US & EU E-Commerce Websites Put Payment Data at Risk Via JavaScript

Posted in Commentary with tags on February 22, 2023 by itnerd

Jscrambler, a leading security solution for JavaScript protection and real-time webpage monitoring, has released research findings on the top US and EU e-commerce websites which are under risk of data skimming attacks due to unprotected JavaScript running on the payment page.  

Payment pages on websites are flooded with third party JavaScripts. Jscrambler found that 60% of analyzed websites in the US have more than 10 different vendors on their payment pages. 

Unless these sites find a way to identify, monitor and control the behavior of these third-party scripts, the attack surface will remain vast and unchecked.  

With British Airways recently falling victim to a £20m fine after the data of 400,000 customers was leaked through JavaScript vulnerability, these risks are not only costly for the customer, but pose a large financial burden on the business as well. 

The external risk and high-value placed on e-commerce in users’ daily lives shows the vital importance in having visibility and control over the pages which enable payments. 

You can read the research here.

Leave a comment »

76% of Ransomware Attacks Use Old Vulnerabilities 

Posted in Commentary with tags on February 21, 2023 by itnerd

new study by Ivanti and others found ransomware operators used a total of 344 unique vulns in attacks in 2022, an increase of 56 over the prior year. A full 76% of all vulnerabilities were from 2019 or older. The oldest vulnerabilities found were RCE bugs in *Oracle products from 2012.

Top Findings for 2022

  • Kill chains impact more IT products: A complete MITRE ATT&CK now exists for 57 vulnerabilities associated with ransomware. Ransomware groups can use kill chains to exploit vulnerabilities that span 81 unique products.
  • Scanners are not detecting all threats: Popular scanners do not detect 20 vulnerabilities associated with ransomware.
  • Multiple software products are affected by open-source issues: Reusing open-source code in software products replicates vulnerabilities, such as the one found in Apache Log4i. For example, CVE-2021-45046, an Apache Log4j vulnerability, is present in 93 products from 16 vendors and is exploited by AvosLocker ransomware. Another Apache Log4j vulnerability, CVE-2021-45105, is present in 128 products from 11 vendors and is also exploited by AvosLocker ransomware.
  • Old is still gold for ransomware operators: More than 76% of vulnerabilities still being exploited by ransomware were discovered between 2010 and 2019. In 2022, of the 56 vulnerabilities tied to ransomware, 20 were discovered between 2015 and 2019.

David Maynor, Senior Director of Threat Intelligence at Cybrary:

   “As a person who has done both offense and defense security work I am not surprised by these statistics. There is a public perception these groups are Wizard level hackers but in reality they rely on organizational sprawl for attacks. 

   “Scanners have never detected all exploitable threats. It’s just not possible. One of the reasons is that vendors like Oracle have had a hostile relationship with external security companies since the beginning of this century. In fact, *Oracle’s CSO Mary Ann Davidson wrote a scathing blogpost in 2015 about how people who find vulnerabilities in Oracle’s products should not tell the company about it. The post has been removed but was covered by Wired here: https://www.wired.com/2015/08/oracle-deletes-csos-screed-hackers-report-bugs/

   “CVSS scores do mask vulnerability severity or at least how companies use it for risk detection and mitigation. I have seen companies set SLAs on producing threat intel reports based solely on the CVSS score. Because the reports are generally generated by regurgitating versions of other people’s reports and not hands on testing, the Threat Intel manager won’t push back. This report from Ivanti highlights the typical misuse of Threat Intel since actual ransomware attacks are coming from old or lower risk attacks being chained together. CVSS is not designed to evaluate an exploits value to a actors kill chain. While the CVSS has been updated over the years it remains an example of early 2000s thinking being used to make threat intelligence and risk decisions in 2023.”

   “This is why training a team to be able to do hands on research and testing in an org’s environment is extremely important. No scanner detects all the flaws, no vendor gets every patch right, so a layered defense being driven by a well-trained security team is the best way to de-risk your operations.”

Given that ransomware attacks have huge costs, I’d be looking at Mr. Maynor’s advice as well as reading this report and forming a game plan to make sure that old vulnerabilities don’t come back to haunt you.

Leave a comment »

Samsung adds zero-click attack protection to Galaxy S23

Posted in Commentary with tags on February 21, 2023 by itnerd

Samsung announced on Friday it has developed a new security system to protect Galaxy S23 owners from image-based, zero-click exploits using a new virtual quarantine feature called Message Guard. These images require no interaction from the user to compromise the device.

Message Guard works by automatically placing any image file your phone receives into a virtual quarantine, otherwise known as a “sandbox” and “automatically neutralizes any potential threat hiding in image files before they have a chance to do you any harm,” explains Samsung.

Eventually, this protection will become a standard feature across the entire range of Samsung’s Galaxy devices.

David Maynor, Senior Director of Threat Intelligence, Cybrary had this to say:

   “I am a fan of the forward-thinking Samsung does in their products, like DeX. DeX turns your phone into a desktop computing environment just by plugging in a monitor and keyboard. This means that Samsung’s mobile devices could face not just mobile attacks but the same attacks as any laptop/desktop user depending on installed software.

    “Samsung already has Knox on mobile devices. Knox creates separate workspaces for a users personal data and a different one for work data. Message guard works in concert with Knox by attempting to detect attacks in each workspace by attackers looking to exploit zero-click exploits like those used by the NSO Group’s CNE software Pegasus.

   “I use a Samsung Galaxy Fold 4 as both a personal and work phone and can’t wait for Message Guard to come to my platform.”

I have to admit that this is a cool feature that I hope not only appears in other Android phones, but makes its way over to iOS as zero click threats are the “holy grail” of threats as they don’t require any user interaction to execute. And the sooner that day comes, the better off we all will be.

Leave a comment »

Cradlepoint successfully demonstrates SD-WAN and 5G network slicing for distributed enterprises at Ericsson D-15 Labs 

Posted in Commentary with tags on February 21, 2023 by itnerd

Cradlepoint today presented a real-world implementation of 5G Standalone (SA) network slicing. The demonstration highlights how 5G network slicing will allow enterprises to take advantage of end-to-end performance guarantees over 5G Wireless WANs, similar to the SLAs available with MPLS. This will entice more enterprises to adopt wireless as critical WAN infrastructure for their business-critical applications. 

Cradlepoint performed the demonstration at the Ericsson D-15 Labs, a state-of-the-art innovation centre located in the heart of Silicon Valley. Leveraging Ericsson’s 5G SA core and Radio Access Network (RAN), combined with Cradlepoint’s NetCloud Exchange Service Gateway and E3000 Series Enterprise Routers, the demonstration shows how video applications are protected from congestion when steered across an ultra-reliable low latency slice. Using such a high-priority slice ensures an optimal quality of experience across distributed sites, vehicles, IoT and remote work environments. 

With an estimated 30 per cent of potential 5G use cases requiring network slicing as an enabler, 5G Standalone networks represent a significant inflection point for the next generation of wireless. As 5G SA deployments accelerate, cellular-optimized SD-WAN will play a key role in enterprises adopting network slicing as part of their essential Wireless WAN infrastructure, allowing organizations to recognize, classify, and steer applications to the appropriate slice.  

Cradlepoint’s NetCloud Exchange is the industry’s first 5G-optimized SD-WAN solution. It is uniquely designed to optimize traffic over LTE, 5G non-standalone networks, 5G SA network slices, broadband, and Wi-Fi as WAN. NetCloud Exchange, an extension of the Cradlepoint NetCloud Service, allows for integrated 5G SD-WAN and zero-trust security services to be deployed across Wireless WANs, enhancing resiliency, security, and quality of experience. For more information on Cradlepoint’s NetCloud Exchange SD-WAN solution, please visit: https://cradlepoint.com/products/sd-wan/.     

The network slicing demonstration will also be on display at Mobile World Congress Barcelona from February 27 – March 2, 2023, at booth 2L20. For more information on the event, visit: https://www.mwcbarcelona.com/exhibitors/cradlepoint

Leave a comment »

Angry At Netflix Regarding Their Password Sharing Crackdown? Here’s How You Cancel Your Subscription

Posted in Commentary with tags on February 21, 2023 by itnerd

Everywhere I turn, people are mad about Netflix’s attempt to crack down on password sharing. I even went out to dinner with my wife last week and got into a discussion about it with a couple who was mad about this due to the fact that their son at university would be affected by this. So clearly this has created a whole lot of noise that Netflix likely didn’t want, and it will likely spur people to cancel their subscriptions. But before I tell you how to cancel your subscription, some background for you.

Under Netflix’s password-sharing rules, it’s fine for multiple people to use and share one account provided they live together. But in certain countries (I’ll post the list of countries in a moment), that’s about to change. In those countries, if you don’t all live together then you’re no longer going to be allowed to do share your Netflix account. Well, not for free anyway. When this rolls out to your region, you’ll be asked to set a “primary location”. Netflix hasn’t given a whole lot of detail about how they will enforce this. That’s likely because they don’t want people to figure out how to circumvent it once it rolls out.

Once this primary location is set, people who don’t live at it will have three options.

  • Option 1: Cancel Netflix 
  • Option 2: Sign up for their own private Netflix account 
  • Option 3: Pay an additional fee and become an “extra member” to the existing account 

The list of countries that are affected by this currently are:

  • Canada
  • Chile
  • Costa Rica
  • New Zealand 
  • Peru
  • Portugal
  • Spain 

And this rolls out to Canada today. While the U.S. isn’s subject to this as I type this, you can bet it’s going to be at some point.

So, if you’re mad about this and you want to cancel your Netflix account as a result, here’s how you do it. Let’s start with the Netflix app:

  • Open the Netflix app
  • Tap on your profile icon on the top right.
  • Tap on ‘Account’
  • Tap on ‘Cancel Membership’

You will then be asked to confirm the cancellation, with your current subscription ending on the day of plan renewal. Tap on ‘Finish Cancellation’ to confirm.

And if you’re doing it via a web browser, here’s what you need to do:

  • Go to www.netflix.com/browse and log in to your account.
  • Hover over your profile icon on the top right of the screen and click on ‘Account.’ Under ‘Membership and Billing’
  • Click on ‘Cancel Membership,’ and then ‘Finish Cancellation’ to confirm.

I get why Netflix is doing this. But I really think that this has been handled badly by the company. We are in a day and age where companies are winning marketshare by being “frictionless” and easy to use. Thus it is beyond comprehension that Netflix would do such a stupid thing. I say that because I have an Apple TV+ subscription and I can watch what I want where I want and Apple doesn’t seem to care. I assume other streaming services are the same way, though I am free to be corrected on that front. In any case, Netflix has seriously shot itself in the foot by doing this by destroying a lot of good will with their customer base. And I seriously doubt that they will get that good will, along with those customers back as a result.

Leave a comment »

John Paul Cunningham Joins Silverfort As CISO

Posted in Commentary with tags on February 21, 2023 by itnerd

Silverfort, a leader in Unified Identity Protection, today announced the appointment of John Paul Cunningham as Chief Information Security Officer. With over 24 years’ experience managing cyber risk at Fortune 100 companies – and another 8 years in the Fortune 1000 – John Paul will work with customers and partners to build an understanding of the strategic benefits of modern identity protection. In addition, he will also design and implement Silverfort’s own cybersecurity program. 

In his previous role as CISO at Bank of Hope, John Paul was responsible for working with the board to build operating models designed to reduce cost and cyber risk, while also adhering to rigorous compliance standards. Prior to this, he held similar positions at Docupace, Ares Management and J.P. Morgan Asset Management building information security, risk management, and security operations programs from scratch.      

Silverfort extends modern identity security to the sensitive resources targeted by attackers, including those which couldn’t be protected previously, such as legacy applications, command line interfaces, service accounts and more.   For more information, visit www.silverfort.com

“His experience operating at a senior level within large organizations will help us as we continue pushing into a greater number of enterprise environments. John-Paul’s background building risk management programs will also be invaluable as we scale our own security operations.”   

Leave a comment »

Russia Threat Researcher Recaps Role of Telegram in Ukraine Conflict A Year Later

Posted in Commentary with tags on February 21, 2023 by itnerd

Dov Lerner, Head of Threat Research of global threat intelligence firm, Cybersixgill, has released a report that delves into the major role Telegram played in the last year of the Ukraine conflict. 

According to Dov, chatter on Telegram tended to follow events in the war. War-related posts in Russian or Ukrainian peaked at over 122,000 per week in mid-October, coinciding with the strike against the Crimean bridge and subsequent Russian missile attacks.

You can read this fascinating report here.

Leave a comment »

Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs published by Horizon3.ai

Posted in Commentary with tags on February 21, 2023 by itnerd

Horizon3ai’s Chief Attack Engineer Zach Hanley and the Horizon3.ai Red Team have just published Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs, with indicators of compromise and a link to the team’s proof of concept on GitHub.

FortiNAC is Fortinet’s network access control solution that “enhances the Fortinet Security Fabric with visibility, control, and automated response for everything that connects to the network. FortiNAC provides protection against IoT threats, extends control to third-party devices, and orchestrates automatic response to a wide range of networking events,” Fortinet’s website notes.

The FortiNAC CVE-2022-39952 allows an unauthenticated attacker to write arbitrary files on the system and as a result obtain remote code execution in the context of the root user.

You can read the deep dive here: https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/

Leave a comment »

Guest Post: VPN Usage in Russia increased by 167% in 2022

Posted in Commentary with tags on February 21, 2023 by itnerd

Russian authorities have attempted to isolate their nation’s internet from the rest of the world since the start of the war in Ukraine on February 24, 2022. Hundreds of websites have already been blocked, including two major social media platforms – Instagram and Facebook. 

Russians are turning to VPNs to bypass the country’s tightening internet controls. 

The recently updated VPN Adoption Index by Atlas VPN reveals that VPN downloads in Russia grew from 12.59 million in 2021 to 33.54 million in 2022, representing a YoY growth of 167%. 

In 2020, only 4.9 million downloads originated from Russia, which put the VPN adoption rate at 3.37%, ranking the country at the 55th spot globally. 

While last year, nearly a quarter (22.98%) of the country’s population installed VPN services on their devices, with Russia becoming the 8th most popular market for VPNs

The most significant wave of VPN installs from Russia began on March 11, 2022, when the Russian government’s communication agency announced it would block Instagram and Facebook after finding Meta Platforms Inc. “extremist.”

On March 14, 2022, the number of VPN installs originating from Russia increased by 11,253% above the norm. 

To read the full article, head over to: https://atlasvpn.com/blog/vpn-usage-in-russia-increased-by-167-in-2022

Leave a comment »

TELUS launches Critter Comforts Playlist

Posted in Commentary with tags on February 20, 2023 by itnerd

The research speaks for itself – animals have a profound impact on Canadians’ wellbeing. From this study that shows watching images and videos of animals for just 30 minutes positively affects blood pressure, heart rate, and anxiety, or this study that shows those who engaged in a 10-minute interaction with a live animal reported higher levels of contentment, it’s clear we look to critters for comfort and joy. 

TELUS has launched the Critter Comforts video playlist on YouTube and Optik TV, providing Canadians with a healthy dose of relaxation and delight watching their favourite TELUS critters. Watching the playlist won’t just help viewers feel good, it will also do good for animals and the charities that support them: for every view of the Critter Comforts playlist on YouTube, TELUS will give $1, up to $100,000, through the TELUS Friendly Future Foundation, to charities that support service animals, wildlife rehabilitation and animal therapy across the country. 

Similar to the fireplace channel or calming musical playlists, the TELUS Critter Comforts playlist is designed to boost Canadians’ well-being with a warm combination of calm and joy in a convenient, digital way, featuring TELUS’ iconic critters who Canadians have come to know and love. 

To further examine the human-animal bond, and just how much critters mean to us – whether in our homes, on our screens, or in our natural environments – TELUS conducted an online survey (between January 20-27, 2023) surveying a nationally representative random sample of 2,114 Canadians adults. 

Below are the top survey findings. 

Canadians feel that simply watching animal content online has a positive affect on their mood: 

  • 63% of Canadians said that videos like TELUS’s Critter Comforts Playlist content improved their mood and made them feel happy (58%), relaxed (48%), and joyful (41%).
  • Those who consume animal content online are more likely to feel happiness (80%).
  • Top Animal Video Content for Canadians are baby animal videos or photos (52%), pet rescues (51%), or touching and wholesome animal stories (50%). 
  • And some believe their pets enjoy entertainment too! 56% of Canadians leave the TV or other entertainment on for their pet when they go out so they don’t feel alone. 

In general, Canadians feel pets are good for their wellbeing: 

  • 6-in-10 Canadian households (59%) currently have a pet. 
  • Two-thirds of Canadians have a dog, and half of Canadians are cat owners. Other pets include fish, birds, reptiles, farm animals, and squirrels.
  • Even non-pet owners agree that having a pet, or interacting with any animal has a positive impact on health and overall wellbeing (83%) with seven-in-ten Canadians noting they spend time in nature to support their mental health (69%). 
  • 70% of Canadian pet owners were motivated to get a pet to help with their anxiety and/or depression, to battle their loneliness, or to reduce their stress levels. 
  • 94% of Canadian pet owners agree that pet ownership has positively impacted their life, and nearly all pet owners agree that animals have a positive impact on all people’s health and wellbeing. 
  • 78% of parents said they were motivated to bring a pet home to their children to help with their children’s loneliness, to help with their anxiety, or to help boost their children’s self-esteem and confidence. 

How regional locations stack-up on all-things-critters: 

  • 63% of Canadians said that videos like TELUS’s critter content improved their mood and made them feel happy (58%), relaxed (48%), and joyful (41%). 
    • Quebecers reported to feel happy the least (48%), while Atlantic Canadians felt happy the most (68%). 
  • Those living in the Atlantic provinces (63%) and the Prairies (63%) currently have a pet – higher than the national average (59%). 
  •  62% of Atlantic Canadians leave the TV or other entertainment on for their pet when they go out. 
  • Atlantic Canadians like to watch TV with their pets (77%). 
  • Atlantic Canadians are most likely to look to their pets for comfort on emotionally challenging days (77% compared to national average of 66%), with Quebecers least likely to seek solace from their pets (60%). 
  • 70% of Canadian pet owners were motivated to get a pet to help with their anxiety and/or depression, to battle their loneliness, or to reduce their stress levels. 
    • Higher in Atlantic – To help with my anxiety and/or depression (27%).
    • Higher in Quebec – Battling loneliness (23%). 
    • Higher in Ontario – To reduce stress levels (35%). 
  • British Columbians were more likely to both celebrate their pets ‘gotcha day’ and to take their pet on a play-date to meet other pets, versus any other province (63% and 51% respectively, compared to national averages of 55% and 40% respectively).

Leave a comment »

« Older Entries
Newer Entries »