Clorox Discloses That Operations And Systems Were Taken Offline Due To ‘Unauthorized Activity’ 

Posted in Commentary with tags on August 17, 2023 by itnerd

This week in regulatory filings with the SEC, Clorox reported a cybersecurity incident that forced it to take several systems offline and is causing disruption to parts of the business’s operations.

“To the extent possible, and in line with its business continuity plans, Clorox has implemented workarounds for certain offline operations in order to continue servicing its customers,” the company said in an 8-K filing.

Clorox noted in its 10-k report that it has seen an increase in the number of cyber attacks since shifting to a hybrid remote work model, and while they are in the process of a multi-year technology upgrade, including transitioning to a cloud-based platform,:  

“The upgrade poses several challenges, including training of personnel, migration of data and the potential instability of the new system.

“[Clorox] may be vulnerable to increased risks, including the risk of security breaches, system failures and disruptions.”

Ted Miracco, CEO, Approov Mobile Security had this comment:  

“Clorox and many other companies are being adversely affected by a one two punch of a shift to remote work and the concurrent reliance on personal mobile devices. This dynamic has dangerously expanded the attack surface for cyber threats, especially business email compromise, cyber extortion, phishing, and other social engineering attacks.  

“Organizations must urgently prioritize protections for this new perimeter, and it is especially important to focus on remote workers whom may be using personal devices that are not as secure as company-issued devices.”

Steve Hahn, Executive VP, BullWall follows with this comment:   

“As Clorox indicated in their company 10K filings, cyber attacks have escalated in the last few years due to their new “hybrid” work from home model. Like many companies, this work model expands the attack surface and makes the job of securing the endpoints nearly impossible. Broadly speaking, we’ve seen a huge uptick as a result of increased efforts by threat actors who now have vastly more attack vectors to take advantage of.  

“It doesn’t seem to matter how good a company’s preventative posture is, with a determined threat actor it’s a matter of “when” not “if” the attackers are successful. Because of this companies need to adopt a post breach mentality that looks to respond and recover in milliseconds by containing the attack, and not just focusing on prevention.”

With hybrid work here to stay, companies have to think differently about how they secure themselves. And as evidenced by this case, make every effort to make sure that either the bad guys don’t get in, or they are forced out as quickly as possible.

2 Comments »

LinkedIn Accounts Pwned In Massive Hacking Campaign

Posted in Commentary with tags , on August 17, 2023 by itnerd

As reported by Cyberint, LinkedIn is being targeted in a surge of account hacks, takeovers and lockouts with the inability for users to resolve the issues through LinkedIn’s support.

“While LinkedIn has not yet issued an official announcement, it appears that their support response time has lengthened, with reports of a high volume of support requests,” reports Cyberint’s researcher Coral Tayar.

Meanwhile, users have taken to various online forums such as Twitter and Reddit to air their frustrations regarding LinkedIn’s lack of response and support in recovering the breached accounts, some reporting it’s been almost a week and they haven’t received assistance yet.

As observed by Cyberint in many accounts, the attackers appear to be using leaked credentials or brute-force to attempt to gain control. For accounts that are well protected, the takeover attempts only resulted in a temporary account lock, but when the hackers successfully took over LinkedIn accounts, they quickly swapped the associated email address, changed the password, and in some instances even turned on 2FA making the account recovery process even more difficult.

In some instances, the attackers demanded a small ransom to return the accounts back to the owners and in others they simply deleted the accounts without asking for anything.

Emily Phelps, Director, Cyware had this to say:   

“We live a significant part of our lives online, and we don’t want our online identities in the wrong hands. I have no doubt that LinkedIn is receiving a tremendous increase in support requests, which likely accounts for the slow response time, it is advisable to reach out to your customers and inform them of the steps you’re taking to rectify the situation.”  

If you maintain a LinkedIn account, now would be a good time to review the security measures you’ve activated, enable 2FA, and switch to a unique and long password. As for LinkedIn, I can’t find any evidence that they’ve commented on this. Which doesn’t look good on them at all.

Leave a comment »

Mass Exploitation Campaign Backdoors Almost 2000 Citrix NetScalers 

Posted in Commentary with tags , on August 17, 2023 by itnerd

A hacking group has exploited a critical vulnerability in Citrix NetScaler servers to compromise close to 2,000 servers in a massive campaign, before patches could be applied.

As of 8/14 Fox-IT researchers report that of some 31,127 vulnerable servers, more than 1,900 remain “backdoored” and of those found, 1,248 had already been patched, but were never checked for signs of successful exploitation.

The vulnerability, tracked as CVE-2023-3519, allows hackers to execute arbitrary code on the servers without authentication allowing them to do anything they want on the servers, including steal data, install malware, or disrupt operations.

Main Takeaways:

  • A set of vulnerabilities in NetScaler, one of which allows for remote code execution, were disclosed on July 18th. This disclosure was published after several security organizations saw limited exploitation of these vulnerabilities in the wild.
  • Fox-IT (in collaboration with the Dutch Institute of Vulnerability Disclosure) have scanned for these webshells to identify compromised systems. Responsible disclosure notifications have been sent by the DIVD.
  • At the time of this exploitation campaign, 31127 NetScalers were vulnerable to CVE-2023-3519.
  • As of August 14th, 1828 NetScalers remain backdoored.
  • Of the backdoored NetScalers, 1248 are patched for CVE-2023-3519.

David Mitchell, Chief Technical Officer, HYAS had this to say:  

“Unfortunately, this is far from the first time this has happened in recent memory. In previous campaigns, attackers gained footholds within F5, Fortinet and VMware appliances through exposed management interfaces in order to avoid detection by EDR software.  

“Regardless if the exploit is already in the wild, customers are expected to monitor their devices for the IOCs before and after the patch is applied — which is obviously not at an acceptable level. The reason for this gap may be education, outsourced managed devices or division of security labor within an organization, but I do not expect attacks on network devices to stop anytime soon.”

Clearly simply patching everything isn’t enough. You also have to make sure that the bad guys aren’t already in. Which means that you need to take more rigorous steps to make sure that you’re not on the wrong end of a headline.

Leave a comment »

Flashpoint Releases July Cyber Threat Intelligence Index

Posted in Commentary with tags on August 17, 2023 by itnerd

Flashpoint has published its July 2023 Cyber Threat Intelligence Index.  Here are some numbers from July:

  • There were 515 ransomware attacks
  • 1994 new vulnerabilities with 312 of them being missed by the Common Vulnerabilities and Exposures (CVE) and National Vulnerability Database (NVD)
  • 529 Data Breach events

The Index also deals with Insider Threats and the state of malware. You can read it here.

Leave a comment »

Fisker Releases Additional Details On Their Upcoming Alaska Truck  

Posted in Commentary with tags on August 17, 2023 by itnerd

 Fisker Inc. has today released additional details on its Fisker Alaska pickup truck. Fisker revealed the Alaska at its Product Vision Day on August 3.

Fisker Alaska 2023

The Fisker Alaska is the company’s “everything” vehicle: sporty handling and driving dynamics combined with luxury SUV comfort and everything that discerning buyers in the booming pickup-truck market expect. But Fisker also intends to make the Fisker Alaska the world’s most sustainable pickup when deliveries commence in 2025.

The company is also innovating with the vehicle, particularly when it comes to the bed, which is designed to expand from 4.5 to 7.5 feet thanks to a Houdini partition behind the rear seats that can be electronically lowered into space created by the battery layout of the FM31 platform. The Houdini door will be protected by a flip-up panel. With the powered liftgate dropped and rear seats lowered, the bed expands to 9.2 feet. When the rear seats are folded down and the Houdini is lowered, the rear seats are protected by fold up panels including a panel folding up behind the front seats. Beyond that, Fisker aims for the Fisker Alaska to be the world’s lightest electric pickup and feature extra storage in an insulated front trunk.

The Fisker Alaska will be offered with two battery packs — 75 kWh and 113 kWh — that will offer range of 230-340 miles; the 0-60mph time will range from 3.9 to 7.2 seconds. The vehicle will be 17.4 feet in length and entice owners with a big gulp cupholder, the world’s largest, a cowboy hat holder, cockpit storage for work gloves, a large center armrest with storage for flashlights and pens, and a passenger tray with a tablet holder. Wheels will be available in 20- and 22-inch sizes.

Production of the Fisker Alaska is expected to start in Q1 of 2025. Interested customers can reserve the vehicle at Fiskerinc.com for $250 for their first Alaska and fully refundable $100 for the second.

Leave a comment »

TELUS Cellular Customers Appear To Be Having Issues [UPDATE: Resolved?]

Posted in Commentary with tags on August 16, 2023 by itnerd

No sooner did I post this story about Bell customers having issues with their cell phone service did someone ping me to ask if I was having issues with my iPhone on the TELUS network as it is not a secret that I am a TELUS customer. I did a couple of tests and I don’t appear to have any issues. But DownDetector paints a different picture:

I then when to the TELUS Service Status page and it says that there is an active outage affecting their cell phone users:

This really isn’t a surprise as Bell and TELUS apparently share infrastructure. But what is interesting is that issues with TELUS appear to have started much later than the issues Bell. I’m honestly not sure how widespread this is as I have no issues with my iPhone at the moment over 5G. But just like I said in my story about Bell, if you’re having issues using your phone on TELUS, it’s them and not you.

UPDATE: The TELUS Service Status page now shows that there are no outages. Thus I am guessing that whatever happened is resolved. If you have a different experience with TELUS, please let me know.

Leave a comment »

Bell’s Cellular Customers Appear To Be Having Issues [UPDATE: Resolved?]

Posted in Commentary with tags on August 16, 2023 by itnerd

It appears that Bell has an issue that is impacting their cellular customers at the moment. Here’s a look at what DownDetector sees:

Whatever issues Bell is having, it started earlier this morning and got worse just before 1PM. At least Bell has admitted to issues in the Toronto area on Twitter:

But to be honest, I am not sure if these issues extend beyond Toronto. But the bottom line is that if you’re having issues making a phone call on your Bell cell phone, it’s them and not you.

UPDATE: Bell is now saying that the issue is resolved:

If you’re seeing something different, please let me know.

1 Comment »

TikTok Banned For NYC Employees

Posted in Commentary with tags on August 16, 2023 by itnerd

It’s been a while since I’ve written about someplace banning TikTok. But one of the biggest cities out there has just joined the bandwagon:

New York City is banning TikTok from city-owned devices and requiring agencies to remove the app within the next 30 days.

The directive issued Wednesday comes after a review by the NYC Cyber Command which a city official said found that TikTok “posed a security threat to the city’s technical networks.” Starting immediately, city employees are barred from downloading or using the app and accessing TikTok’s website from any city-owned devices.

“While social media is great at connecting New Yorkers with one another and the city, we have to ensure we are always using these platforms in a secure manner,” a NYC City Hall spokesperson said in a statement to The Verge Wednesday. “NYC Cyber Command regularly explores and advances proactive measures to keep New Yorkers’ data safe.”

The city cited US Office of Management and Budget guidelines discouraging TikTok’s use on government devices as well as federal legislation banning the app passed earlier this year.

TikTok really has an issue here as they have been unable to come up with any argument that stops places from banning the social media app. Until they do that, this will keep happening. And at some point, TikTok will have to do something different before the narrative simply becomes “TikTok is evil.”

Leave a comment »

Omdia Launches Channel Partner Strategies Intelligence Service

Posted in Commentary with tags on August 16, 2023 by itnerd

Leading tech research organization Omdia, part of Informa Tech, has launched the Channel Partner Strategies Intelligence Service, a channel-focused market research product. The service has been designed to help channel-focused vendors and technology suppliers accelerate growth and gain a deeper understanding of the key trends shaping the tech landscape. It offers a particular focus on the shift in technology consumption due to the evolution of managed services and insights into new and innovative solution providers.

First announced in May at the 2023 Channel Partners Conference & Expo, the Channel Partner Strategies Intelligence Service comes from the Omdia Channel Research and consulting team. The team is led by Devan Adams, Principal Analyst, and Debbie Kane, Principal Consultant.

Reports available from the new service will provide technology vendors and suppliers with expert channel research, analysis and actionable insights into the key market trends, technology innovations and strategies shaping the evolving channel ecosystem.

The first two major reports, available now, are the “Managed Service Provider (MSP) 501 Survey Insights – 2023” and the “Fastest-Growing Managed Service Providers (MSPs) Survey Insights – 2023.”

“Managed Service Provider (MSP) 501 Survey Insights – 2023”analyzes the results from the industry’s most comprehensive global survey and ranking of MSPs, the Informa Tech Channel Futures MSP 501. The report provides key insights from the global survey, including insight into revenue-producing services, markets served, technology adoption, managed service offerings, customer segments and M&A. For the first time, the report offers a view into the profitability of the managed services market.  

Key insights include:

  • Channel resiliency on display​: Even with economic headwinds such as employee attrition and inflation, average total revenue growth grew significantly, as MSPs reap the benefits of business customers increasing their co-managed and full outsourcing efforts to lower OPEX.  
  • Managed services profitability: The report sheds light on the health of the managed services marketplace through an analysis of the profitability data disclosed by this year’s applicants.

“Fastest-Growing Managed Service Providers (MSPs) Survey Insights – 2023”examines data obtained from theNextGen 101, fast-growing businesses on the verge of making the Channel Futures MSP 501 ranking. The report provides market insights from the unique perspective of fast-growing partner businesses that are owned mainly by a younger generation of individuals and which exemplify the future of the channel.

Key insights include:

  • Managed security is now fundamental: Managed security was ranked as the top (or near the top) revenue-producing service and growth prospect, as increased threats from hackers, data breaches, and ransomware attacks have made managed security services must-have offerings.

More content as part of the Channel Partner Strategies Intelligence Service will be released later this year. The first “Quarterly Market Outlook Survey Insights” report is scheduled for release by the end of September.

Four additional new analyst reports are expected to publish by the end of this year:

  • Event Recap: Channel Futures Leadership + MSP Summit 2023
  • Quarterly Market Outlook Survey Insights – 3Q23
  • Trends to Watch Report – 2023
  • Routes to Market Report – 2023 

For more information about the new Omdia Channel Partner Strategies Intelligence Service, head to the product page on the Omdia website.

Leave a comment »

TweetDeck/XPro Now Requires A Subscription

Posted in Commentary with tags on August 16, 2023 by itnerd

You might recall that I spoke about the one useful tool that Twitter had to monitor multiple Twitter accounts was going behind a paywall in terms of it would require you to pay Elon Musk $8 a month. That tool is TweetDeck which is now called XPro which is in line with the rebranding efforts by Elon Musk of Twitter to X. It now appears that the paywalling of TweetDeck/X Pro has begun as there are reports of TweetDeck/XPro users being prompted to pay Elon $8 a month when they try to use TweetDeck/X Pro. I personally haven’t seen this, but I have to imagine that it’s only a matter of time before I do.

TweetDeck made Twitter usable for people like me who not only had to juggle multiple Twitter accounts, but to track individual issues that are trending in the world. Having to pay for this given Twitter’s declining relevance in the world makes no sense to me. And likely for many others. Thus I really question what the take up in terms of new Twitter subscriptions will be on this move. My guess is that it will be really low, but I am free to be surprised.

Leave a comment »

« Older Entries
Newer Entries »