweets, hitting revenues and its ability to pay the interest on the debt.

The biggest chunk of the debt — $10 billion worth of loans secured by Twitter’s assets — might have to be written down by as much as 20%, one of the sources said. The hit on the loan, distributed among seven banks, could probably be managed by most of the firms without creating a significant hit to profits, the source added.

Another one of the three sources with direct knowledge of the matter estimated that some banks might only take a 5% to 10% writedown on the secured portion of the loan.

The deliberations of how some of these banks are thinking about accounting for these losses have not been previously reported. They come as Wall Street banks are bracing for lower fourth-quarter earnings due to a slump in investment banking revenue and a rise in loan-loss reserves amid a weakening global economy.

Three banking industry sources said the remaining $3 billion, which is unsecured, could lead to steeper losses for the seven Twitter banks. Reuters could not determine how much the banks were planning to write down the unsecured portion of the debt.

The thing is that banks don’t like to lose money. So if it hasn’t happened already, the banks will want Elon to restructure this debt so that the banks lose less money. That ties into the fact that he might have to sell more Tesla stock to keep the banks happy. It will be interesting for those who watch the dumpster fire that is Twitter and the dumpster fire that is Tesla to see what happens next.

Leave a comment »

New Research Reveals Attackers Mimicking Tech Companies’ Domain Using Typosquatting Techniques

Posted in Commentary with tags on August 21, 2024 by itnerd

In today’s digital landscape, cybercriminals are constantly finding new sophisticated ways to compromise corporate systems. An example of a clever tactic used: typosquatting- an attack style that intentionally includes misspelled characters in the domain name that at a quick glance to the average user, may appear to be legitimate. Interacting with the fake domain may set the user up for a potential phishing attack.

Cado Security has released their latest blog, which discovered a domain that closely resembled the Cado corporate domain.

During a routine check, Cado discovered that just three days prior and before any damage had been done, the domain resembling the Cado domain, had been registered that contained a character substitution similar to what is seen for typosquatting attacks. Analysis revealed that not only was the domain being mimicked, but also several other tech companies’ domains have been targeted in a similar fashion.

This blog will discuss how this domain was identified, and the steps taken following discovery. You can read the blog here.

Leave a comment »