PBS Dumps Twitter…. I Wonder In What Immature Way Will Elon Musk React To This?

Posted in Commentary with tags on April 13, 2023 by itnerd

Yesterday, I wrote about NPR dumping Twitter because Elon Musk slapped a “government-funded media” label on their Twitter account. At the time, I said this:

This could be the start of other news organizations dumping Twitter. Which will add to the death spiral that Twitter is already in as nobody wants to go someplace where there is no content to view. Perhaps Elon should have thought about that before he decided to slap “government-funded media” labels on both NPR and BBC.

Today, we have PBS announcing that it will be dumping Twitter as well:

The public broadcaster joined NPR in saying it is no longer interested in sharing its content on the platform, after owner Elon Musk slapped a “government-funded” label on its account, which carries more than 2 million followers.

“PBS stopped tweeting from our account when we learned of the change and we have no plans to resume at this time,”a spokesman for the outlet told The Hill. “We are continuing to monitor the ever-changing situation closely.”

Well, that’s going to sting. And it validates that this is going to be one of those situations where you’re likely to see other news outlets do the same thing. But that’s over the medium to long term. In the short term, I wonder how Elon will react to this. In his typical immature way, he posted this Tweet after NPR dumped Twitter:

I fully expect something equally as immature from Elon at any time. Which shows you what type of person he is.

Leave a comment »

New Zelle Phishing Attack Has Hackers Spoofing Popular Money Transfer Site: Avanan

Posted in Commentary with tags on April 13, 2023 by itnerd

Zelle has become a top-rated money-transfer service, making it easy for users to instantly send money to friends or businesses. Unfortunately, its popularity has also attracted the attention of hackers who are now spoofing Zelle to steal money from unsuspecting end-users. 

Avanan, a Check Point Software Company, has revealed how hackers spoofed Zelle to obtain money from their victims. Avanan’s cybersecurity researchers have prepared an attack brief discussing the tactics used by these hackers to deceive their victims.

In this attack, hackers send out well-crafted spoofed Zelle emails to trick users into sending money directly to them. Using social engineering and brand impersonation techniques, cybercriminals convincingly mimic Zelle’s email communications, luring users to click on a malicious link.

You can read the report here.

Leave a comment »

Mega Tax Time Phishing Scheme Detailed By INKY

Posted in Commentary with tags on April 13, 2023 by itnerd

INKY has published a new Fresh Phish. Tax season can bring out the worst in phishers, but this scam has an interesting twist! 

This report details how the phisher is targeting tax professionals and stealing the data and credentials they need to file false claims, all with the help of a service called ‘Mega’, that the notorious crime ringleader Kim Dotcom founded.

The report can be found here.

Leave a comment »

New Python-Based Credential Harvester & Hacktool Malware Emerges: Cado Security

Posted in Commentary with tags on April 13, 2023 by itnerd

Cado Security will release a report on a newly discovered Python-based credential harvester and hacktool called Legion, which targets various services for email exploitation. Cado’s research indicates that Legion is likely linked to the AndroxGh0st malware family, first reported in December 2022. Interestingly, the tool is being marketed and sold via Telegram messenger.

Legion is designed to exploit web servers running CMS, PHP, or PHP-based frameworks. It can retrieve credentials for a wide range of web services, such as email providers, cloud service providers, server management systems, databases, and payment platforms like Stripe and PayPal. Furthermore, Legion can hijack SMS messages and compromise AWS credentials.

A unique aspect of Legion, not previously covered in the research, is its ability to send SMS spam messages to users of mobile networks in the United States. The report will provide a comprehensive list of targeted carriers, including AT&T, Sprint, Verizon, and others.

Cado Labs discovered a YouTube channel containing tutorial videos on Legion, indicating that the tool is widely distributed and likely paid malware. Cado also found several Indonesian-language comments, suggesting the developer may be Indonesian or based in Indonesia.

You can read the report here.

Leave a comment »

Geotab Drives Industry Standard in Electric Vehicle Fleet Management with Data IntelligenceSolutions for Over 300 EV Makes and Models

Posted in Commentary with tags on April 13, 2023 by itnerd

 Geotab Inc. is revolutionizing the way electric vehicles are managed with its comprehensive telematics and data intelligence solutions. Geotab’s platform provides near real time data on battery charge, range, energy and fuel usage and charging history for over 300 different EV makes and models, making it the global leader in EV telematics.  

Geotab announced the world leading milestone at the grand opening of its new Innovation and Research Hub in High Wycombe, England. This state-of-the-art facility, which has been active since 2020, is dedicated to advancing the data intelligence required to support the electrification of the transportation sector at scale. The hub is home to some of the brightest minds in the industry who are pioneering the way forward in developing cutting-edge technologies to support connected vehicles of all kinds. With a focus on delivering innovative solutions, this center of excellence is at the forefront of driving a cleaner and more sustainable future for transportation.

Despite the rapid growth of the EV industry, there is still a lack of official vehicle information standards, creating unique data challenges for fleet managers. Through Geotab’s technology and reverse engineering process, the company offers comprehensive data insights that provide fleet managers with the information needed to make informed decisions for fleet electrification and sustainability goals, such as vehicle range, efficiency and state-of-charge. Without access to this data, fleets can face issues such as inefficiency, unexpected breakdowns, decreased productivity and an unsatisfactory electric vehicle experience. 

Geotab has been at the forefront of innovation for over 20 years. It has continuously evolved to meet the changing needs of the industry, and for the past decade, has been specializing in electric vehicles. The company’s ability to provide rich and comprehensive data signals for virtually any EV make or model is a remarkable milestone that reflects the hard work of hundreds of engineers and data scientists.

Geotab offers a range of tools for EV fleet management, including an EV Suitability Assessment (EVSA) that analyzes unique driver profiles and patterns to identify which fleet vehicles are suitable for electrification. The Green Fleet Dashboard compares performance against similar fleets, including EV performance, usage, and cost savings, and the Fleet Electrification Knowledge Center provides data-driven analyses and resources for fleets of any size along the EV conversion journey, including analyses to help fleets understand EV battery lifespans and real-world range impacts.

To learn more about how Geotab can fully support your fleet’s transition to electric, visit https://www.geotab.com/fleet-management-solutions/electric-vehicles/

Leave a comment »

If You Didn’t Install April’s Patch Tuesday Updates, You Might Want To Do So ASAP As There’s An Actively Exploited Threat Out There

Posted in Commentary with tags on April 12, 2023 by itnerd

In February, researchers at Kaspersky discovered a Windows zero-day that is being used extensively in sophisticated ransomware attacks similar to Common Log File System (CLFS) driver exploits they had seen previously, but turned out to be  a zero-day attack, supporting different versions and builds of Windows, including Windows 11:

While the majority of zero-days that we’ve discovered in the past were used by APTs, this particular zero-day was used by a sophisticated cybercrime group that carries out ransomware attacks. This group is notable for its use of a large number of similar but unique Common Log File System (CLFS) driver exploits that were likely developed by the same exploit author. Since at least June 2022, we’ve identified five different exploits used in attacks on retail & wholesale, energy, manufacturing, healthcare, software development and other industries. Using the CVE-2023-28252 zero-day, this group attempted to deploy the Nokoyawa ransomware as a final payload.

We see a significantly increasing level of sophistication among cybercriminal groups. We don’t often see APTs using zero-day exploits in their attacks, and now there are financially motivated cybercriminal groups that have the resources to acquire exploits for unknown vulnerabilities and routinely use them in attacks.

Microsoft released a patch for this vulnerability (CVE-2023-28252) in this week’s April Patch Tuesday release. 

I have a pair of comments on this. Starting with Christopher Peacock, Principal Detection Engineer, SCYTHE:

   “This type of activity proves ransomware actors can develop or procure unknown exploits. A zero-day makes placing one piece of a puzzle easier for the adversary and more complicated for defenders to detect. It’s, therefore, necessary for organizations to have holistic defense in depth for all the pieces in the puzzle.”

Jan Lovmand, CTO, BullWall follows up with this:

   “Cybercriminals are quicker to exploit zero day vulnerabilities than companies are at deploying patches. The average time to patch these vulnerabilities is more than 60 days for the average enterprise. Once the zero-day fix is announced, cybercriminals know precisely what the vulnerability is and work overtime to write exploits specifically for this. 

   “If companies think they can prevent every attack, they are mistaken. It is simply a matter of time before a new ransomware variant hits that catches the endpoint security stack by surprise or when a threat actor finds that one lone system on your network that hasn’t been patched. 

   “To protect against zero-day attacks, companies must be keeping their systems up to date with the latest security patches, use strong and complex passwords, implement MFA, maintain regular backups of critical data and they should consider implementing a rapid containment strategy. Ransomware Containment tools are becoming a critical part of this overall strategy.”

Anyone who has followed this blog will know that I always preach that you should be staying up to date with the latest patches as they stop stuff like this from being hugely problematic. So if you haven’t updated all your Microsoft based PCs, you might want to do so ASAP as the number of threat actors who will be using this vulnerability is about to go up.

Leave a comment »

Remember When Elon Musk Called For A Pause On AI Development? Surprise! He Was Lying!

Posted in Commentary with tags on April 12, 2023 by itnerd

It wasn’t that long ago that Elon Musk signed a petition calling for a pause on AI development. But to nobody’s surprise, Elon was lying the entire time as now he’s launching a generative AI project at Twitter:

Despite recently calling for a six-month pause in the development of powerful AI models, Twitter CEO Elon Musk recently purchased roughly 10,000 GPUs for a generative AI project within Twitter, reports Business Insider, citing people familiar with the company. The exact nature of the project, however, is still a mystery.

GPUs, or graphics processing units, are purpose-built chips originally designed for computer graphics, but their massively parallel designs make them ideal for doing generative AI processing as well. Training (creating) a new AI model usually requires a large amount of computing power, including many GPUs, which means that Musk’s acquisition could represent a significant commitment toward developing a deep-learning AI model within Twitter.

So what that mean besides Elon being a liar? I think it’s a safe bet that he’s going to use any data that exists on Twitter to train this model. And I’m not talking about just free users data. I suspect that he will be using data from any Twitter user. Even the few who paid him $8 a month. Pretty epic scumbag level stuff from Elon. You have to wonder if any governments such as the European Union will want to ask Elon any questions about this. If they do, I can’t see this ending well for Elon.

Leave a comment »

Rezonate Expands Its Identity-Centric Security Platform to Automatically Detect and Stop Identity Threats

Posted in Commentary with tags on April 12, 2023 by itnerd

Rezonate, the creator of the real-time identity-centric security platform, today announced general availability of the company’s Identity Threat Detection and Response (ITDR) technology. Rezonate’s ITDR detects and responds to active identity threats using both common and sophisticated techniques missed by traditional IAM solutions and endpoint controls. The continuous changes in identities and access privileges across multiple tools and teams at every stage of the identity storyline require a unified identity-centric security approach.

According to Gartner, ”Over 80% of organizations have suffered an identity related breach in the last 12 months.” The leading cause of security breaches are human and machine identities, which continue to grow exponentially, and expand attack surfaces that security teams must protect. With the proliferation of applications, clouds, identity providers, resources, and data, combined with fragmented IAM practices, identities are prime targets for threat actors to exploit.

Defining Identity-Centric Security

An identity-centric security approach unifies and analyzes human and machine identity settings, access behaviors, and real-time detection of malicious intent, enabling the ability to prioritize, respond, and adapt access as new risks arise. This complete context, covering all aspects of the IAM infrastructure – IdP, IaaS, and SaaS applications – is integrated into the Rezonate Identity Storyline, eliminating manual efforts and further empowering security teams to proactively remove exposure risk, easily correct access, and issue a fast response against active threats. 

Rezonate’s Identity-Centric Security platform and its new threat detection and response offering aim to minimize compromised identity risk faster and simpler, and uniquely allow organizations to: 

  • Map and control the identity attack surface – Easily see and understand access behaviors, all possible attack paths, and their potential impact for every identity, human and machine, as it is created and changes across the entire IAM infrastructure, clouds, and SaaS applications.
  • Monitor and remove exposure risk – Rezonate automatically mitigates identity posture risks including excessive and toxic privileges, weak security practices, dormant accounts, and shadow admins. It correlates these risks with real-time behavior patterns and adapts access policies to and from every resource, data, and application.
  • Detect identity threats in real-time – Quickly detect common and advanced identity threats with uniquely designed threat models. Uncover suspicious anomalies, detect malicious techniques across the MITRE ATT&CK framework, and identify known posture risks that materialized into active threats. 
  • Prioritize your most critical risk – Prioritize posture risks and active threats and avoid the burden of false positives by correlating the scope, impact, TTPs, interconnections, and critical data accessed.
  • Respond fast to active attacks – Confidently take action without disrupting business operations by utilizing an arsenal of response actions such as terminating a session, resetting passwords, and removing and restricting access to identities, policies, data, resources, and applications. These actions are tailored and optimized for each identity, risk, and threat.

With over 20 years of experience on the cybersecurity frontline, spanning both the public and private sectors, the Rezonate leadership team has built a deep understanding of the challenges and risks facing organizations today. Their expertise in identity intelligence and advanced detection practices in highly complex environments uniquely positions Rezonate to tackle one of the most pervasive threats in cybersecurity – identity threats. 

The Rezonate platform, along with its new ITDR offering, effectively targets more than 50 attack techniques and pathways that attackers commonly use to compromise identities and access. By swiftly eliminating exposure risks, Rezonate significantly reduces the time and effort required for manual remediation, cutting 65% of risk within the first hour of deployment. This allows organizations to expedite detection, stop active attacks, and provide protection against any damage.

Leave a comment »

EPICO Now Available on Roku Streaming Players and Roku TV

Posted in Commentary with tags on April 12, 2023 by itnerd

Today, Roku announced the availability of Cogeco’s EPICO streaming TV service on its platform in Canada. With EPICO, Cogeco subscribers can watch live and on demand TV and access their TV recording directly on their Roku streaming player or Roku TV. For the second year, Roku is in the top position as Canada’s #1 TV streaming platform, based on hours streamed, according to a recent study conducted by the Hypothesis Group.

Availability
Roku users can add the EPICO app to their home screen directly from the Channel Store on the Roku platform. To access, users can sign in to EPICO on the Roku platform using their existing Cogeco login credentials. For more information about Roku, please visit www.roku.com.

1 Comment »

OVHcloud Celebrates 20 Years Of Innovation In The Data Centre 

Posted in Commentary on April 12, 2023 by itnerd

OVHcloud celebrates this month 20 years of innovation in the data centre thanks to its proprietary liquid cooled servers. Operating 34 data centres globally with over 450 000 servers, OVHcloud has long been pioneering a sustainable approach where cooling has been designed in house for energy efficient data centres that contribute to preserving the environment.  

Pioneering water-cooling in the data centre 

Ever since 2003, OVHcloud has been developing, using and refining a liquid cooled system to dissipate waste heat emitted by power hungry components in servers, namely processors (CPU and GPU). From the pumping substation to the waterblocks in direct contact with chips, heat finds its way back outside of the data centre and is being transported by water for final dissipation through optimized dry coolers. Taking advantage of the reduced thermal resistance of water than that of air cooling, and without the use of any kind of refrigeration method, OVHcloud consistently finetuned its cooling techniques to reach industry leading levels of power usage effectiveness (PUE) and water usage effectiveness (WUE) per data centre.  

Continuously innovating for best-in-class industry indexes 

Accompanying the latest trends in chipmaking, OVHcloud’s watercooling techniques are efficiently cooling modern processors with high thermal envelopes (TDP). Constantly looking for improvements, OVHcloud adopted a Delta T = 20K for its most recent data centres. Designating the temperature difference between water coming in and out of the data centre, this parameter is crucial to water efficiency leading to the Group’s water usage effectiveness (WUE) ratio that is below 0.2l/kWh. This represents the equivalent of a glass of water used to cool down a server during 10 hours of use. While the cloud industry average WUE reaches 1,8l/kWh, OVHcloud stands out thanks to its innovations that also benefit the Group’s average PUE of 1.28, lower than the 1.55 industry average according to 2022 estimates. These water usage efficiency and power usage efficiency indexes, pave the way for compliance with future certifications.  

An industrial model servicing circular economy principles 

At the heart of 20 years of innovation to build a sustainable cloud are OVHcloud’s factories, located in Croix, France, and Beauharnois, Canada. They give OVHcloud total control of the design and production of its servers with significant advantages in terms of innovation, competitiveness, and resilience. This vertically integrated model is part of a short, circular manufacturing circuit where 100% of the servers are dismantled after use and provide through extensive testing, components for reuse and therefore contribute to the extension of the overall lifecycle of the hardware. This guarantees OVHcloud’s servers to operate for at least 5 years. OVHcloud also applies its circular approach to the site of the datacenters, rehabilitating existing buildings rather than building new ones. Customers directly benefit from these extended components and the building’s lifespan, as it optimizes their own carbon footprint. 

Allowing ambitious sustainability commitments 

By pioneering innovation in eco-friendly cooling systems, the Group has already made the following commitments: 

  • Target of 100% low-carbon energy sources by 2025, 
  • Contribution to Global Net-Zero for scopes 1 and 2 by 2025,  
  • Contribution to Global Net-Zero on full scope by 2030, 
  • Zero waste to landfill by 2025 (at constant geographic scope and including waste from OVHcloud processes)  

In the coming weeks, OVHcloud will implement a carbon calculator accessible directly from its platform to give customers an understanding of their actual cloud carbon IT footprint, demonstrating once more that sustainability is part of the Group’s DNA. 

Learn more about OVHcloud here.

Leave a comment »

« Older Entries
Newer Entries »