Archive for October 22, 2024

The Internet Archive Has Been Pwned Again

Posted in Commentary with tags on October 22, 2024 by itnerd

The Internet Archive has experienced yet another breach, this time involving their Zendesk email support platform with 800+ support tickets, despite warnings about stolen GitLab authentication tokens by threat actors.

“It’s dispiriting to see that even after being made aware of the breach weeks ago, IA has still not done the due diligence of rotating many of the API keys that were exposed in their gitlab secrets,” reads an email from the threat actor.

Since Saturday night, BleepingComputer reported receiving multiple emails from individuals who got replies to old Internet Archive removal requests, alerting them to the breach caused by the organization’s failure to properly rotate their stolen authentication tokens.

Recipient of these emails told BleepingComputer that they had to upload personal identification when requesting a removal of a page from the Wayback Machine.

“Whether you were trying to ask a general question, or requesting the removal of your site from the Wayback Machine your data is now in the hands of some random guy. If not me, it’d be someone else,” the threat actor’s email continues.

Steve Hahn, EVP Sales US, BullWall had this to say:

  “Multiple successive attacks is unfortunately the norm, not the exception. When a threat actor has a successful attack they have typically spent months in the environment undetected. They have worked for long term persistence. Setting up dozens or hundreds of back up accounts and credentials, running scripts to cover their tracks, set up fresh, unprotected VMs, done vulnerability scans, laid second wave traps, such as embedding malicious macros into internal documents that will launch a whole new attack. The latter is quite crafty. We all know we shouldn’t “enable macros” on any file we get from an untrusted source, but when it’s on an internal share and it’s a document you use regularly, you have no hesitancy to hit the “enable macros” button. In terms of how often a company is hit in successive attacks, I’ve seen numbers as high as 78% and that does ring true to my personal observations.”

It’s bad enough that this site got pwned. But to get pwned three times is insane. Hopefully the Internet Archive takes steps to make sure that there is not a fourth time as this is pretty embarrassing.

Leave a comment »

New Targus rolling laptop case makes commuting effortless for those carrying a heavy workload

Posted in Commentary with tags on October 22, 2024 by itnerd

Targus today announced the arrival of its new 16” Transit 4-Wheel Rolling Laptop Case designed for commuting professionals and students who regularly carry a heavy workload. This durable, lightweight four-wheel roller simplifies mobile lifestyles by allowing professionals and students on the go to stay organized and productive throughout their day, while keeping their tech and gear protected. 

 According to a May 2024 Gallup survey that analyzed work arrangements and locations among U.S. full-time, remote-capable employees, 53% of respondents work in hybrid environments while 21% work on-site. Additionally, a recent Pew Research Center survey found that three in five American workers do not have jobs that can be carried out remotely. 

The 16” Transit 4-Wheel Rolling Laptop Case (TBR044GL) is a sleek, classic-looking laptop case that is durable, lightweight, and easy to maneuver with its smooth, four-wheel rolling design. It features a large main compartment for garments, files, or books and a secondary compartment with a padded sleeve to store and protect a 15-16” laptop. It has other travel-friendly features, as well, like a top quick-access pocket for small essentials, front pocket with organization panel, and hideaway telescopic handle that stores neatly away. It is perfectly suited for carrying through airport checkpoints and storing onboard a flight with ease and efficiency. Compact and lightweight, this rolling laptop case is 16.25”x8.0”x17.0” (L x W x H) and weighs ~5.31 lbs. while still offering plenty of spacious compartments for tech and personal items. Durable and made to last, this high-quality rolling laptop case is backed by a Limited Lifetime Warranty.

The new 16” Transit 4-Wheel Rolling Laptop case can be purchased now at Targus.com and participating retailers. For additional product details, availability, and pricing, visit Targus.com

Leave a comment »

Security Breach Exposes Data From UN Women 

Posted in Commentary with tags on October 22, 2024 by itnerd

Recently, cybersecurity researcher Jeremiah Fowler discovered an unsecured database revealing 115,000+ records and 228 GB of data tied to the UN Women. This crucial organization aids global efforts to combat gender-based violence and champion women’s rights. 

The exposed data included highly sensitive materials like victim’s accounts, financial summaries, passport scans, staff lists, and funding requests. Some files contained personally identifiable information (PII) and confidential details, posing significant privacy risks for charity workers and beneficiaries

You can read the detailed report here: https://www.vpnmentor.com/news/report-unwomen-breach/

Leave a comment »

Rogers And Other Canadian Telcos Have Given You A Great Reason To Ditch Using Their Hardware For Their TV Services

Posted in Commentary with tags on October 22, 2024 by itnerd

Rogers isn’t exactly well loved by Canadians. In fact, no Canadian telco really is. But Rogers specifically is in the crosshairs of many Canadians because of price increases that many Rogers customers weren’t specifically told of. A few Rogers customers went public with CBC a few days ago to express their displeasure:

Here’s the core issue. Rogers customers are seeing unexpected increases in TV box rental fees by $7 a month. Something that Rogers is able to do because it’s buried in the fine print of their contract. That in my opinion is fine if it is properly disclosed to customers before they sign on the dotted line. But in many of the cases that have come to light, that hasn’t happened. Thus customers are mad. To be fair, Rogers aren’t the only Canadian telco that does this. I’ve heard of TELUS and Bell doing something similar with their equipment rentals.

My advice is that if you must get TV from a big three telco, don’t rent their TV hardware. Bell has the Fibe TV app on a variety of platforms. TELUS has the TV+ app on the App Store and Play Store. Ditto for Rogers with their Ignite TV app on the App Store and Play Store. None of these options require you to rent hardware from any Canadian telco, and you get the same experience as if you did. Which means that you save money at the end of the day. Though I suspect that if there’s a critical mass of people switching to these options, the big three telcos will find some way to bill you extra for it.

It will be interesting to see what if anything the big three in general, and Rogers specifically does to respond to this backlash from consumers. Because this kind of has the smell of the negative option billing fiasco that Rogers found itself in the middle of many years ago. Government outlawed the practice as a result of that fiasco, and one has to wonder if the same thing will happen here.

Leave a comment »