Supply Chain Attack Costs $250 Million

Posted in Commentary with tags on February 17, 2023 by itnerd

Applied Materials is saying that a breach at one of its suppliers would cost them $250 million in sales in the second quarter:

In the second quarter of fiscal 2023, Applied expects net sales to be approximately $6.40 billion, plus or minus $400 million, which includes ongoing supply chain challenges and a negative estimated impact of $250 million dollars related to a cybersecurity event recently announced by one of our suppliers. Non-GAAP adjusted diluted EPS is expected to be in the range of $1.66 to $2.02.

A clue was dropped in the earnings call:

“Very recently, one of our major suppliers encountered a disruption that will impact our second-quarter shipments,”

Though not named in the announcement, the supplier is believed to be MKS instruments of Andover MA. MKS instruments was hit by a cyber-attack on February 3rd. The attack caused the company to shut down operations at certain facilities while it tries to assess the damages. The company’s website was still down as of Thursday afternoon. The company has had to reschedule its fourth quarter earnings call and said the ransomware event had a material impact on its “ability to process orders, ship products and provide service to customers” in its vacuum and photonics divisions.

Here’s the connection between the two. In addition to Applied Materials, MKS supplies the world’s largest chip manufacturers with products, including Samsung Electronics and Taiwan semiconductor manufacturing the world’s two largest chip makers. Intel and ASML Holding NV are also customers. Meaning that this is very, very bad for a whole lot of people.

Ted Miracco, CEO, Approov:

   “The semiconductor supply chain remains one of the most complicated and most critical supply chains that underpin the entire global economy. As we witnessed last year, interruptions in the semiconductor market can have long term consequences that impact everything from automobiles to the price of food. 

   “With the ongoing “Chip War” between the US and China, we should expect more disruptions like this in the future, and quarterly earnings should be the least of our concerns. These attacks on the semiconductor supply chain deserve a lot more attention than the latest balloon incidents.”


Monti Knode, Director of Customer Success, Horizon3.ai:   

   “It’s interesting that MKS called out “had a material impact”, almost like they had to announce and clarify that a cyberspace attack could and did have a tangible outcome. We’re seeing this realization more in both public and private industry, especially in our Department of Defense which viewed as cross-domain operations; Russia has been doing this for years, and now the world is seeing it live in Ukraine and even here in the US (ref https://www.mirror.co.uk/news/us-news/breaking-russian-hackers-target-hospitals-29053567).

   “The days of presuming this to be an IT or cybersecurity problem are long gone.”

This is a clear example of what a supply chain attack can do to you if you and your partners aren’t careful. Thus you and those you work with have to make sure you’re on the same page from a cybersecurity standpoint. Otherwise, this is the sort of thing that can happen to you.

Leave a comment »

In An Attempt To Bolster Ad Revenues, Elon Musk Allows Weed Ads Onto Twitter

Posted in Commentary with tags on February 17, 2023 by itnerd

The desperation is strong with Elon Musk.

I say that because Twitter, who really needs money from advertisers is now allowing cannabis ads onto the platform:

The company previously only allowed ads for hemp-derived CBD (Cannabidiol) topical products, while rival platforms Facebook, Instagram, and TikTok hold fast to a “no cannabis advertising policy” since marijuana is illegal at the federal level.

A nationwide push toward allowing the sale of recreational cannabis has been ongoing. As of January 2023, 31 states and the District of Columbia have decriminalized low-level marijuana possession offenses, and recreational weed is legal in 21 states, D.C., and Guam.

“As the cannabis industry has expanded, so too has the conversation on Twitter,” the company says(Opens in a new window). “In certain US states we have taken measures to relax our Cannabis Ads policy to create more opportunities for responsible cannabis marketing—the largest step forward by any social media platform.”

Moving forward, Twitter will allow advertisers to promote brand preference and informational cannabis-related content for CBD, THC (Tetrahydrocannabinol), and cannabis-related products and services. Some restrictions do apply: Advertisers must be licensed and pre-authorized, and may only target customers over the age of 21 in certain jurisdictions.

I guess when about half your advertisers have stopped advertising on your platform, you’ll take money from any source that will give it to you. Now to be clear, I am not saying that cannabis is bad or anything like that. What I am saying is that if every other social media platform doesn’t allow this product to be advertised on their platforms, there must be a logical reason behind that. And Elon is so desperate for cash that he’s clearly ignoring whatever logical reason that might exist in terms of restricting cannabis advertising on Twitter. Thus I fully expect that besides seeing Elon’s Tweets flooding your Twitter feeds, I also expect weed ads to flood your feeds as well.

Groovy.

1 Comment »

Belgium Introduces National Legal Vulnerability Disclosure Framework & Policies

Posted in Commentary with tags , on February 17, 2023 by itnerd

The Centre for Cyber Security Belgium has just enacted nation-wide vulnerability disclosure policies and a reporting framework, including several obligations for security researchers such as:

a) You must limit yourself strictly to the facts necessary to report a vulnerability – you must not act beyond what is necessary and proportionate to verify the existence of a vulnerability

b) You must act without fraudulent intent or design to harm

c) As soon as possible after the discovery of the potential vulnerability, you must inform the organization responsible for the system, process or control of the vulnerability

You can read the announcement here, and the policy here.

Chloe Messdaghi, Managing Director at Impactive Partners had this comment:

   “Belgium is offering a good example of where every country needs to be with their vulnerability disclosure policies. Unfortunately, the US is still piecing together our VDP legal framework, although in 2022, the DOJ revised its policies under the Computer Fraud and Abuse Act (CFAA) to help protect “good-faith” security research from being prosecuted, and the US Army actively encourages researchers to participate in its VDP.

   “With cyber threats growing exponentially over the last several years, it’s past time to actually require that certain types and sizes of organizations across the US – and especially including all Federal agencies and NGOs – have robust protective, active vulnerability disclosure policies.  VDPs have been viewed by security-aware organizations as must-have for many years. The thing to remember is that EVERYONE in both the public and private sector is now a target, and virtually everyone has exploitable, exposed assets they need to find and fix before a threat actor finds them – this is why we need VDPs. 

   “Remember back in 2021 when the UN disclosed a data breach exposing over 100K UNEP records? We applauded Sakura Samurai’s team – what they did was worthy of it! This was successful because the UN’s vulnerability disclosure policy was transparent – that’s why they decided to look for the vulnerabilities. There was a sense of trust that they would be recognized, not persecuted. This was a great example of how vulnerability disclosure policies work, and underscored the value of working closely with independent researchers, i.e., hackers.”

Christopher Vaughan, VP, Technical Account Management at Tanium follows up with this comment:  

“This is a welcomed development and having such laws in place will make Belgium a more secure country as a whole.  Further, it will help position Belgium as go-to destination for security research with a corresponding benefit of cultivating a greater number of homegrown talent.   

“We can also expect to see some ambiguity around what’s considered legal and not.  There isn’t a huge sample size of where policies such as this have been enacted on a national level, so it will be interesting to see a program of this scale in action. 

I really like the fact that Belgium is doing this and I hope that other countries will do something similar as actions like this will make us all safer.

Leave a comment »

Targus Releases New Global Study To Find Out How People can Empower Their Lives Inside And Outside Of Work

Posted in Commentary with tags on February 16, 2023 by itnerd

Targus has released the results of its annual 2023 Global Workplace Study, which examines the key factors, tools, and trends that are important for improving employee wellbeing, engagement, and productivity.  

According to the survey among 1,000 senior business decision makers and 6,000 workers across North America and Europe, the top three wellbeing priorities are: flexible working (47 percent), rewards and recognition (43 percent), and cost of living support (40 percent). In fact, 88 percent of business decision makers globally agree that flexible working positively impacts their staff retention and recruitment, an 11-point increase from 2021.  

Here are some of the study’s key findings:

  • Flexible and hybrid working remains the norm, with 58 percent of respondents in the U.S. stating that they do not work from an office full time and 51 percent stating that they only work in an office between two and four days per week.
  • Having the right tools to work from anywhere is extremely important. Specifically, 80 percent of U.S. workers and 82 percent globally believe their job satisfaction and productivity would be negatively impacted without the right tech accessories to do their work. However, many businesses supporting flexible working conditions do not supply their employees with the tech accessories they need to work well remotely, such as a keyboard, mouse, headphones, additional monitor(s), and hub. An annual budget to purchase accessories ranked in the top five ways to enhance wellbeing at work.
  • Businesses and consumers increasingly prioritize sustainability, with more than 53 percent of global respondents stating that sustainable attributes influence their purchasing considerations for tech accessories. In the U.S., alone, 62 percent of people say they are happy to pay more for sustainable products that last longer, and 72 percent say they buy less fast fashion products and invest in long-lasting products.

Read the complete 2023 Global Workplace Study for more valuable insights on the state of the workplace.

Leave a comment »

Emsisoft Says Hackers Are Spoofing Its Certificates

Posted in Commentary with tags on February 16, 2023 by itnerd

Hackers are using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to bypass their defenses:

We recently observed an incident in which a fake code-signing certificate supposedly belonging to Emsisoft was used in an attempt to obfuscate a targeted attack against one of our customers. The organization in question used our products and the attacker’s aim was to get that organization to allow an application the threat actor installed and intended to use by making its detection appear to be a false-positive.

The attack failed – our product detected and blocked it – but we are issuing this alert so that both our customers and users of other company’s products are aware of the tactics that were used in this case. 

Kevin Bocek, VP Ecosystem and Community at Venafi had this to say:

“Spoofing has been an issue for companies for a long time, but more commonly associated with website spoofing linked to phishing – so it’s interesting that the same ‘change one letter’ approach is being applied to code signing machine identities. The fact that we’re seeing threat actors impersonating companies with fake code-signing certificates is a sign of the times, as we are increasingly seeing threat actors targeting machine identities, due to the level of trust they have within the network. Threat actors understand that being granted trusted access to a company’s system via fake machine identities is akin to being ushered through the digital front door. In this instance the spoofed identity was detected and flagged, but it could easily have been overlooked.

“The continued adoption of cloud native technologies is creating huge levels of complexity around machine identity management, it’s harder than ever for teams to make decisions on what can and can’t be trusted to run – especially given the speed of development environments. With the number of machine identities across an organization growing exponentially, organizations need a control plane to automate the management of machine identities. This provides teams with the observability, consistency and reliability needed to effectively manage their machine identities and spot any bad actors from trying to spoof their way in.”

This is yet another thing for you to keep your eyes out for as the attack surface that threat actors use is clearly evolving.

1 Comment »

Hackers Using Havoc Post-Exploitation Framework In Attacks

Posted in Commentary with tags on February 16, 2023 by itnerd

Security researchers at Zscaler ThreatLabz observed threat actors using the open-source C2 framework known as Havoc in attack campaigns targeting government organizations.

The Havoc framework is an advanced post-exploitation command and control framework is an alternative to paid options such as Cobalt Strike and Brute Ratel and is capable of bypassing the most current and updated version of Windows 11 Defender due to the implementation of advanced evasion techniques such as indirect syscalls and sleep obfuscation.

Matt Mullins, Senior Security Researcher at Cybrary had this to say:

   “Command and Control (or C2) frameworks are nothing new to the threat actor community. For a long time, the FOSS (Free and Open-Source Software) community had a harder time keeping up with the features and functionality associated with premium paid tools like Cobalt Strike. This left learners, lower budget teams, and criminal groups with limited options around older frameworks like Empire, Metasploit, and some very basic custom tooling.

   “This all changed around 2018, when it seems that C2 frameworks simply exploded in options. There were a number of very sophisticated tools that reached a fair degree of maturity (such as Sliver, Mythic, etc.) while older frameworks were forked and revisited (such as BC-Security’s Empire fork) that gave a wonderful buffet of options to the aforementioned groups.

   “As with most things in the industry, as these options became available, so did the options being implemented in threat actor TTPs. Outside of these robust options being made available, paid tooling was beginning to be leaked. Cobalt Strike has had its source code leaked a number of times now, along with other paid tools being shared and cracked. Cracked software is nothing new but what is interesting is the specific shift of criminal groups to target cracking of red team software, as well as red teams for licenses.

   “With such a cornucopia of options available to criminals, the detections and patterns used to previously sink paid tools aren’t nearly as effective. Take for consideration Cobalt Strike, it was already a big waste of money even back in 2018 because nearly every IR team, EDR tool, or any other defensive capability under the sun, has detection ruling built for a majority of its offerings. This means that it was only useful to advanced red teamers, or criminals, because of the amount of customization needed to get it to work. This brings me back to the original point, why would anybody waste their money or time on Cobalt Strike when they can just download Havoc and it “works” off of the shelf and bypasses detections? Criminals now no longer need to hunt for licenses or crack software, while red teams don’t need to pay absurd prices for tools that they have to know how to use and customize.

   “The cat-and-mouse game of detection and innovation is about to accelerate in favor of the offensive side because of this blooming of C2s. Reflecting on the implementation of new tools like ChatGPT, along with other AI tools, and you now have more rapid generation of payloads, phishing emails, and other attacker-beneficial aspects. I can only surmise that we will see more breaches (and thus more potential undetected breaches) as a result of this increase in options and sophistication.”

The best thing about this for threat actors is thatit’s free! Which is bad for you and I.

Leave a comment »

BenQ Says Our Average Screen Time Per Day Is Up, And Digital Screens Are The New Faux Pas! 

Posted in Commentary with tags on February 16, 2023 by itnerd

Digital screens in today’s day and age are the new faux pas. Screen-time has gone up significantly over the last decade, and many of us don’t really realize how much we rack up over the course of a day, a week, a month and year!  

On average, a Canadian adult spends 13.1 hours per day on screen-time, exceeding the recommended limit. In only eight hours, we are exposed to 5.8 million flickers from our screens. While making efforts to reduce screen time is important, it’s just as vital to determine whether our devices are affecting us physically. BenQ, one of North America’s leading monitor brands, understands that professional individuals, and gamers often have limitations when it comes to how much screen time they rack up, which is why they’ve implemented eye-care technology into their high-performance monitors.   

Developed to protect your eyes,BenQ’s Eye-CareU, ensures that that eyestrain, eye-pain, and headaches are reduced.  Being the first monitor manufacturer to prioritize eye health, BenQ has fitted their monitors with innovative functions such as:   

  • Brightness Intelligence+, a feature that detects screen content and environmental lighting, adjusting display brightness and colour temperature 
  • Brightness Intelligence, a sensor that detects ambient light as well as the brightness and contrast of screen content. It adapts brightness and enhances dark areas on the display without overexposing in bright regions   
  • Flicker-free, a technology certified by international TÜV Rheinland, which eliminates flicker  
  • Low Blue Light, a technology that filters harmful blue light.  
  • Low Blue Light+, a technology that filters out the shorter, higher energy blue-violet radiation.  

Here’s a round-up of some of BenQ’s high performance monitors that include the Eye-Care Solution:

EX240N – MOBIUZ 1ms 23.8″ 165Hz Gaming Monitor 

  • Adjusts display brightness and color temperature for a more comfortable viewing experience 
  • Colour Weakness Mode – Red and green filters help individuals with the common types of color vision deficiency distinguish colors more easily 

GW2785TC 27″ 1080p Eye-Care Monitor 

  • Reading Mode – Designed to filter out harmful blue light 
  • Coding Mode – Devised to make every color pop out for easy readability and coding efficiency 
  • Care Mode – Specially-tuned to lowered brightness and color saturation to protect sensitive eyes 

Leave a comment »

TELUS becomes official premier partner of Vancouver Whitecaps FC

Posted in Commentary with tags on February 16, 2023 by itnerd

The Vancouver Whitecaps FC announced TELUS as the club’s premier partner through 2027. The multi-year partnership brings together two longstanding Vancouver-based organizations with a proven and shared commitment to drive meaningful change in their local communities. 

To kick off the new partnership and 2023 season, Vancouver Whitecaps FC also unveiled its new 2023 jersey today, featuring the iconic TELUS brand. The new ‘Bloodlines’ Jersey shines a light on the pressing need for donors to support Canadian Blood Services, encouraging all Canadians from coast to coast to coast to download the Canadian Blood Services app and learn how they can help save lives.

The new jersey prominently featuring TELUS, will hit the field for the first time at the Whitecaps FC home opener on Saturday, February 25. To celebrate the new partnership, TELUS team members will be giving away co-branded Whitecaps scarves to every fan attending the match.

From February 16 to March 31, fans will be able to register for an account on the Canadian Blood Services app GiveBlood (myaccount.blood.ca) and show it at the Whitecaps FC Official Store or at a home match at BC Place to receive free personalized cresting (name and number) on a 2023 Bloodlines jersey. For more information on how to help support the Canadian Blood Services, visit blood.ca

Leave a comment »

Critical Insight Finds Healthcare Data Breach in 2H 2022 Higher than Pre-Pandemic Levels Affecting More Individuals

Posted in Commentary with tags on February 16, 2023 by itnerd

Critical Insight, the Cybersecurity-as-a-Service provider specializing in helping critical organizations Prepare, Detect, and Respond in today’s threat environment, announced today the release of the firm’s H2 2022 Healthcare Data Breach Report, which analyzes ​​breach data reported to the U.S. Department of Health and Human Services by healthcare organizations. The number of data breaches affecting healthcare providers declined in the second half of 2022, consistent with a downward trend over the past two years, but a deeper dive into the data reveals that current breach totals are still higher than pre-pandemic levels; breaches are affecting more individuals; and hackers are shifting tactics to attack weak links in the healthcare system supply chain, most notably attacking EHR systems. 

The report shows that while the number of data breaches affecting healthcare providers declined in the second half of 2022, the number of individual records exposed by these breaches increased by 35%. The report also highlights the evolving tactics of hackers and the need for healthcare organizations to prioritize preparation, detection, and incident response. Key Findings: Breach numbers are down: Total breaches dropped 9% between the first six months of 2022 and the year’s second half, declining since a high-water mark at the height of the pandemic from 393 breaches in the second half of 2020 to 313 in the latest reporting period. Records affected are up: The number of individual records exposed by breaches skyrocketed by 35% in the second half of 2022 to hit 28 million. 

In other words, fewer but more significant breaches reflect consolidation within the industry and the evolving tactics of attackers. Hacking remains high: Most data breaches are due to hacking. Healthcare organizations have done an excellent job of shoring up their policies around handling and storing medical records. Hacking accounted for 79% of all incidents and 84% of individual records exposed in 2022. Most common breach causes: Unauthorized access/disclosure now affects more records per breach than any other breach type. On average, the number of individuals affected per unauthorized access/disclosure breach spiked from 5,700 in the first half of 2022 to over 143,000 in the second half. By comparison, the average number of individuals affected per hacking breach grew from 73,900 to 87,000 in 2022. 

Who’s getting breached?: Attackers continue to attack hospitals but have found increasing success targeting business associates and third-party vendors such as electronic medical record providers, lawyers, accountants, billing companies, and medical device manufacturers. In the second half of 2022, more records were exposed due to breaches at business associates (48%) than actual healthcare providers (47%). 

What they’re watching: Attacks against EMR systems which were non-existent in past years, spiked to 7% in the first half of 2022 and 4% in the second half of 2022. For the full year 2022, EMR-related breaches accounted for 6 million individual records exposed.

This report provides valuable insights into the current state of healthcare breaches and the need for organizations to implement a comprehensive security strategy, including risk assessments, third-party risk management, and incident response planning.

To download the report, please visit https://cybersecurity.criticalinsight.com/healthcare-breach-report-h2-2022.

Leave a comment »

LinkedIn’s Publishes Their 2023 Most In-Demand Skills List

Posted in Commentary with tags on February 16, 2023 by itnerd

As the 2023 workforce rapidly evolves, conversations around ‘recession’ are up nearly 900% since last year and topics like layoffs are trending on LinkedIn. However, today’s professionals are finding confidence in their skills, allowing them to bounce back and move forward when facing job change – planned or not.

A complement to this year’s Jobs on the Rise list, which identified the 25 jobs which have grown most over the past five years, the Most In-Demand Skillslist offers an insider look at the skills companies need most right now and free LinkedIn Learning courses to learn these skills.

The 2023 top 10 most in-demand skills in Canada include:

  1. Management – Be The Manager People Won’t Leave
  2. Communication – Communication Foundations
  3. Customer Service – Customer Service Foundations
  4. Leadership – Human Leadership
  5. Microsoft Office – Excel Essential Training (Office 365)
  6. Sales – Sales Foundations
  7. Project Management – Project Management Foundations
  8. Teamwork – Being an Effective Team Member
  9. Research – Market Research Foundations
  10. Analytical Skills – Critical Thinking and Problem Solving

For the full list of the Most In-Demand Skills, and their corresponding LinkedIn Learning courses, visit here.

Leave a comment »

« Older Entries
Newer Entries »