LinkedIn Accounts Pwned In Massive Hacking Campaign

Posted in Commentary with tags , on August 17, 2023 by itnerd

As reported by Cyberint, LinkedIn is being targeted in a surge of account hacks, takeovers and lockouts with the inability for users to resolve the issues through LinkedIn’s support.

“While LinkedIn has not yet issued an official announcement, it appears that their support response time has lengthened, with reports of a high volume of support requests,” reports Cyberint’s researcher Coral Tayar.

Meanwhile, users have taken to various online forums such as Twitter and Reddit to air their frustrations regarding LinkedIn’s lack of response and support in recovering the breached accounts, some reporting it’s been almost a week and they haven’t received assistance yet.

As observed by Cyberint in many accounts, the attackers appear to be using leaked credentials or brute-force to attempt to gain control. For accounts that are well protected, the takeover attempts only resulted in a temporary account lock, but when the hackers successfully took over LinkedIn accounts, they quickly swapped the associated email address, changed the password, and in some instances even turned on 2FA making the account recovery process even more difficult.

In some instances, the attackers demanded a small ransom to return the accounts back to the owners and in others they simply deleted the accounts without asking for anything.

Emily Phelps, Director, Cyware had this to say:   

“We live a significant part of our lives online, and we don’t want our online identities in the wrong hands. I have no doubt that LinkedIn is receiving a tremendous increase in support requests, which likely accounts for the slow response time, it is advisable to reach out to your customers and inform them of the steps you’re taking to rectify the situation.”  

If you maintain a LinkedIn account, now would be a good time to review the security measures you’ve activated, enable 2FA, and switch to a unique and long password. As for LinkedIn, I can’t find any evidence that they’ve commented on this. Which doesn’t look good on them at all.

Leave a comment »

Mass Exploitation Campaign Backdoors Almost 2000 Citrix NetScalers 

Posted in Commentary with tags , on August 17, 2023 by itnerd

A hacking group has exploited a critical vulnerability in Citrix NetScaler servers to compromise close to 2,000 servers in a massive campaign, before patches could be applied.

As of 8/14 Fox-IT researchers report that of some 31,127 vulnerable servers, more than 1,900 remain “backdoored” and of those found, 1,248 had already been patched, but were never checked for signs of successful exploitation.

The vulnerability, tracked as CVE-2023-3519, allows hackers to execute arbitrary code on the servers without authentication allowing them to do anything they want on the servers, including steal data, install malware, or disrupt operations.

Main Takeaways:

  • A set of vulnerabilities in NetScaler, one of which allows for remote code execution, were disclosed on July 18th. This disclosure was published after several security organizations saw limited exploitation of these vulnerabilities in the wild.
  • Fox-IT (in collaboration with the Dutch Institute of Vulnerability Disclosure) have scanned for these webshells to identify compromised systems. Responsible disclosure notifications have been sent by the DIVD.
  • At the time of this exploitation campaign, 31127 NetScalers were vulnerable to CVE-2023-3519.
  • As of August 14th, 1828 NetScalers remain backdoored.
  • Of the backdoored NetScalers, 1248 are patched for CVE-2023-3519.

David Mitchell, Chief Technical Officer, HYAS had this to say:  

“Unfortunately, this is far from the first time this has happened in recent memory. In previous campaigns, attackers gained footholds within F5, Fortinet and VMware appliances through exposed management interfaces in order to avoid detection by EDR software.  

“Regardless if the exploit is already in the wild, customers are expected to monitor their devices for the IOCs before and after the patch is applied — which is obviously not at an acceptable level. The reason for this gap may be education, outsourced managed devices or division of security labor within an organization, but I do not expect attacks on network devices to stop anytime soon.”

Clearly simply patching everything isn’t enough. You also have to make sure that the bad guys aren’t already in. Which means that you need to take more rigorous steps to make sure that you’re not on the wrong end of a headline.

Leave a comment »

Flashpoint Releases July Cyber Threat Intelligence Index

Posted in Commentary with tags on August 17, 2023 by itnerd

Flashpoint has published its July 2023 Cyber Threat Intelligence Index.  Here are some numbers from July:

  • There were 515 ransomware attacks
  • 1994 new vulnerabilities with 312 of them being missed by the Common Vulnerabilities and Exposures (CVE) and National Vulnerability Database (NVD)
  • 529 Data Breach events

The Index also deals with Insider Threats and the state of malware. You can read it here.

Leave a comment »

Fisker Releases Additional Details On Their Upcoming Alaska Truck  

Posted in Commentary with tags on August 17, 2023 by itnerd

 Fisker Inc. has today released additional details on its Fisker Alaska pickup truck. Fisker revealed the Alaska at its Product Vision Day on August 3.

Fisker Alaska 2023

The Fisker Alaska is the company’s “everything” vehicle: sporty handling and driving dynamics combined with luxury SUV comfort and everything that discerning buyers in the booming pickup-truck market expect. But Fisker also intends to make the Fisker Alaska the world’s most sustainable pickup when deliveries commence in 2025.

The company is also innovating with the vehicle, particularly when it comes to the bed, which is designed to expand from 4.5 to 7.5 feet thanks to a Houdini partition behind the rear seats that can be electronically lowered into space created by the battery layout of the FM31 platform. The Houdini door will be protected by a flip-up panel. With the powered liftgate dropped and rear seats lowered, the bed expands to 9.2 feet. When the rear seats are folded down and the Houdini is lowered, the rear seats are protected by fold up panels including a panel folding up behind the front seats. Beyond that, Fisker aims for the Fisker Alaska to be the world’s lightest electric pickup and feature extra storage in an insulated front trunk.

The Fisker Alaska will be offered with two battery packs — 75 kWh and 113 kWh — that will offer range of 230-340 miles; the 0-60mph time will range from 3.9 to 7.2 seconds. The vehicle will be 17.4 feet in length and entice owners with a big gulp cupholder, the world’s largest, a cowboy hat holder, cockpit storage for work gloves, a large center armrest with storage for flashlights and pens, and a passenger tray with a tablet holder. Wheels will be available in 20- and 22-inch sizes.

Production of the Fisker Alaska is expected to start in Q1 of 2025. Interested customers can reserve the vehicle at Fiskerinc.com for $250 for their first Alaska and fully refundable $100 for the second.

Leave a comment »

TELUS Cellular Customers Appear To Be Having Issues [UPDATE: Resolved?]

Posted in Commentary with tags on August 16, 2023 by itnerd

No sooner did I post this story about Bell customers having issues with their cell phone service did someone ping me to ask if I was having issues with my iPhone on the TELUS network as it is not a secret that I am a TELUS customer. I did a couple of tests and I don’t appear to have any issues. But DownDetector paints a different picture:

I then when to the TELUS Service Status page and it says that there is an active outage affecting their cell phone users:

This really isn’t a surprise as Bell and TELUS apparently share infrastructure. But what is interesting is that issues with TELUS appear to have started much later than the issues Bell. I’m honestly not sure how widespread this is as I have no issues with my iPhone at the moment over 5G. But just like I said in my story about Bell, if you’re having issues using your phone on TELUS, it’s them and not you.

UPDATE: The TELUS Service Status page now shows that there are no outages. Thus I am guessing that whatever happened is resolved. If you have a different experience with TELUS, please let me know.

Leave a comment »

Bell’s Cellular Customers Appear To Be Having Issues [UPDATE: Resolved?]

Posted in Commentary with tags on August 16, 2023 by itnerd

It appears that Bell has an issue that is impacting their cellular customers at the moment. Here’s a look at what DownDetector sees:

Whatever issues Bell is having, it started earlier this morning and got worse just before 1PM. At least Bell has admitted to issues in the Toronto area on Twitter:

But to be honest, I am not sure if these issues extend beyond Toronto. But the bottom line is that if you’re having issues making a phone call on your Bell cell phone, it’s them and not you.

UPDATE: Bell is now saying that the issue is resolved:

If you’re seeing something different, please let me know.

1 Comment »

TikTok Banned For NYC Employees

Posted in Commentary with tags on August 16, 2023 by itnerd

It’s been a while since I’ve written about someplace banning TikTok. But one of the biggest cities out there has just joined the bandwagon:

New York City is banning TikTok from city-owned devices and requiring agencies to remove the app within the next 30 days.

The directive issued Wednesday comes after a review by the NYC Cyber Command which a city official said found that TikTok “posed a security threat to the city’s technical networks.” Starting immediately, city employees are barred from downloading or using the app and accessing TikTok’s website from any city-owned devices.

“While social media is great at connecting New Yorkers with one another and the city, we have to ensure we are always using these platforms in a secure manner,” a NYC City Hall spokesperson said in a statement to The Verge Wednesday. “NYC Cyber Command regularly explores and advances proactive measures to keep New Yorkers’ data safe.”

The city cited US Office of Management and Budget guidelines discouraging TikTok’s use on government devices as well as federal legislation banning the app passed earlier this year.

TikTok really has an issue here as they have been unable to come up with any argument that stops places from banning the social media app. Until they do that, this will keep happening. And at some point, TikTok will have to do something different before the narrative simply becomes “TikTok is evil.”

Leave a comment »

Omdia Launches Channel Partner Strategies Intelligence Service

Posted in Commentary with tags on August 16, 2023 by itnerd

Leading tech research organization Omdia, part of Informa Tech, has launched the Channel Partner Strategies Intelligence Service, a channel-focused market research product. The service has been designed to help channel-focused vendors and technology suppliers accelerate growth and gain a deeper understanding of the key trends shaping the tech landscape. It offers a particular focus on the shift in technology consumption due to the evolution of managed services and insights into new and innovative solution providers.

First announced in May at the 2023 Channel Partners Conference & Expo, the Channel Partner Strategies Intelligence Service comes from the Omdia Channel Research and consulting team. The team is led by Devan Adams, Principal Analyst, and Debbie Kane, Principal Consultant.

Reports available from the new service will provide technology vendors and suppliers with expert channel research, analysis and actionable insights into the key market trends, technology innovations and strategies shaping the evolving channel ecosystem.

The first two major reports, available now, are the “Managed Service Provider (MSP) 501 Survey Insights – 2023” and the “Fastest-Growing Managed Service Providers (MSPs) Survey Insights – 2023.”

“Managed Service Provider (MSP) 501 Survey Insights – 2023”analyzes the results from the industry’s most comprehensive global survey and ranking of MSPs, the Informa Tech Channel Futures MSP 501. The report provides key insights from the global survey, including insight into revenue-producing services, markets served, technology adoption, managed service offerings, customer segments and M&A. For the first time, the report offers a view into the profitability of the managed services market.  

Key insights include:

  • Channel resiliency on display​: Even with economic headwinds such as employee attrition and inflation, average total revenue growth grew significantly, as MSPs reap the benefits of business customers increasing their co-managed and full outsourcing efforts to lower OPEX.  
  • Managed services profitability: The report sheds light on the health of the managed services marketplace through an analysis of the profitability data disclosed by this year’s applicants.

“Fastest-Growing Managed Service Providers (MSPs) Survey Insights – 2023”examines data obtained from theNextGen 101, fast-growing businesses on the verge of making the Channel Futures MSP 501 ranking. The report provides market insights from the unique perspective of fast-growing partner businesses that are owned mainly by a younger generation of individuals and which exemplify the future of the channel.

Key insights include:

  • Managed security is now fundamental: Managed security was ranked as the top (or near the top) revenue-producing service and growth prospect, as increased threats from hackers, data breaches, and ransomware attacks have made managed security services must-have offerings.

More content as part of the Channel Partner Strategies Intelligence Service will be released later this year. The first “Quarterly Market Outlook Survey Insights” report is scheduled for release by the end of September.

Four additional new analyst reports are expected to publish by the end of this year:

  • Event Recap: Channel Futures Leadership + MSP Summit 2023
  • Quarterly Market Outlook Survey Insights – 3Q23
  • Trends to Watch Report – 2023
  • Routes to Market Report – 2023 

For more information about the new Omdia Channel Partner Strategies Intelligence Service, head to the product page on the Omdia website.

Leave a comment »

TweetDeck/XPro Now Requires A Subscription

Posted in Commentary with tags on August 16, 2023 by itnerd

You might recall that I spoke about the one useful tool that Twitter had to monitor multiple Twitter accounts was going behind a paywall in terms of it would require you to pay Elon Musk $8 a month. That tool is TweetDeck which is now called XPro which is in line with the rebranding efforts by Elon Musk of Twitter to X. It now appears that the paywalling of TweetDeck/X Pro has begun as there are reports of TweetDeck/XPro users being prompted to pay Elon $8 a month when they try to use TweetDeck/X Pro. I personally haven’t seen this, but I have to imagine that it’s only a matter of time before I do.

TweetDeck made Twitter usable for people like me who not only had to juggle multiple Twitter accounts, but to track individual issues that are trending in the world. Having to pay for this given Twitter’s declining relevance in the world makes no sense to me. And likely for many others. Thus I really question what the take up in terms of new Twitter subscriptions will be on this move. My guess is that it will be really low, but I am free to be surprised.

Leave a comment »

DHS Announces Investigation Into Cloud Security

Posted in Commentary with tags on August 16, 2023 by itnerd

Recently, the DHS has announced a investigation into cloud security:

“Organizations of all kinds are increasingly reliant on cloud computing to deliver services to the American people, which makes it imperative that we understand the vulnerabilities of that technology,” said Secretary of Homeland Security Alejandro N. Mayorkas. “Cloud security is the backbone of some of our most critical systems, from our e-commerce platforms to our communication tools to our critical infrastructure. In its reviews of the Log4j vulnerabilities and activities associated with Lapsus$, the CSRB has proven itself to be ready to tackle and examine critical and timely issues like this one. Actionable recommendations from the CSRB will help all organizations better secure their data and further cyber resilience.”  

Ani Chaudhuri, CEO, Dasera had this to say:

The recent announcement by the Department of Homeland Security regarding the Cyber Safety Review Board’s (CSRB) upcoming review on cloud security highlights the criticality and urgency of bolstering defenses in our modern digital landscape. Cloud environments have become ubiquitous, supporting myriad facets of public and private sector activities. Given this backdrop, we can go into the questions presented.

Significance/Implications for Cloud Providers:

  • Reputation and Trust: Cloud Service Providers (CSPs) have long championed the security of their platforms. This review will highlight their claims’ robustness and scrutinize their methodologies. Those proactive in their security strategies will find validation, while others might face a reckoning.
  • Evolution of Best Practices: The CSRB’s recommendations will likely lead to an industry-wide shift in best practices, nudging CSPs to adopt innovative strategies, especially concerning identity management and authentication.
  • Collaborative Efforts: This initiative underscores the need for public-private collaboration. CSPs should be primed to work closely with governmental agencies, benefiting from a broader pool of expertise.

Implications for Cloud Customers:

  • Enhanced Security Posture: As the CSRB crystallizes its findings into actionable recommendations, cloud customers stand to benefit directly. These guidelines can fortify their defense mechanisms, making them less susceptible to breaches.
  • Clarity and Education: Often, the intricacies of cloud security remain nebulous for many users. This review will bring much-needed clarity, helping organizations comprehend potential vulnerabilities and the ways to mitigate them.
  • Shared Responsibility Realignment: Cloud security operates on a shared responsibility model. This review will sharpen the contours of this model, helping customers discern their part in the grander security schema.

The Outcome of the Review and Potential Changes:

  • While the CSRB doesn’t have regulatory or enforcement powers, its influence stems from its collective expertise and the gravitas of its recommendations. Past reviews, like those into the Log4j vulnerabilities and the activities of Lapsus$, have been instrumental in reshaping cyber defense strategies.
  • Given the recent Microsoft Exchange Online intrusion, we can expect a renewed emphasis on strengthening identity management and authentication in the cloud. This might lead to the inception of new technologies or the broader adoption of extant yet underutilized solutions.
  • More importantly, the findings will likely foster a culture of proactive security vigilance rather than a reactive stance. The cloud industry might see an acceleration in the integration of advanced threat detection, response mechanisms, and continuous security education.

The DHS’s initiative, steered by the CSRB, couldn’t be more timely. In a world where our reliance on cloud infrastructure is deepening, such proactive measures herald a shift from merely responding to threats to preemptively identifying and plugging vulnerabilities. This is not just about technology; it’s about trust and ensuring the cloud remains a haven for innovation and growth.

Seeing as “the cloud” is central to businesses, this is a good move by the DHS. Because everyone needs to make sure that whatever infrastructure that people use are safe and secure 100% of the time.

Leave a comment »

« Older Entries
Newer Entries »