VPN Mentor Sees 234.8% Surge In VPN Demand In Texas Following Adult Site Ban

Posted in Commentary with tags on March 18, 2024 by itnerd

VPN Mentor’s research team has conducted an analysis of user demand data in Texas after the well known adult site Pornhub blocked access to its users in Texas following a new age verification law that came into force on March 14th. In just one day, VPN Mentor witnessed a surge of 234.8% in VPN demand in Texas. 

You will find all the details to their findings here: https://www.vpnmentor.com/news/vpn-demand-surge-texas/

Leave a comment »

ServiceNow Announces Acquisitions of 4Industry and EY Smart Daily Management Application

Posted in Commentary with tags on March 18, 2024 by itnerd

 ServiceNow today announced it has signed an agreement to acquire 4Industry, a Netherlands‑based partner whose manufacturing technology application is built on the Now Platform, and has completed the acquisition of  Smart Daily Management, a connected digital worker application from EY. Together, the deals augment ServiceNow’s existing operational technology (OT) management capabilities, adding Connected Worker solutions and enhancing expertise across key industrial markets such as manufacturing, energy and transport & logistics.

4Industry, founded in 2018, brings a mobile‑enabled application to make shop floor work more intuitive, efficient, and enjoyable through a suite of digital tools and Smart Daily Management from EY, which creates more efficiency around time‑consuming tasks, will enable ServiceNow’s industrial customers to drive operational excellence. The technology and industry expertise from 4Industry and the Smart Daily Management application will be utilized to build a new Connected Worker solution on the ServiceNow platform, expected in 2025. 

This example of continued investment in European tech and talent will significantly enhance ServiceNow’s long‑term roadmap for its global customers, delivering continuity across IT, OT, and factory floor workers. ServiceNow will continue to maintain a strong alliance with EY and partnership with Plat4mation, an affiliated services company of 4Industry. It will work jointly with these companies, as innovation and implementation alliance partners for both existing OT solutions as well as future Connected Worker solutions.

4Industry and Smart Daily Management from EY follow acquisitions of UltimateSuiteG2KAtrinet’s NetACE technology and Element AI as part of ServiceNow’s ongoing commitment to bringing impactful automation to customers. ServiceNow closed the acquisition of Smart Daily Management in early March and expects to close the acquisition of 4Industry in the coming weeks. Financial terms of the deals will not be disclosed.

Leave a comment »

Mac Users Should Upgrade GarageBand ASAP To Fix A Security Issue

Posted in Commentary with tags on March 17, 2024 by itnerd

If you use a Mac, chances are that you have a copy of GarageBand on it. Whether you use it or not isn’t the point. But if you have it, and you’re running macOS Ventura or Sonoma, you should make sure that you it is updated to 10.4.11 ASAP. Why? It fixes a security issue according to this:

The quickest way to confirm that you have 10.4.11 is to go to the App Store and click on Update to see if it’s been updated. If not, search for GarageBand, and click on Update.

Leave a comment »

43 Million Job Seekers Impacted By French Unemployment Agency Hack…Again

Posted in Commentary with tags on March 16, 2024 by itnerd

Wednesday, France Travail disclosed (Translation here) that hackers stole personal data belonging to 43 million job seekers who had registered with the French governmental unemployment agency. France Travail is the government agency in France tasked with registering unemployed citizens, offering financial assistance, and aiding them in securing employment opportunities.

The cyberattack occurred between February 6th and March 5th and includes data spanning 20 years. 

The data that has been exposed from this attack includes:

  • Full name
  • Date of birth
  • Place of birth
  • Social security number
  • France Travail identifier
  • Email address
  • Postal address
  • Phone number

This is the second data breach France Travail has suffered. Last August approximately 10 million individuals (Translation here) were impacted by an attack indirectly attributed to the Clop ransomware group who exploited a zero-day vulnerability in the MOVEit Transfer software tool.

The cyberattack on the agency sets a new record for France impacting the largest number of individuals, surpassing the more than the 33 million people (Translation here) impacted by the Viamedis and Almerys breach in February.

Ted Miracco, CEO, Approov Mobile Security:

   “The good news here is that while the disclosed information includes sensitive personal identifiers, it does not extend to passwords or banking information, limiting the scope of immediate financial fraud, however the potential for identity theft or other forms of cybercrime remains. Also, the response from France Travail aligns with best practices in handling data breaches, in compliance with the General Data Protection Regulation (GDPR). 

   “This incident underscores the critical need for organizations to implement robust cybersecurity measures at the edge, especially when it comes to mobile devices, which are increasingly used in attacks. Comprehensive security audits, regular vulnerability assessments, and real-time analytics are critical for security awareness. Lastly, it highlights the importance of having an incident response plan that can be quickly activated to mitigate the impact of data breaches.”

The fact that this organization has been pwned twice isn’t good. They really have some work to do to make sure that they don’t get pwned a third time.

Leave a comment »

Certero Launches Global Partner Program

Posted in Commentary with tags on March 15, 2024 by itnerd

 Certero, a leader in IT asset management, software asset management, SaaS optimization, and cloud FinOps solutions, announced a new Partner Program to support channel partners. This initiative is designed to help partners and their customers manage technology costs effectively, especially in a changing market and economic climate. The program aims to transform technology asset management and reduce overspending.

The program offers a straightforward structure with incentives, intending to generate new revenue opportunities for channel partners. Josh Shields, with nearly 20 years of experience in channel operations, has been appointed as the new Director of Strategic & Channel Partnerships to oversee this initiative.

Recent Certero Highlights:

  •     Increased solution-scope to tackle Shadow IT, SaaS optimization
  •     Revitalized ‘ITAM’ for modern IT infrastructure
  •     Significant investment in Cloud FinOps technology
  •     Technology-Led Services introduces live data into ITAM / SAM Services
  •     An Oracle Gold Partner, Certero earns additional Oracle Third-Party Tool Vendor Verification for Java, on top of Database & Fusion Middleware.
  •     Consistently Gartner Peer Insights’ highest-rated major SAM vendor across every pre-sales, implementation, solution and on-going support categories.

The Partner Program includes three levels of partnership: Connect, for transactional relationships; Advance, for strategic collaborations without a services capability; and Elite, for partners with their service delivery capabilities. This structure offers flexibility and support for partners at different engagement levels.

Certero is committed to a collaborative, customer-led, and partner-focused approach, promising a supportive onboarding process, expert-led training, and a partnership aimed at long-term success. The program is open to new partners looking to deliver value to customers through Certero’s advanced technology solutions.

Leave a comment »

McDonald’s Facing Some Sort Of GLOBAL IT Outage

Posted in Commentary with tags on March 15, 2024 by itnerd

Today is not a good day for McDonald’s as there is news that they have some sort of IT issue is crippling the fast food chain worldwide:

System failures at McDonald’s were reported worldwide Friday, shuttering some restaurants for hours and leading to social media complaints from customers, in what the fast food chain called a “technology outage” that was being fixed.

Chicago-based McDonald’s Corp. said the problems were not related to a cybersecurity attack, without giving more details on what caused them.

“We are aware of a technology outage, which impacted our restaurants; the issue is now being resolved,” the burger giant said in a statement. “We thank customers for their patience and apologize for any inconvenience this may have caused.”

That’s not a very reassuring statement and it’s kind of vague. It makes me wonder what the issue is. And for the record, the fact that they say it’s not a cybersecurity incident doesn’t mean that it isn’t one and they either don’t know or don’t want to admit to it. Hopefully whatever the cause of this, the fast food chain is transparent about what actually is the cause.

Meanwhile on Twitter:

https://twitter.com/moonlitempire/status/1768584337400951282

The repetitional damage to McDonald’s because people can’t get their Big Macs is going to be huge.

Leave a comment »

Canadian Government Has Been Conducting A National Security Review Of TikTok

Posted in Commentary with tags on March 14, 2024 by itnerd

Hot off the heels of the US House Of Representatives passing a bill to potentially ban TikTok, come the news that the Canadian Government has been doing a national security review of TikTok:

The federal Liberals ordered a national security review of popular video app TikTok in September 2023 but did not disclose it publicly.

“This is still an ongoing case. We can’t comment further because of the confidentiality provisions of the Investment Canada Act,” a spokesperson for Industry Minister Francois-Philippe Champagne said.

“Our government has never hesitated to (take) action, when necessary, if a case under review is found to be injurious to Canada’s national security.”

The revelation comes after the U.S. House of Representatives passed a bill Wednesday to ban TikTok unless its China-based owner sells its stake in the business.

That’s interesting. I have a comment from Ken Westin, Field CISO, Panther Labs relative to what the US has done. But is likely applicable to Canada as well:

I fear the bill to ban TikTok is mostly political grandstanding close to an election year feeding off of xenophobic rhetoric against China. That’s not to say the fear of the Chinese government accessing TikTok data isn’t real, but one has to wonder what value this data has, as the platform isn’t a place where documents or sensitive PII is stored. If the real intent is on protecting the data of US citizens, then it seems there should be a more robust set of legislation around the collection, sharing and selling of personal data in general. China can and probably has purchased data on US citizens from the same data brokers US companies buy it from. There is also a wealth of data often from data breaches available in underground forums that is free or cheap to access. It seems it would be better for us to focus on the real source of the problem, regarding private data access as well as bolstering cybersecurity to protect intellectual property from foreign powers which is what we’ve seen China and the nation state actors target in the past. 

I’ve gone on record multiple times as saying that TikTok needs to be banned because if we’re having this much discussion about it, it’s likely not a good thing. Or put another way, if there’s smoke there’s fire. Hopefully this whole episode leads to consumers on both sides of the border being better protected from adversaries like China.

Leave a comment »

HHS Opens Investigation Into Change Healthcare Hack

Posted in Commentary with tags on March 14, 2024 by itnerd

The thing with cyberattacks is that they come in two parts. The first is that you get pwned. The second is that authorities often want to investigate you to see if you did or didn’t do something that led to the attack. Change Healthcare is into the second part after being pwned a few weeks ago. Here’s what HHS had to say:

Given the unprecedented magnitude of this cyberattack, and in the best interest of patients and health care providers, OCR is initiating an investigation into this incident. OCR’s investigation of Change Healthcare and UHG will focus on whether a breach of protected health information occurred and Change Healthcare’s and UHG’s compliance with the HIPAA Rules.

Ken Westin, Field CISO, Panther Labs had this to say:

I hope the investigation focuses on lessons learned and what both healthcare and government can do in partnership to both reduce the threat, as well as increase resilience to these types of attacks. If the goal of the investigation is to be punitive and seek fault to levy fines, I fear it would send the wrong message to the healthcare industry and will result in less collaboration and openness about these high impact security incidents. In my experience, healthcare IT and security departments are often underfunded and under resourced compared to other industries while at the same time dealing with unique challenges while having to navigate strict regulatory compliance frameworks. The best way to better secure the healthcare industry is through open dialogue and collaboration across the industry and with government resources. 

I for one will be interested to see what comes of this investigation given how much disruption that it has caused. I am sure that there will be other interested parties interested in the outcome as well. Having said that, I am sure that Change Healthcare and its parent UHG will find this investigation a couple steps below a proctology exam. Which is good because all the facts of this attack need to come out.

Leave a comment »

Multiple Fortinet FortiWLM Vulnerablities, Indicators Of Compromise Documented By Horizon3.ai

Posted in Commentary with tags on March 14, 2024 by itnerd

Horizon3.ai this morning published “Fortinet FortiWLM Deep-Dive, IOCs, and the Almost Story of the “Forti Forty” disclosing several vulnerabilities effecting the #Fortinet #FortiWLM (Wireless LAN Manager). The vulnerabilities span from command injection, SQL injection, to file reads. While most were patched late last year, 2 remained unpatched as of March 13, 2024, after 307 days from Horizon3.ai’s initial report.

This blog details several of the issues discovered in the FortiWLM that have since been patched:

  1. CVE-2023-34993 – Multiple Unauthenticated Command Injections – PSIRT-23-140
  2. CVE-2023-34991 – Unauthenticated SQL Injection – PSIRT-23-142
  3. CVE-2023-42783 – Unauthenticated Arbitrary File Read – PSIRT-23-143
  4. CVE-2023-48782 – Authenticated Command Injection – PSIRT-23-450

Additionally two vulnerabilities that have not received patches leading to appliance compromise:

  1. Unauthenticated Limited Log File Read – Allows retrieval of arbitrary log files which contain administrator session ID tokens
  2. Static Session ID Vulnerability – Session IDs do not change between sessions for users. Chained with the above issue allows trivial compromise of the device.

This morning’s blog post includes paths to remote code execution and indicators of compromise. 

Leave a comment »

Launching today: Reddit Free-Form Ads

Posted in Commentary with tags on March 14, 2024 by itnerd

Reddit has launched free-form ads, a unique-to-Reddit ad format with a “free form” layout that empowers advertisers to share in-depth information and maximize community engagement. It’s their most native format yet, which means it’s designed to look and feel similar to the ways Reddit users engage with each other on the platform. 

In early testing with brands like Philadelphia cream cheese Canada and Starbucks Canada, they’ve seen free-form ads outperform all other ad types in average click-through rate (CTR) by 28%, as well as increased community engagement when comments are enabled. 

You can have a look at their blog post for more information.

Leave a comment »

« Older Entries
Newer Entries »