Johnson Controls Gets Pwned By Ransomware

Posted in Commentary with tags on September 29, 2023 by itnerd

It seems that tech giant Johnson Controls has been pwned by hackers who via ransomware have made a huge score on said tech giant:

An 8-K form filed by the company this week with the Securities and Exchange Commission (SEC) revealed that some of its internal IT infrastructure and applications were disrupted as a result of a cybersecurity incident. 

An investigation has been launched to determine what type of information may have been compromised. 

“To date, many of the Company’s applications are largely unaffected and remain operational. To the extent possible, and in line with its business continuity plans, the Company implemented workarounds for certain operations to mitigate disruptions and continue servicing its customers. However, the incident has caused, and is expected to continue to cause, disruption to parts of the Company’s business operations,” Johnson Controls said in the SEC filing.

The incident could force the company to delay the release of its fourth quarter and full fiscal year financial results.

Johnson Controls provides HVAC, automation, security, safety, smart home, retail, industrial refrigeration, and energy solutions and services. The company has more than 100,000 employees across 150 countries.

The pwnage was confirmed by VX Underground:

Who are Dark Angels? Let me help you with that:

The Dark Angels gang emerged in May 2022, using both data theft and file-encrypting malware to convince victims to pay a ransom. The hackers have attacked several major organizations in the United States over the past months.

The group has created its ransomware using leaked Babuk source code, which has been used by several threat actors to create their own malware. 

John Gunn, CEO, Token had this comment:

There is absolutely a trend emerging in ransomware attacks with cyber criminals going deeper into their victims’ systems to deal a more crippling blow, while raising the stakes and demanding ransoms in the tens of millions of dollars instead of just the millions.

Seeing as this is now public via an 8K, I imagine that we’ll get more details on this over the coming weeks. Thus you might want to keep an eye on this story.

In Depth: Judy Security

Posted in Commentary with tags on September 29, 2023 by itnerd

Here’s the thing. When it comes to cybersecurity, enterprise businesses are shown all the love because they have options galore. But Small/Medium Businesses (SMBs) don’t get the same love when it comes to cybersecurity as their options are rather limited. Not only that, they don’t have the people to focus on cybersecurity even if they did have an abundance of options. Which means that it’s more likely that SMB’s are going to get pwned by threat actors.

That’s where a company called Judy Security hopes to change things. Having been around for five years, Judy Security is completely aimed at the SMB market as that’s a huge market. And Judy Security can empower that market by using a combination of AI and Managed Service Providers/Managed Service Security Providers (which operate in the US, South Africa, India, Australia, and UK by the way) to do the heavy lifting for small businesses. Here’s a video that goes into a bit more detail on that.

Judy Security’s story is more than just cybersecurity. Representation, inclusion and diversity is important to Judy Security. Taking a look at this page illustrates that as there’s a significant amount of representation from women, visible minorities and other groups. That impressed me as there’s often a lack representation, inclusion and diversity in many companies in general, and in cybersecurity specifically.

According to Raffaele Mautone who is Judy Security’s Chief Executive Officer & Founder, Judy Security will stay out in front as nobody wants to truly take on the SMB space. That’s because the enterprise is where their competitors want to be. And the SMB space is often just a passing interest for said competitors. Thus, keeping an eye on Judy Security and where they’re going in this space and what they’re doing is a very good idea. And if you’re a small business in need of a cybersecurity security solution, Judy Security should be your first place to look.

Elon Musk Quietly Removes Twitter Feature To Report Election Misinformation

Posted in Commentary with tags on September 29, 2023 by itnerd

Twitter, likely on the orders of Elon Musk has quietly removed a feature that allowed users in some locations to report election misinformation according to Reuters

Elon Musk’s X, formerly called Twitter, disabled a feature that let users report misinformation about elections, a research organisation said on Wednesday, throwing fresh concern about false claims spreading just before major U.S. and Australian votes.

After introducing a feature in 2022 for users to report a post they considered misleading about politics, X in the past week removed the “politics” category from its drop-down menu in every jurisdiction but the European Union, said the researcher Reset.Tech Australia.

Users could still report posts to X globally for a host of other complaints such as promoting violence or hate speech, the researcher added.

X was not immediately available for comment.

I’m guessing that this feature wasn’t removed in the EU because Elon is afraid that he’d be pummelled by the EU the second they found out that it was gone. Which illustrates that at some level, he’s afraid of the EU. But that may still happen given how mad the EU is at him at the moment. And the EU are the last people on the planet that you want to get mad. What this highlights is that Elon is not an honest broker. And that his plans for Twitter aren’t wrapped in some high minded ideal related to free speech. Which is why on top of him firing the election integrity team, there is zero reason for you to use Twitter at all as it’s gone from town hall to cesspool of hate and misinformation under Elon’s watch.

Ex-Twitter Trust And Safety Head Has A Warning For Twitter’s Current CEO: “Be Worried”

Posted in Commentary with tags on September 29, 2023 by itnerd

Ex-Twitter executive Yoel Roth who ran Trust and Safety for Twitter took the stage at the last minute replacement for GM CEO Mary Barra at Vox Media’s Code 2023 conference. In this interview, he shares a lot of information about what went on behind the scenes at Twitter and the fact that he had to flee his home when Elon Musk via the “Twitter Files” misrepresented his academic work. But the most mind blowing moment of the interview was this warning for current Twitter CEO Linda Yaccarino:

“If not for yourself, for your family, for your friends for those that you love, be worried,” 

And:

“You should be worried. I wish I had been more worried.”

I wonder how that hit Yaccarino who was waiting off stage to be interviewed next. In her Interview (you can watch it here) she said that she felt “well protected”. Whatever that means. But if you watch her Interview, it was pretty tense. And I for one would be mass emailing my CV to anyone who might hire me if I were in her position.

I encourage you to watch the entire interview with Roth and draw your own conclusions:

The CEO Of Twitter Doesn’t Have The Twitter App On The Home Screen Of Her iPhone… No Really… She Doesn’t

Posted in Commentary with tags on September 29, 2023 by itnerd

From the “this is a bit odd” category comes this tidbit via an interview with Twitter (I won’t be calling it “X”) Linda Yaccarino at Vox Media’s Code 2023 conference. At one point in the interview she decided to show her iPhone to the audience. This is what they saw:

If you look at her Home Screen, the Twitter app isn’t on there. Is that odd? Maybe. One would expect the CEO of Twitter to have the Twitter app on her phone for everyone to see. But apparently not. Pixel peeping indicates that she does have the following apps on her Home Screen:

  • Starbucks
  • Gmail
  • Signal
  • Messages
  • FaceTime
  • Wallet
  • Camera
  • Calendar
  • Settings
  • Stocks
  • Photos
  • Safari
  • Maps
  • Instagram
  • Facebook

There were a couple of apps that I could not identify. But I think you get my point. Now it is possible that she has the Twitter app in the app drawer or on her second or third page of the iPhone. But considering that she has two Meta apps on her Home Screen which are from a company that directly competes with Twitter, this all seems a bit weird.

One suspects that now that this is out, she’s going to get a phone call from Elon Musk about this. Sucks to be her. In any case, you can watch the full interview here:

Visa Expands Installments Program with Air Transat and London Drugs

Posted in Commentary with tags on September 28, 2023 by itnerd

Visa has announced two new collaborations, with Air Transat and London Drugs, to expand Instalments enabled by Visa to more eligible Canadian credit cardholders. Using Installments enabled by Visa, consumers can convert qualifying purchases into smaller, equal installment payments over a specified period of time, using their eligible credit card.

Visa research shows that nearly half of Canadian consumers prefer their installment financing be provided by their current credit card issuer and 30% say they would be more likely to purchase again at the store if it was an available payment option.1 Air Transat and London Drugs are the latest to join a growing list of retailers supporting Installments enabled by Visa.

Installments enabled by Visa provides issuers, processors, and retailers an option to seamlessly add a flexible payment option for their customers. For more information on Visa Installments, visit: Visa.ca/installments.

OVHcloud Adds Cutting-edge GPUs Helping Organisations to Power AI’s Most Demanding Workloads

Posted in Commentary with tags on September 28, 2023 by itnerd

OVHcloud, the European Cloud leader and a part of the NVIDIA Partner Network continues to develop its portfolio of AI solutions, today adding new NVIDIA GPU product offerings that form an integral part of its strategic vision for artificial intelligence. Acknowledging the tremendous impact AI will have in the years to come, OVHcloud is on a mission to help customers grow their businesses, uniting an ecosystem through innovative, easy and affordable AI solutions, featuring transparent, ethical and open models that preserve data privacy.

With over 20 years of expertise in infrastructure, through a unique vertically integrated industrial model, OVHcloud is designing AI-enabled infrastructures, which include new best-of-breed NVIDIA H100 and A100 Tensor Core GPUs. Customers will be able to choose from many options to power their most ambitious machine learning workloads, including large language models.

Adding to critically acclaimed options already offered at a competitive price with older generation NVIDIA V100 and NVIDIA V100S GPUs, the Group today announced new offerings based on the following GPUs: NVIDIA H100, NVIDIA A100, NVIDIA L40S and NVIDIA L4, with effective deployment ramping up in the coming weeks.


New GPU instances with NVIDIA A100 for deep learning training and inference 

New NVIDIA A100 80GB powered GPU instances are immediately available and let AI specialists run complex projects on highly specialized NVIDIA Tensor Cores. With exceptional abilities in deep learning training, A100 is also ideally suited to run inference thanks to various optimizations in tackling those workloads, including LLM-related projects. High-performance computing is another playing field where the A100 GPU instances help unlock the next-generation of discoveries, through advanced simulations, thanks to double-precision compute and high-bandwidth memory.

A100-based public cloud instances can be configured as A100-180 with 1x A100, 15 vCore and 180GB of RAM, A100-360 with 2x A100, 30 vCore and 360GB of RAM and A100-720 with 4x A100, 60 vCore and 720GB of RAM.


New GPU instances with NVIDIA H100 for deep learning training

OVHcloud is also announcing upcoming H100-based GPU instances built around NVIDIA’s latest accelerator with a compute power starting at 26 petaFLOPS (FP64) per PCIe GPU. Purpose-built for the most demanding AI models, the NVIDIA H100 is the de facto choice for innovation in AI, whether accelerating LLMs with its Transformer Engine, or creating generative AI applications.

For the most demanding use cases, such as extreme fine-tuning and training, the Group will offer NVIDIA H100 SXM-based solutions. With 67 TFlops of FP64 compute power and a higher GPU bandwidth, this select offering will showcase the full power of the NVIDIA Hopper GPU architecture. 

New GPU instances and bare-metal servers with NVIDIA L4 and L40S

The Group also today unveiled GPU instances featuring NVIDIA L4 GPUs with 24GB of memory. The L4, based on the NVIDIA Ada Lovelace GPU architecture, is a universal GPU for every workload with enhanced AI and video capabilities. It provides efficient compute resources for graphics, simulation, data science and data analytics.

The NVIDIA L40S GPU with 48GB of memory is also joining the Group’s GPU instances. NVIDIA L40S benefits from fourth-generation Tensor Cores and FP8 Transformer Engine providing robust performance for AI workloads both in training and inferencing.

These GPUs will be available through public cloud instances as well as in dedicated bare-metal servers with L4 in SCALE-GPU and L40S in HGR-AI.

Establishing a foundation to supercharge customer AI journeys

Thanks to an unprecedented choice of NVIDIA GPU architectures, OVHcloud now delivers an AI-designed infrastructure for AI engineers, researchers, data scientists and data practitioners that can leverage the elasticity of the cloud to support their needs from training to running inference.

Furthermore, OVHcloud will gradually add NVIDIA H100 and A100 options to its set of comprehensive AI PaaS solutions designed to accompany the data life cycle: AI Notebooks, AI Training and AI Deploy. OVHcloud AI solutions act as a complete set of tools that are easy to use, and designed to explore data, train models and serve them into production.

Executing on a strong dedicated AI roadmap, OVHcloud is set to announce in the weeks to come a wave of AI innovations designed to further help its customers in navigating this new paradigm.

Pricing & availability

GPU instances based on NVIDIA A100 are available now on public cloud starting at 2,75 EUR per hour for A100-180, 5,50 EUR per hour for A100-360 and 11 EUR per hour for A100-720. Managed AI solutions based on A100 will be available later at 3 EUR per hour. NVIDIA H100 PCIe-based instances in the public cloud universe will launch later this fall with pre-reservation starting now. Customers interested in upcoming NVIDIA H100 SXM offers can apply for a personalized quote.

NVIDIA L4 and L40S GPU instances will be available in October. New bare-metal servers featuring NVIDIA L4 and L40S GPUs are expected to launch this fall.

Elon Musk Fires Twitter’s Entire “Election Integrity Team”…. Showing That He Has No Integrity

Posted in Commentary with tags on September 28, 2023 by itnerd

News broke late last night that Elon Musk clearly has zero integrity by firing Twitters “Election Integrity Team”. And this has been confirmed by Elon himself:

So let’s think about this. We’re heading into the 2024 elections with no protections on Twitter from nation states running disinformation campaigns on Twitter. And Elon thinks that this is a good idea. I think this illustrates that Elon is not an honest broker. Far from it in fact. And this highlights the fact (again) that nobody should spend any time on Twitter.

75% of Companies Struggling with IT Operational Challenges in a Hybrid World: HP

Posted in Commentary with tags on September 28, 2023 by itnerd

HP Inc. today announced the findings of a new commissioned study, conducted by Forrester Consulting, highlighting the need for companies to adopt always-on endpoint management to cater for increasingly dispersed global workforces.

72% of companies surveyed currently have a hybrid working model, with 75% of respondents reporting that the shift to remote and hybrid working models has magnified IT operational challenges. 

Forrester Consulting’s survey of 312 IT and Security Decision makers shows that companies are struggling to balance asset management, user experience assurance, and risk management. 

Key findings in the 2023 study, “Mastering Endpoint Security In A Hybrid World” include:

  • The top challenges companies face when managing remote endpoints are ensuring data security (60%); keeping software on remote devices up to date (55%); and maximizing the accuracy of asset databases (55%). 
  • Just 42% of companies perform firmware updates annually, 23% update every two years or less, and 12% only update “when essential” – putting firms at risk of security vulnerabilities and compatibility issues.
  • Two-thirds (67%) of respondents say ensuring secure and continuous communication with remote endpoints is a major concern for their company’s IT department. 
  • IT is having to rely on subpar protection, with 50% citing inadequate endpoint security solutions as an obstacle to addressing security and management challenges. Meanwhile, 54% believe full-disk encryption provides substantial protection for endpoints but acknowledge it can be insufficient. For example, if the attacker has physical access to the device.

Always-on connectivity is the lynchpin of comprehensive endpoint management

In considering how these challenges may be overcome, 75% of respondents believe improved endpoint management would have a positive impact on overall business operations and efficiency.

Companies cited a need for more efficient endpoint software tracking and management (48%). To achieve this, respondents want device backup and restore capabilities (55%), automation of device recovery processes (47%), BIOS update deployment (46%), and device location tracking (46%).

To enhance remote endpoint security and management, 82% of respondents are also considering investment in solutions that can geo-locate, lock, and erase PCs remotely.

For example, HP Wolf’s Protect and Trace utilizes HP Wolf Connect to perform these functions on a PC even when it’s turned off or disconnected from the Internet.

About the research

This study, commissioned by HP and carried out by Forrester, surveyed 312 IT and security decision makers at companies with 500 or more employees across multiple industries in NA, EMEA and APJ. The study began in March 2023 and was completed in September 2023.

Ransomware Takes Out One Of The UK’s Largest Logistics Firms

Posted in Commentary on September 28, 2023 by itnerd

KNP Logistics, one of the UK’s largest privately owned logistics groups has declared bankruptcy, blaming a June ransomware attack and potentially leaving 730 employees without jobs. According to administrators, the “major ransomware attack” impacted necessary systems, processes and financial information, and, consequently, adversely affected the financial position of the Group which left them unable to secure critical funding to recover.

  • “Against a backdrop of challenging market conditions and without being able to secure urgent investment due to the attack, the business was unable to continue. We will support all affected staff through this difficult time,” said Raj Mittal, the joint administrator who is handling the insolvency process for FRP Advisory.

After KNP was added to the Akira ransomware list of victims in June, Avast publicly released a decryptor for the Akira ransomware in July. It is not known whether KLP Logistics used the decryptor or if KLP had contacted law enforcement or an external incident response company following the ransomware attack.

Stephen Gates, Principal Security SME, Horizon3.ai:

   “Ransomware attackers are now putting all organizations in the ransomware crosshairs primarily for three reasons:

  1. Ransomware attackers are being emboldened to perform more attacks since they are rarely arrested and/or prosecuted for such crimes.
  2. Ransomware attackers know that many organizations are highly likely to pay the ransom to keep critical systems, technologies, and networks online.
  3. Too many organizations are actively paying the demands of attackers, further incentivizing new actors to use this extremely profitable attack vector at everyone else’s cost.

   “The most effective way to defeat ransomware attacks is to continuously assess your own infrastructure, find the attack paths an attacker would take, and then fix those issues and validate that your fixes defeated the discovered attack paths. Once complete, you rinse and repeat the process regularly to discover new attack paths. No other defensive or offensive method of reducing the risk of a successful ransomware attack against your organization will be as successful as the method explained here.”

If you needed one more reason to take ransomware seriously, this is it. This business was taken out by ransomware. And if you don’t have your house in order, you can be next. Consider this situation a case study in what could happen to you.