Former Twitter Execs Suing Elon Musk For Unpaid Severance

Posted in Commentary with tags on March 5, 2024 by itnerd

Right now Elon Musk is fighting an insane number of lawsuits related to his purchase of Twitter. You can now add one more to that as a bunch of ex-execs from Twitter are suing him over unpaid severance:

Former Twitter executives including CEO Parag Agrawal, Chief Financial Officer Ned Segal, head of legal Vijaya Gadde and General Counsel Sean Edgett filed a new lawsuit against Elon Musk and X Corp. in federal court arguing that they are owed $128 million in unpaid severance.

In their complaint, lawyers for the ex-Twitter executives say that after Musk backed himself into a deal to buy Twitter, now X Corp., for $44 billion, he took revenge against these executives personally, and tried to recover some of his expenses by “repeatedly refusing to honor other clear contractual commitments.”

Musk and X Corp. have been “stiffing employees, landlords, vendors, and others” since they took over Twitter, the lawyers allege, an allusion to more than 25 vendor nonpayment lawsuits filed against the social media business by companies including software and service providers and a landlord.

“Musk doesn’t pay his bills, believes the rules don’t apply to him, and uses his wealth and power to run roughshod over anyone who disagrees with him,” the complaint says.

The complaint also alludes to comments Musk made to his official biographer, Walter Isaacson, that “he would ‘hunt every single one of’ Twitter’s executives and directors ‘till the day they die.’”

The ex-Twitter executives’ lawyers argue, “These statements were not the mere rantings of a self-centered billionaire surrounded by enablers unwilling to confront him with the legal consequences of his own choices. Musk bragged to Isaacson specifically how he planned to cheat Twitter’s executives out of their severance benefits in order to save himself $200 million.”

The suit, Agrawal et al v. Musk et al, was filed in California’s Northern District and follows news that settlement talks between X Corp. and ex-Twitter managers broke down in a related case in Delaware, Woodfield v. Twitter Inc., where $500 million in unpaid severance to former Twitter managers and engineers is in dispute.

Well, that’s likely to enrage Elon. While I am not a lawyer, I don’t see how Elon can simply continue to do this and expect to come out on the winning side. Perhaps it might be in his interest to settle these lawsuits. But Elon rarely does things that are in his interest.

Leave a comment »

City Of Hamilton Confirms That They Have Been Pwned In A Ransomware Attack

Posted in Commentary with tags on March 5, 2024 by itnerd

I’ve been sitting on this for a few days, but now that the City Of Hamilton has confirmed that they got pwned in a ransomware attack, I’m publishing this story. Here’s what is known about the incident:

City manager Marnie Cluckie named the nature of the cyber attack for the first time during a virtual call Monday afternoon, alongside Mayor Andrea Horwath. The call was the city’s first media conference since the breach began on Feb. 25. 

The incident has shut down almost all city phone lines, paralyzed city council and impacted dozens of services including the bus schedule app, library WiFi and permit applications.

The city hasn’t provided a timeline for when the situation will be resolved.

“It’s impossible to know how long it will take us to get fully up and running again,” Cluckie said.

“I can tell you that we will only restore systems when we are confident we can do so safely and securely.” 

The city does not believe personal data has been accessed, she said. Hamilton police have been notified and will be investigating.

Cluckie said she’s been tightlipped about what’s happening behind the scenes as the situation is “sensitive” and would not reveal the amount of money the attackers are asking for or where they’re located. 

The city has insurance coverage for cybersecurity breaches, she said. 

This illustrates that no organization is safe from an attack like this without proper defences being in place. I for one would like to know exactly how they got in and what the City of Hamilton will do to make sure that this doesn’t happen again. Because anything that shuts down services on a scale like this is a non trivial event.

3 Comments »

HP Unveils Broadest Consumer Portfolio of AI-Enhanced Laptops

Posted in Commentary with tags on March 5, 2024 by itnerd

Today, HP is continuing to build on their news at CES, announcing HP’s newest Envy and Pavilion laptop PCs – now the broadest consumer portfolio of AI-enhanced laptops. These devices are designed to unlock your creativity and productivity with the latest AI capabilities for the most personalized experiences yet.

Exciting new features across both the Envy and Pavilion portfolios include:

  • Either Intel® Core™ Ultra or AMD Ryzen™ processors – both offering dedicated NPUs for even more personalized performance.
  • HP Smart Sense, which leverages AI to automatically optimize elements of the device like fan noise, temperature, and performance tailored to your workflow.
  • Copilot in Windows, which complements your capabilities and creativity with intelligent assistance and relevant answers. These are HP’s first devices with the Copilot key, where you can access this AI-powered intelligent assistant with a single press of a button. Also available is an innovative AI meeting assistant through a 30-day trial of Otter.ai.
  • Audio tuning by Poly with Poly Studio, and up to a 5MP camera for the perfect collaboration pair up.
  • ENERGY STAR® Certified and up to EPEAT® Gold with Climate+ Registered to extend HP’s commitment to a more sustainable future, incorporating recycled materials before, during, and after use.

The HP Pavilion Series – Personalized Computing for Every Creative Pursuit

The HP Pavilion series combines premium features with customizable performance for maximum value. Whether editing content or enjoying a little down time, the latest Pavilion laptop PCs provide sharp 16:10 visuals, an expanded port lineup, and long-lasting battery life to match your hustle.

The new HP Pavilion 16-inch Laptop PC brings a brilliant OLED display option to the Pavilion lineup for the perfect portable powerhouse, providing:

  • An Epic Canvas for Creation: Take advantage of 10.3% more vertical viewing space than the previous Pavilion 16 with a larger precision touchpad and backlit keyboard assist for comfortable browsing. On Intel® models, get up close and personal with the stunning detail of optional NVIDIA® graphics or immerse yourself in entertainment on up to an IMAX Enhanced Certified OLED display. 
  • Configurations to Fit Every Flow: Tackle your most intensive projects with a range of collaboration tools shared across the portfolio, choosing from several Intel® or AMD models and an optional FHD IR camera. HP Fast Charge provides a timely battery boost ahead of a long day of creativity, resulting in up to 19 hours of battery life on devices with up to an Intel® Core™ Ultra processor – a 44% increase over the previous Pavilion 16.

The HP Pavilion 16 is expected to be available in April at HP.com, Best Buy and Costco. The version with Intel®Core™ processors has a starting price of $1,199.99. The version with AMD Ryzen™ processors has a starting price of $899.99.

The HP Envy Series – Unparallelled Adaptability for Limitless Personalization

The new HP Envy x360 14 inch 2-in-1 Laptop PC and HP Envy x360 16 inch 2-in-1 Laptop PC are adaptable companions that move with you, delivering:

  • Flexibility to Power Your Lifestyle: Choose between 14- and 16-inch versions with either Intel® or AMD Ryzen™ processors, perfect for versatile functionality, featuring a high-strength aluminum design, and Thunderbolt™ 4 ports (on Intel® models). Both new laptops power through all-day use for up to 17 hours of immersive creativity. 
  • Expertly Curated Sights and Sounds: Experience unmatched clarity and comfort with an immersive 16:10 screen ratio, enhanced by upgrades to the keyboard and touchpad for more comfortable browsing, editing, and gaming. The optional 2.8K OLED display features an IMAX Enhanced certification for superior visuals. 

The 14- and 16- inch models are expected to be available beginning in March at HP.com as well as Best Buy and Staples. The HP Envy x360 14 with Intel® Core™ processors has a starting price of $1,399.99. The AMD version has a starting price of $1,299.99. The HP Envy x360 16 with Intel® Core™ processors has a starting price of $1,799.99. The AMD version has a starting price of $1,499.99.

Leave a comment »

Visa Names Michiel Wielhouwer as President and Country Manager for Canada 

Posted in Commentary with tags on March 5, 2024 by itnerd

Today, Visa announced the appointment of Michiel Wielhouwer, previously the Executive Director of Visa’s France, Belgium, and Luxembourg business, to President and Country Manager for Visa Canada. He will succeed Stacey Madge, who served in this role for the past seven years. 

Wielhouwer joins Visa Canada at a time of growth and opportunity as the company establishes new secure ways to pay, driven by its innovation and fintech strategy. Wielhouwer will continue to deliver value for Visa’s key clients, partners, and stakeholders while living the company’s purpose to uplift everyone, everywhere by being the best way to pay and be paid.  

Wielhouwer is a Visa veteran with 22 years of experience across five different markets. He brings deep financial services knowledge and leadership to Canada. Originally from the Netherlands and a multi-lingual speaker, Wielhouwer’s global background is a welcome addition to the multicultural and bilingual Canadian market. 

Wielhouwer steps into the role following the successful leadership of Stacey Madge. In Madge’s seven years with the organization, Visa Canada has seen tremendous growth through new client relationships, fintech collaborations, product innovations, and acceleration of money movement. Under her leadership, Canada has become a talent hub for Visa and a respected payments leader in the country. In her next chapter, Madge will be dedicating her talents to board, community, and foundation work.  

Leave a comment »

Cisco Study Reveals Canadian Employees Crave In-person Experiences, But Offices Are Not Delivering

Posted in Commentary with tags on March 5, 2024 by itnerd

Today, Cisco released findings from its Reimagining Workspaces Survey which showed working preferences are shifting as employees crave in-office collaboration and social interactions, and now, the race is on for workspace design and technology to catch up.

Study data found that 76 per cent of Canadian companies are choosing to partially or fully mandate a return to the office with productivity, team communication, and workplace culture as key drivers for the decision. Sixty-four per cent of employees positively support their organization’s decisions, however their motives have significantly evolved.

Canadians want to be in the office to collaborate (58%), ideate (27%), and foster connections with colleagues (28%), but current workspaces do not meet this need. Most (83%) employers allocate at least half the office to individual work stations. As a result, only 40 per cent of employees say their offices are very well prepared to support changing hybrid work needs.

Technology is a Baseline Expectation; AI-Enabled Features are Highly Desired
When it comes to the ideal workspace, both employees and employers agree that technology is foundational. Canadian employees ranked technology infrastructure and connectivity (93%) as the most important in office design, followed by layout and seating arrangements (90%), and collaboration and meeting spaces (86%).

Employees also see an opportunity for artificial intelligence (AI) to improve collaboration and their working experiences, but AI adoption among employers is not keeping pace. For example, while over half (53%) of employees agree AI-powered meeting room devices would be most useful to them, only 36 per cent of employers plan to invest in them. Similarly, while 81 per cent of employees agree AI-assistant tools would be most useful to them, only 61 per cent of employers intend to invest in these features.

Flexibility and Hybrid Work Models are Here to Stay
The data shows working preferences across all levels of employees are evenly split so flexibility will continue to be essential for organizations as they work to meet employee expectations. Of Canadian employers, 24 per cent prefer a mix of working from home and the office, 37 per cent prefer to be mostly in the office, and 34 per cent prefer working mainly from home. The trend is mirrored in employees as 29 per cent prefer a mix of working from home and the office, 34 per cent prefer to work mostly from the office, and 30 per cent prefer working mostly from home.

Office Redesigns are Underway
Organizations are beginning to transform office spaces. Two-thirds (64%) of employers have redesigned their office in the wake of the pandemic or are planning to do so in the next 24 months.

Regular enhancements to workspace layouts (63%) and technology features (60%) are the top items for organizations that have allocated budgets to office redesign, however considerations for AI and cybersecurity are lagging which means businesses may not be setting themselves up for long-term success. Only 21 per cent plan to prioritize AI technology in their office redesign and just 18 per cent have allocated a budget for cybersecurity. It is critical businesses allocate resources and focus on AI and cybersecurity. AI will fuel significant transformation for businesses that can successfully harness it and a strong cybersecurity posture will ensure that every organization, including its data, its people and its customers, is protected.

The Cisco Canada Reimagining Workspaces Survey is based on an online research survey conducted with 150 Canadian employers and 500 Canadian employees in January and February 2024.

Leave a comment »

New Zealand Central Bank Announces New 72 Hour Cyber Incident Notification Requirement

Posted in Commentary with tags on March 5, 2024 by itnerd

New Zealand’s central bank announced that banks must report major cyber incidents within 72 hours, as it plans to implement formal cyber reporting requirements over the next year after regulators supported proposals by the Reserve Bank of New Zealand (RBNZ) on the importance of having access to information on cyber resilience from the central bank.

Last year, after New Zealand saw a rise in cyber-attacks, the government was motivated to boost its cyber defenses by setting up a lead agency to make it easier for the public and businesses to seek help during network intrusions. Furthermore, RBNZ collaborated with the Financial Markets Authority (FMA), New Zealand’s financial markets regulator, to develop shared reporting requirements that can be used for both agencies.

The following RBNZ cyber resilience reporting requirements will be implemented in phases through 2024:

  • Material cyber incident reporting requirement: within 72 hours
  • Periodic reporting of all cyber incidents: large entities to be required to report all cyber incidents every six months and other entities annually
  • Self-assessment using the RBNZ’s Guidance on Cyber Resilience: large entities every year and other entities every two years.

Dave Ratner, CEO, HYAS had this comment:

   “Regulations requiring timely reporting are popping up across multiple geographies and verticals, and while they are in general a good thing, the definition of what is and isn’t ‘material’ is often not entirely clear.  Nevertheless, for an organization to be in a position to comply with these new regulations will require cyber resiliency solutions that are capable of alerting them to the telltale signs of a breach and see the initial digital exhaust indicating an attack in progress.  Most organizations are likely not prepared today and need to prioritize resiliency in 2024 to ensure that they are.”


Mark B. Cooper, President & Founder, PKI Solutions follows with this comment:

   “With regulators adopting stricter notification requirements, now more than ever, banks need to respond with their own stricter, higher levels of security posture management practices if they’re going to avoid having to report incidents.

   “The challenges organizations face is no longer limited to just advanced encryption or identity protection measures, but it highlights the critical need for pro-active, vigilant monitoring to quickly identify misconfigurations and alert security resources and staff. Prompt remediation is essential to defend against attacks that lead to triggering a notification.”

Requirements like these are a good thing from two perspectives. First it makes sure that any incident isn’t covered up. Second, it will “encourage” organizations to up their game in terms of their cyber defences to make sure that they don’t get pwned. These sorts of requirements need to be put into effect everywhere as that is one thing that will make us safer.

Leave a comment »

US Agencies warn of ransomware gang targeting critical infrastructure

Posted in Commentary with tags on March 5, 2024 by itnerd

The CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released an advisory warning of TTPs Phobos ransomware attacks are using to target government and critical infrastructure entities.

“Structured as a ransomware as a service (RaaS) model, […] Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, education, public healthcare, and critical infrastructure to successfully ransom several million in U.S. dollars,” the advisory said.

Attack chains typically leveraged phishing as an initial access vector, or vulnerable networks are breached by hunting for exposed RDP services and exploiting them by means of a brute-force attack.

Once successful, the threat actors deploy additional remote access tools, taking advantage of process injection techniques to execute malicious code and evade detection, and making Windows Registry modifications to maintain persistence within compromised environments.

“Additionally, Phobos actors have been observed using built-in Windows API functions to steal tokens, bypass access controls, and create new processes to escalate privileges by leveraging the SeDebugPrivilege process. Phobos actors attempt to authenticate using cached password hashes on victim machines until they reach domain administrator access,” the agencies said.

Phobos has been active since May 2019, with multiple variants identified. Cisco Talos disclosed in November that those behind 8Base ransomware are utilizing a variant of Phobos for their attacks.

BullWall Executive, Carol Volk had this to say:

   “The recent Phobos advisory from CISA, the FBI, and the MS-ISAC sheds light on the continued rise of ransomware attacks targeting government and critical infrastructure sectors. As with many ransomware attacks, the Phobos attacks employed phishing and exploitation of vulnerable RDP services and highlights the importance of robust cybersecurity measures at every level.

   “Organizations must prioritize implementing multi-layered defense mechanisms, including strong email security protocols and regular security awareness training to thwart phishing attempts.  Additionally, securing remote access points and promptly patching vulnerabilities in RDP services can significantly reduce the risk of exploitation.

   “However, we continue to see that even well prepared defenses will be breached by determined actors, so regular air-gapped backups, a ransomware containment system and MFA to protect RDP sessions should be part of the defense stack for the day your defenses are breached.”


John Benkert, CEO, Cigent follows with this:

   “Broken record here. Protecting critical infrastructure from Ransomware-as-a-Service (RaaS) attacks requires a multifaceted approach that spans technological, regulatory, and educational domains. Given the increasing sophistication and accessibility of RaaS platforms, which allow even low-skilled attackers to launch ransomware campaigns, the security of essential services such as healthcare, energy, transportation, and water systems has never been more important.

   “The foundational step in defending against these threats involves the implementation of robust cybersecurity measures that already exist. This includes regular software updates and patch management to close vulnerabilities, advanced threat detection systems to identify and neutralize threats early, and comprehensive data backup strategies to ensure data integrity in the event of a breach.

   “Let me be clear, solutions already exist in the commercial sector to protect against these threats. Instead of cultivating these commercial solutions, the government is more concerned with putting out regulations and standards that take years to approve and become obsolete before they are published.”

This should be a clear warning that defences for critical infrastructure specifically, but all organizations and sectors in general need to be a priority. The question is, how many warnings will it take for organizations to get the message?

Leave a comment »

Cloud Range Launches First Cyber Incident Commander Training 

Posted in Commentary with tags on March 5, 2024 by itnerd

Cloud Range, the industry’s leading cyber range solution to reduce exposure to cyber risk across the organization, today announced the launch of its new training program, Cybersecurity Incident Commander Training. Offered for a limited time at no cost, the training is tailored to those managing incidents in the security operations center (SOC).

Previously existing tools and training only focus on individual jobs and tasks in the SOC and, while critical to the team’s ability to detect and remediate incidents, they do not target the Incident Commander role. Further, many teams do not have a specific “commander” role or backup if the designated team lead is unavailable. This new training by Cloud Range is dedicated to the Incident Commander who oversees the SOC team when an incident or event occurs, such as a ransomware attack, data breach, or any other cybersecurity incident. 

Aligned with the job description developed by FEMA and the National Incident Management System (NIMS), the Incident Commander is one of the most critical roles during an incident because it orchestrates the team and resources and is the source of “ground truth” on the incident. That’s why the Incident Commander role requires “soft skills” such as leadership and communication that, without, can lead to team breakdowns. 

The Incident Commander training is a new stand-alone, online, self-paced course valued at $499. The goal is to provide security professionals with an overview of the responsibilities and skills needed to swiftly resolve an incident. Incorporating real-world scenarios enables learners to determine how to assign tasks, communicate across multiple levels of the organization, and lead the team effectively. The course is designed to highlight strengths and weaknesses so the trainee can improve their ability to manage their team in future situations. The result is that the Incident Commander has a better understanding of their role, how to manage an incident and improve time management, and how to elevate the performance of the incident response team. 

After successfully taking the course, which is the first part of the certification process, trainees receive a badge to show completion. 

Trainees are eligible for the complete certification after also being the Incident Commander during two of Cloud Range’s live-fire cyber attack exercises, which are dynamic, team-based simulations of real-world attacks on Cloud Range’s virtual cyber range. Like a flight simulator, the attack simulations enable the Incident Commander to fully step into the role, guide the team, work with the incident reporter, and practice all the skills and techniques required to be effective. The comprehensive, two-part training process gives security professionals deep knowledge, insight, and hands-on experience that equips them to be an effective Incident Commander.

Learn more and sign up for the Cloud Range Incident Commander Training, valued at $499 and offered at no cost for a limited time here.

Leave a comment »

Canadians Affected By “Battery Gate” To Get Paid By Apple

Posted in Commentary with tags on March 4, 2024 by itnerd

If you’re Canadian and you were affected by “Battery Gate”, I have some news for you. A court in BC has approved a settlement related to this where Apple will pony up $14.4 million CAD to make this issue go away. More information on how to submit a claim will be shared on the settlement website, but here’s the TL:DR in terms of who this covers:

  • You are a current or former resident of Canada (excluding Quebec)
  • You have to have owned a iPhone 6, iPhone 6 Plus, iPhone 6s, iPhone 6s Plus, and/or iPhone SE with iOS 10.2.1 or later installed or downloaded, and/or an iPhone 7 or iPhone 7 Plus with iOS 11.2 or later installed or downloaded, before December 21, 2017.
  • You need the serial number of said phone.

Now as usual for these sorts of things, Apple denies that it did anything wrong. And to be frank, $14.4 million CAD is a rounding error for Apple. But “Battery Gate” is done and dusted in Canada.

And I guess that it goes without saying that if you were affected by “Battery Gate”, you need to dig up that serial number and make sure you get your share of this.

3 Comments »

American Express Service Provider Pwned Exposing American Express Customer Data

Posted in Commentary with tags on March 4, 2024 by itnerd

American Express is warning customers that credit cards were exposed in a third-party data breach after one of its service providers was hacked. In the data breach notification filed with the state of Massachusetts, Amex said the breach occurred at one of its service providers used by their travel service division, American Express Travel Related Services Company. 

Darren Williams, CEO and Founder, BlackFog had this comment:

     “The potential impact of the American Express data breach is not yet known, as it is unclear whether customers’ data was simply accessed or if it has been exfiltrated through the third party provider. If the sensitive data of customers, including card numbers and expiration dates, has been exfiltrated by attackers, it can be used to not only make fraudulent purchases, but also to extort customers into further payments. All service providers who hold customer data should be investing in threat intelligence and anti data exfiltration technology to avoid attacks just like these.”

Since American Express filed a data breach notification, I assume that more details will be forthcoming. Because this data breach could be bad, or really really bad. And it is in everyone’s best interests to find out which.

Leave a comment »

« Older Entries
Newer Entries »