Google Report Highlights Weak Passwords Account For Almost Half Of Security Breaches…. Yikes!

Posted in Commentary with tags on April 15, 2023 by itnerd

Google is reporting that weak passwords accounted for almost half of security breaches affecting Google Cloud customers. Google is seeing nation state actors finding success exploiting “weak identity verification practices” according to Chris Porter, head of threat intelligence for Google Cloud “The percentage that’s a software issue or a zero-day, you know, it’s not zero, but it goes down and down and down. That’s a trend we generally expect to continue,” Porter said.
 
Google reports that compromise of API’s to gain permissions into a company systems is the second most common avenue of attack on their cloud systems and accounted for nearly one fifth of all reported incidents. They point out that ransomware attacks in the cloud, threatening to release stolen data, have become common events.

I have three comments on this. The first is from Willy Leichter, VP, Cyware:
    
   “This report seems depressingly familiar, that our oldest security problems – poor password practices and leaked API credentials, lead to the majority of attacks. But we must move beyond our typical response – trying to train and cajole end-users to be more careful. We need to assume that users will be careless, design better defense-in-depth, and leverage the explosion of AI tools to detect poor security practices, and advanced attacks that will always find weak points to exploit.”


The next is from Roy Akerman, Co-Founder & CEO, Rezonate:

   “This confirms the same exact information we have seen for the past decade. Identity was and remains the biggest risk, and the true “zero-day”, organization must address with priority. Current identity security approaches are fragmented across many tools and teams and does not fit today’s reality of a constantly changing infrastructure. Identity security hasn’t evolved for the past decade for the purpose of detecting identity exploitation. We were too busy managing and allowing access vs monitoring and detecting unauthorized access behaviors and a true end-to-end view across all stages of the identity lifecycle.”


The final comment is from George McGregor, VP, Approov:

   “The combination of weak passwords and careless API key management is a dangerous cocktail which opens up APIs as an attack surface for hackers. Better discipline in general is of course important, but developers should also put in place runtime solutions to prevent stolen keys being exploited. This can be done effectively by using app and device attestation combined with secret management solutions which allow keys to be rotated immediately if compromised or changed.”

This is depressing and hopefully this report from Google serves as a wake up call to do better on the security front. Because we live in a time where not doing better will end badly more often than not.

Leave a comment »

Uptycs Threat Research Team Has Uncovered “Zaraza bot” – A New Strain Of Malware Targeting Web Browsers

Posted in Commentary with tags on April 15, 2023 by itnerd

Following the recent MacStealer discovery, the Uptycs threat research team uncovered a new strain of malware, dubbed Zaraza bot, which targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors.

Specifically, Zaraza bot steals login credentials from 38 web browsers including Google Chrome, Microsoft Edge, Opera, AVG Browser, Brave, and Yandex.

The newly uncovered attack campaign uses infostealer malware. This browser stealer exfiltrates sensitive information such as login credentials for websites like bank accounts, cryptocurrency wallets, email accounts, and web pages. Attackers then use this  stolen data for malicious purposes, namely identity theft, financial fraud, and unauthorized access to personal and business accounts.

Additional details can be found in a blog post that was released yesterday.

Leave a comment »

TELUS Named Western Canada’s best broadband network

Posted in Commentary on April 14, 2023 by itnerd

Today, TELUS is proud to announce its industry-leading results from Opensignal’s April 2023 Canada Fixed Broadband Experience Report, bringing home top honours in Canada’s two westernmost provinces. TELUS received outright wins for Consistent Quality, Video Experience and Upload Speed in B.C. and Alberta, as well as took first place in B.C. for Broadband Success Rate. It also tied for first in B.C. and Alberta for Peak Download Speed, and tied for first in Alberta for Broadband Success Rate. These results demonstrate TELUS’ network dominance in Fixed Broadband in Western Canada, solidifying TELUS’ position as the home Internet provider to beat when it comes to network quality, experience and speed.

This latest recognition from Opensignal complements the countless accolades TELUS has earned over the years for its world-leading networks, including TELUS’ most recent recognition from PCMag as Canada’s best mobile carrier. TELUS has also previously been recognized by other independent industry-leading experts, including US-based Ookla, building on an outstanding record of achievement with respect to network excellence.

TELUS’ PureFibre network is built with state-of-the-art fibre optics, right up to the connection point at the home or business, ensuring customers have the fastest most capable network available. With the only true all fibre network in Western Canada, TELUS delivers the best network performance available anywhere in the world, including the fastest upload and download speeds. This infrastructure not only offers unparalleled connectivity, but also delivers significant sustainability benefits. The fibre optic technology used in TELUS’ PureFibre network is much more energy-efficient compared to traditional copper-based networks. Fibre optic cables transmit data using light signals over glass strands, which require less energy to transmit data compared to copper cables. This translates into a lower carbon footprint, as TELUS’ PureFibre network requires less electricity to operate, resulting in reduced greenhouse gas emissions.

Since 2000, TELUS has invested nearly $220 billion in network infrastructure, spectrum, and operations, and plans to invest $70 billion overall across Canada by 2026 to enhance the coverage, speed, and reliability of its global-leading networks and connect customers from coast to coast. TELUS also has a longstanding commitment to strengthening relationships with Indigenous Peoples, including First Nations, Métis, and Inuit communities, acknowledging that its work spans many Traditional Territories and Treaty areas. Through public-private partnerships, 504 rural communities and 577 Indigenous lands have been enabled with TELUS’ advanced broadband connectivity, positively impacting 360,000+ rural and Indigenous households and businesses.

To learn more about TELUS’ network coverage visit telus.com/network

Leave a comment »

Hyundai France And Italy Pwned… And Personal Details Were Exposed

Posted in Commentary with tags on April 14, 2023 by itnerd

Hyundai has disclosed a breach impacting Italian:

And French car owners. Including those who booked a test drive.

The letter shared on Twitter states that the bad actor did not steal financial data or identification numbers and that the incident has exposed the following types of data:

  • E-mail addresses
  • Physical addresses
  • Telephone numbers
  • VIN numbers

Hyundai says the impacted systems are currently offline until additional security measures are implemented.

Hyundai has had numerous cybersecurity issues just in the last few months. In February, there was a USB cable hack, and in December bugs in the Hyundai app allowed attackers to unlock and start cars and steal car owner information. So this isn’s a good look for the carmaker.

Ted Miracco, CEO, Approov had this to say :

   “Automobile manufacturers rely on one of the most complex networks of suppliers, and any vulnerability in the supply chain can be exploited by cybercriminals to gain access to sensitive data.

   “As modern vehicles become increasingly electronic-based products, they are both more connected and more software-driven. These trends make all automotive companies much more vulnerable to cyberattacks, particularly those emanating from mobile apps or devices. Hyundai isn’t alone in falling victim to the vulnerabilities in the software or systems used in a vehicle, however they have been a frequent target and attackers have gained access to sensitive data. This is certainly problematic for Hyundai and something that needs to be addressed to rebuild consumers’ confidence in their products.“

The thing is, this isn’t just a Hyundai problem. Every car maker needs to be serious about cybersecurity. Otherwise threat actors will have a field day finding vulnerabilities that could put lives at risks seeing as cars are rolling hunks of metal moving at significant speeds.

Leave a comment »

Review: EnGenius ECW130 Indoor Wireless Access Point

Posted in Products with tags on April 14, 2023 by itnerd

EnGenius has always been good at coming up with easy to deploy and easy to manage WiFi, PoE, and networking products. And the EnGenius ECW130 Indoor Wireless Access Point certainly fits that bill. But what makes this a bit different is the price. I found it online for $214 CDN per access point which makes it more than affordable. And if you combine that with the features that I am about to talk about, this access point is a winner in my eyes. Let’s start with what this access point is capable of:

  • Fast and reliable AP utilizing 4 spatial streams and MU-MIMO for any professional office 
  • Supports up to 1,733 Mbps in 5-GHz band & 800 Mbps in 2.4-GHz band
  • 802.11ac wave 2 compatible with ax/ac/a/b/g/n client devices

One thing to note is that while there is an AC adapter plug as you will see in a moment, there’s no AC adapter in the box. Thus you have to be running Power over Ethernet or have an adapter like this one .

As for the physical aspects of the access point:

This is a ceiling mounted access point, and other than the LEDs at the top, there’s not a whole lot here to see. Speaking of being ceiling mounted, all the hardware you need to mount it is in the box.

You’ll note that there are two Ethernet ports. The main one is the one on the right which supports Power over Ethernet. The second one is to be used if you want to bring even more bandwidth to the access point. Or put another way, this access point supports link aggregation. You’ll also see the DC IN plug for power.

I should also mention the box that it came in. The box is made of recycled materials and has a pair of QR codes. One to allow you to download the mobile app, and one that gives you access to the quick start guide. That should help people to install this easily. Speaking of which, once you download the mobile app, it’s laughably easy to set up. As in scan a barcode on the back of the housing and spend a few minutes getting settings that work for you configured. You might also want to check for a firmware update to make sure that you’re good to go. And one other thing that I have to say is that the EnGenius cloud management is amazing. I’ve put their access points into a number of my commercial clients and being able to manage them from anywhere is a huge productivity boost as you can update firmware from your smart phone, or reboot a problematic access point from your living room while watching a Formula 1 race. And it doesn’t cost you anything to use.

So, how about the speed from this access point? Since it doesn’t do anything more than WiFi 5, I wasn’t expecting blazing fast speeds. But it doesn’t suck. Doing file copies, I registered an average of 100MB/sec at close range. When I move to the other end of my condo which I measured to be about 10 meters, the speed dropped to 75MB/sec. These are all respectable speeds and won’t cause complaints from anyone.

Now who would I recommend this access point for? A small business who needs WiFi, but doesn’t need the fastest WiFi because price matters more than speed to them. Alternatively a home user could put commercial grade WiFi into home at a low price point. And if either use case really needs WiFi 6, EnGenius will happily sell you their ECW230 which has everything that you just read about, but brings WiFi 6 to the party.

The ECW130 from EnGenius has a great price point and a lot of features packed in with a healthy amount of performance. This is an access point that’s worth your time to look at as long as you absolutely don’t need WiFi 6 in your life.

Leave a comment »

Elon Musk’s Desperation For Twitter To Make Money Shows As New Features Come To Twitter Blue And Super Follow

Posted in Commentary with tags on April 14, 2023 by itnerd

I really get the sense that Elon’s product strategy with Twitter is to keep throwing stuff at the metaphorical wall and hope and pray that something sticks so that he can make money. And I say that based on the fact that in the last few hours, Elon has made two changes. Let’s start with the Super Follow feature. To be frank, it’s never been that popular amongst creators. But Elon hopes by rebranding it Twitter Subscriptions, it will become popular. And Elon has quite the deal for you if you sign up:

Let’s see how long it takes before he starts taking a cut of the revenue because he is so desperate for Twitter to make money.

I’ll point out one other thing. As is typical for anything that Elon does with Twitter, this change is a bit of a train wreck next to a dumpster fire. Apparently this was actually rolled out months ago, and Elon for whatever reason seems to be bringing it to light now. And apparently people have applied for this months ago when it first surfaced…. But:

Another #Fail for Elon? I think so.

Let’s move on to his other brainwave shall we? And that’s Twitter Blue. He’s tweaked the offering:

Keep in mind that Twitter has already increased the character count in Tweets for Twitter Blue subscribers to 4000 and very few people have signed up. And to be honest, I for one would not read a Tweet that long. Thus I have to wonder what effect will adding 10000 characters along with bold and italic formatting will do. Likely nothing from where I sit. That’s on top of the fact that this isn’t going to be a mobile friendly experience which will disincentivize people from using this feature as nobody is going to type out 10000 characters on their iPhone. As always, I am free to be surprised, but I suspect I won’t be. And it looks like I am not the only person who feels that way:

And speaking of that mobile friendly experience, none of this works on mobile apparently:

Another #Fail for Elon. The latest of many #Fails for Elon. I wonder how his rather fragile ego survives all this failure with Twitter?

1 Comment »

DeathNote Shifts To Targeting The Defense Industry

Posted in Commentary with tags on April 13, 2023 by itnerd

Kaspersky reported yesterday that since April 2020, threat actor Lazarus Group has had an evolution in its techniques and procedures shifting to targeting defense companies instead of crypto businesses as part of their “DeathNote” campaign. 

The payload relies on trojanized open-source PDF viewer software and weaponized documents to collect and report the victim’s information. Initially, the malware author used decoy documents that were related to cryptocurrency but has now switched all the decoy documents to job descriptions related to defense contractors and diplomatic services. 

The focus began to shift:

  • Early 2020 – EU automotive and academic organizations linked to the defense industry
  • May 2021 – IT company that provides solutions for monitoring network devices and servers
  • May 2021 – Defense contractor in Latin America
  • July of 2022 – Defense contractor in Africa 
  • March 2022 – Several similar victims in South Korea

All relied on the same DLL side-loading technique observed in the crypto targeted programs.

Christopher Peacock, Principal Detection Engineer, SCYTHE had this to say:

   “Often governments shift capabilities to address their needs and requirements, so there may have been a strategic shift from targeting crypto businesses for money to more classical espionage attempting to collect defense information.”

This is one of these situations where education and prudent use of tools would make a difference in terms of defending against attacks like these. Hopefully we’ll see defenders make that shift just like Lazarus has made a shift.

Leave a comment »

Elon Musk’s Desperation For Twitter To Make Money Shows As He Now Will Allow Users To  Trade Stocks And Crypto 

Posted in Commentary with tags on April 13, 2023 by itnerd

One of the things that Elon Musk wants to make Twitter into the “everything app.” Now if you’re not sure what that means, click here for some background. But to be honest, I am not sure even Elon knows what that means. In any case, Twitter has partnered with a company called eToro to advance that goal. And that partnership will give Twitter users to ability to trade stocks and crypto on the platform:

Starting Thursday, a new feature will be rolled out on the Twitter app. It will allow users to view market charts on an expanded range of financial instruments and buy and sell stocks and other assets from eToro, the company told CNBC exclusively.

Currently, it’s already possible to view real-time trading data from TradingView on index funds like the S&P 500 and shares of some companies such as Tesla. That can be done using Twitter’s “cashtags” feature — you search for a ticker symbol and insert dollar sign in front of it, after which the app will show you price information from TradingView using an API (application programming interface).

With the eToro partnership, Twitter cashtags will be expanded to cover far more instruments and asset classes, an eToro spokesperson told CNBC.

You’ll also be able to click a button that says “view on eToro,” which takes you through to eToro’s site, and then buy and sell assets on its platform. EToro uses TradingView as its market data partner.

“As we’ve grown over the past three years immensely, we’ve seen more and more of our users interact on Twitter [and] educate themselves about the markets,” Yoni Assia, eToro’s CEO, told CNBC in an interview. 

“There is very high quality content, real-time content on financial analysis of companies and what’s happening around the world. We believe this partnership will enable us to reach those new audiences [and] connect better the brands of Twitter and eToro.”

I’m sure that the real reason behind this partnership is that Elon gets a cut of anything done on the platform. Which I am sure he hopes will make him lots of money. After all he is desperate for money. And you have to wonder what he will do next when, not if this doesn’t work for Elon.

Leave a comment »

Trinity Broadcasting Network Chooses Nyriad UltraIO Storage Platform And DigitalGlue creative.space

Posted in Commentary with tags on April 13, 2023 by itnerd

Nyriad and DigitalGlue have announced that Trinity Broadcasting Network (TBN) has chosen Nyriad UltraIO storage and the DigitalGlue creative.space solution as the foundation for its editorial and media asset management environment. In doing so, TBN will be able to improve the performance, resilience, and efficiency of its media production workflows while removing complex IT-centric tasks and simplifying them with a streamlined user experience. TBN can now better optimize its resources, eliminate costly post-production delays, and continue to deliver high-quality content on time and within budget.

Launched in 1973 by Christian television pioneers Paul and Jan Crouch, TBN began as one television station broadcasting a few hours of Christian programming each day to viewers throughout the Los Angeles area. In the years since, TBN has grown into a family of over thirty twenty-four-hour global networks reaching every inhabited continent with entertaining, inspirational, and life-changing programming for every family member and demographic.

The programming requirements for TBN are substantial and require a team of writers, producers, and creatives to generate fresh and engaging content that appeals to their audience. This task involves producing a wide range of television shows, documentaries, films, news programs, educational programs, and more. Additionally, TBN constantly refreshes its content to keep audiences engaged and interested, which requires a continuous stream of new ideas, scripts, and concepts. Supporting a network of this size and scope was beginning to put a strain on its aging data storage infrastructure, and it was decided that a replacement solution was required.

After careful consideration of its current storage, as well as an exhaustive review of another nine potential solutions, the Nyriad UltraIO storage platform and DigitalGlue creative.space combined solution was found to be the most highly performant, more resilient, and dramatically more cost-effective – from both a cost of acquisition and overall TCO standpoint, than every one of the competitors.

To learn more about the joint Nyriad UltraIO and DigitalGlue creative.space solution, please visit: https://www.nyriad.io/nyriad-and-digitalglue-solution-brief/ and https://www.creative.space/partnerships/nyriad.

Leave a comment »

Cradlepoint Recognized As A Leader And Outperformer In GigaOm Radar Report

Posted in Commentary with tags on April 13, 2023 by itnerd

Cradlepoint, the global leader in cloud-delivered LTE and 5G wireless network solutions, has been named as a Leader and Outperformer in GigaOm’s Radar Report for SD-WAN for its 5G-optimized solution. GigaOm rated Cradlepoint’s SD-WAN offerings “exceptional” in the categories of scalability, manageability, and vendor support.  

The report specifically highlights Cradlepoint’s NetCloud Exchange (NCX) as one of the company’s strengths. An extension of Cradlepoint’s NetCloud Service, NetCloud Exchange allows enterprises to enhance the benefits of 5G with advanced SD-WAN and zero trust capabilities. As more enterprises take advantage of the ability to connect from anywhere using 5G, providing modern security and application assurance features will enhance the overall quality of experience while reducing the overall attack surface. 

5G is rapidly becoming an essential WAN infrastructure technology, enabling agile connectivity for use cases such as vehicles, IoT devices, sites, and remote work. With 5G standalone deployments on the horizon, Cradlepoint’s 5G-optimized SD-WAN solution is also a nod to the future of connectivity, due to its ability to support application-based traffic steering into network slices. This critical functionality will help carriers make network slicing a reality in the enterprise. It will also enable enterprises to take advantage of differentiated services over 5G networks, facilitating the transition of wired to wireless WANs.   

Earlier this month, Cradlepoint furthered its SD-WAN and security ambitions with the acquisition of Ericom and its cloud-based security solution, ZTEdge. The move solidifies Cradlepoint’s SASE, zero trust, and cloud-based security strategies for hybrid 5G and wireline environments. The Ericom acquisition is a key part of Cradlepoint’s strategy of building a full-stack enterprise security service optimized for 5G. 

For further insights into GigaOm’s SD-WAN Radar Report and a look into the future of the intersection of SD-WAN and 5G, Cradlepoint will host a webinar on Wednesday, May 3rd, 2023 at 1:00 p.m. EST, co-presented with Howard Holton, CTO of GigaOm.  

Leave a comment »

« Older Entries
Newer Entries »