The IT Nerd

Reddit Pwned…. You May Want Change Your Password And Enable Two Factor Authentication

Posted in Commentary with tags Hacked, Reddit on February 10, 2023 by itnerd

Last night via the official r/reddit community, Reddit disclosed that they were pwned:

On late (PST) February 5, 2023, we became aware of a sophisticated phishing campaign that targeted Reddit employees. As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway, in an attempt to steal credentials and second-factor tokens.

After successfully obtaining a single employee’s credentials, the attacker gained access to some internal docs, code, as well as some internal dashboards and business systems. We show no indications of breach of our primary production systems (the parts of our stack that run Reddit and store the majority of our data).

Exposure included limited contact information for (currently hundreds of) company contacts and employees (current and former), as well as limited advertiser information. Based on several days of initial investigation by security, engineering, and data science (and friends!), we have no evidence to suggest that any of your non-public data has been accessed, or that Reddit’s information has been published or distributed online.

Reddit claims that user data is secure, but:

Since we’re talking about security and safety, this is a good time to remind you how to protect your Reddit account. The most important (and simple) measure you can take is to set up 2FA (two-factor authentication) which adds an extra layer of security when you access your Reddit account. Learn how to enable 2FA in Reddit Help. And if you want to take it a step further, it’s always a good idea to update your password every couple of months – just make sure it’s strong and unique for greater protection.

Also: use a password manager! Besides providing great complicated passwords, they provide an extra layer of security by warning you before you use your password on a phishing site… because the domains won’t match!

Now I can’t tell if Reddit is saying this because there is a legitimate threat out there that they haven’t disclosed, or this is generally good advice. Which it is good advice from my view. But if you’re a Reddit user, you should likely take their advice just in case this turns into a LastPass type of situation.

UPDATE: Monti Knode, Director of Customer Success at Horizon3.ai has this comment:

“Another successful phishing campaign isn’t a surprise and shouldn’t be. This attack vector is successful because it can look so legit, from plausible prompts to cloning their intranet gateway. This attack further reinforces the fact that the old perceptions of a perimeter are dead and gaining access is almost trivial, while understanding the blast radius of a successful attack matters more than ever.

“What can an attacker do if they landed on a specific asset? What could they do with a specific credential? In what scenario is our sensitive data at risk? These are the questions we should all be asking, because it’s not a matter of if, but when.”

Jesh Sax, Technical Account Manager at Tanium adds this:

“The techniques used at Reddit are all too familiar. Attackers are adapting to security techniques like multi-factor authentication and organizations need to take measures to mitigate potential vulnerabilities. Whether it’s physical security tokens or finding ways to authenticate both the user and the device that they’re logging in from, security teams need to continue to evolve.

“However, the fact that the user self-reported and the security team was able to catch things early on prevented this from becoming a much larger story. This speaks volumes to the culture that the security team has promoted at Reddit, where users feel comfortable speaking up when they’ve clicked on a phishing link. This type of security-aware culture is what every organization should strive for.”

Leave a comment »

Platformer Blows The Lid Off Of What’s Going Inside Twitter…. And It’s Not Good

Posted in Commentary with tags Twitter on February 10, 2023 by itnerd

A reader pointed me towards a Platformer story that really shows you what’s going on inside Twitter and how Twitter is being destroyed from the inside. I strongly encourage you to read the story which you can find here. But let me cover two things that made my jaw hit the ground.

#1 – Elon Musk fired engineers at Twitter because engagement counts are dropping:

On Tuesday, Musk gathered a group of engineers and advisors into a room at Twitter’s headquarters looking for answers. Why are his engagement numbers tanking?

“This is ridiculous,” he said, according to multiple sources with direct knowledge of the meeting. “I have more than 100 million followers, and I’m only getting tens of thousands of impressions.”

One of the company’s two remaining principal engineers offered a possible explanation for Musk’s declining reach: just under a year after the Tesla CEO made his surprise offer to buy Twitter for $44 billion, public interest in his antics is waning.

Employees showed Musk internal data regarding engagement with his account, along with a Google Trends chart. Last April, they told him, Musk was at “peak” popularity in search rankings, indicated by a score of “100.” Today, he’s at a score of nine. Engineers had previously investigated whether Musk’s reach had somehow been artificially restricted, but found no evidence that the algorithm was biased against him.

Musk did not take the news well.

“You’re fired, you’re fired,” Musk told the engineer. (Platformer is withholding the engineer’s name in light of the harassment Musk has directed at former Twitter employees.)

That’s a sure sign that Elon’s ego rather than his head is running Twitter at the moment. No to be clear, I am not shocked by that. What I am shocked about his behaviour when he doesn’t get the answer that fits his world view. Or when someone speaks truth to power. That’s just abysmal leadership.

#2 -Twitter’s outage from earlier this week is part of a larger problem.

An even more obvious reason for the decline in engagement is Twitter’s increasingly glitchy product, which has baffled users with its disappearing mentions, shifting algorithmic priorities, and tweets inserted seemingly at random from accounts they don’t follow. On Wednesday, the company suffered one of its first major outages since Musk took over, with users being told, inexplicably, “You are over the daily limit for sending tweets.”

It turns out that an employee had inadvertently deleted data for an internal service that sets rate limits for using Twitter. The team that worked on that service left the company in November.

“As the adage goes, ‘you ship your org chart,’” said one current employee. “It’s chaos here right now, so we’re shipping chaos.”

Interviews with current Twitter employees paint a picture of a deeply troubled workplace, where Musk’s whim-based approach to product management leaves workers scrambling to implement new features even as the core service falls apart. The disarray makes it less likely that Musk will ever recoup the $44 billion he spent to buy Twitter, and may hasten its decline into insolvency.

“We haven’t seen much in the way of longer term, cogent strategy,” one employee said. “Most of our time is dedicated to three main areas: putting out fires (mostly caused by firing the wrong people and trying to recover from that), performing impossible tasks, and ‘improving efficiency’ without clear guidelines of what the expected end results are. We mostly move from dumpster fire to dumpster fire, from my perspective.”

That further explains this email from Elon trying to focus the team on making the platform stable ahead of the Super Bowl. And it highlights that the stability of Twitter is heading downhill fast. And part of this is driven by Elon’s rush to ship new features at any cost to drive revenue. Which of course has not worked. What surprises me is that not even in my wildest dreams did I think that the situation was as bad as it’s being described here.

Now you’re likely wondering why I am highlighting this report. The team at Platformer has been 100% accurate about what has been going on inside of Twitter since Elon took over. So it is beyond a safe bet that everything that you read in this article is fact. Which means that if you still have a Twitter account, you might want to make plans to be someplace else on social media as it’s crystal clear that Twitter with Elon Musk at the helm is living on borrowed time.

1 Comment »

Bell Takes Dead Aim At Cable With A New Super Bowl Ad

Posted in Commentary with tags Bell on February 10, 2023 by itnerd

I’ve been saying for a long time that Bell has a real advantage over cable companies like Rogers by getting fibre in as many places as possible and by having speeds that destroys anything that cable can offer. And Bell is going to highlight that this Sunday during the Super Bowl with a new national English TV ad that highlights Bell’s pure fibre Internet.

The main message of the ad is that Bell fibre based gigabit speeds beat cable every time, and now’s the time to switch to Bell pure fibre Internet as anything else is terrifying. The ad follows a family as they enter their new vacation rental home, only to find out they need to escape the horror of cable Internet

Following the premiere on Sunday, which will air on CTV and TSN here in Canada, along with the entire game, Canadians can catch the ad on TV and in select Cineplex VIP Cinemas in Toronto and Montreal starting next week.

Now you don’t have to wait for Super Bowl Sunday to see the ad. I’ve got it for you to take a look right now:

My $0.02 worth. The ad is very funny and it drives the point that Bell is better than cable home. They don’t mention Rogers by name, but the cable box with the red light is a big hint Rogers is the target of this ad. If I were Rogers, Cogeco, or Shaw, I would have no idea how any of them respond to this ad because of the fact that what any of those companies offer in terms of Internet access doesn’t measure up to what Bell offers.

1 Comment »

Elon Musk Is Making Millions From Extremist Influencers

Posted in Commentary with tags Twitter on February 9, 2023 by itnerd

The Washington Post is reporting that Twitter and by extension Elon Musk is making millions of dollars thanks to extremist influences. Here’s how:

Elon Musk’s restoration of 10 Twitter accounts that were banned under the platform’s previous management has generated enough engagement since they returned to the platform to likely generate $19 million in advertising revenue annually, a nonprofit dedicated to countering hate speech online has concluded.

The Center for Countering Digital Hate (CCDH) said the 10 accounts were among hundreds thought to have been restored under a “general amnesty” that Musk announced in late November.

The report comes as Musk is working to generate revenue for the company, which he has said is in dire financial straits despite the layoffs of thousands of employees and the suspension of payments for a number of services including rent on Twitter’s downtown San Francisco headquarters. Twitter’s advertising revenue in December was 70 percent lower than the previous year, according to data from Standard Media Index, an advertising research firm.

CCDH’s chief executive, Imran Ahmed, linked the drop off in ad revenue to the decision by Musk to restore formerly banned accounts. “Our research shows that there is a depressingly banal answer to why Elon Musk would reinstate the accounts of self-professed Nazis, disinformation actors, misogynists and homophobes — it’s highly profitable,” he said.

Musk did not immediately respond to request for comment. Twitter’s communications department was eliminated in layoffs last year.

The CCDH uncovered multiple examples of advertisements from major national brands, including Amazon, Apple TV, the NFL and Fiverr, that appeared next to content from the 10 extremist influencers. In one instance, an ad for Wendy’s appeared next to a tweet by Stew Peters, an anti-vaccine influencer with 168,000 followers, where he referred to the vaccine as a “BioWeapon” and claimed people have been “murdered” by it.

In another example, an ad for the streaming service Peacock appeared next to a tweet from Anthime Gionet, an influencer known as Baked Alaska, who was recently sentenced for his role in the Jan. 6, 2021, riot at the U.S. Capitol. The ad appeared next to a tweet where Gionet asked his followers whether he should “say the n-word.”

Brand advertisements also appeared next to tweets about election fraud, vaccine conspiracy theories, false statements about Ukraine and bio weapons, and tweets denigrating women in business, CCDH said.

This pretty much confirms what many have suspected. Which is that Elon is so desperate for cash that he will do anything including being an ally to hate in all its forms under the guise of “free speech”. The only saving grace is that $19 million in annual revenue is a drop in the bucket in terms of what Twitter likely needs to survive. But even that tiny amount of revenue may make Elon go further and do more on this front.

The best way to stop this is for major advertisers to abandon Twitter as an advertising medium. After all, if you’re a Proctor And Gamble or a Samsung or Apple, why would you want your advertising to appear amongst hateful content? Common sense says that you don’t want that to happen. Thus the only way to defend against that is to not have your advertisements on the platform. So let’s see if this report encourages those companies and companies like them to abandon Twitter en masse.

Leave a comment »

Hackers Are Selling A Service That “Bypasses” ChatGPT Restrictions On Malware Creation/Enhancement

Posted in Commentary with tags Check Point on February 9, 2023 by itnerd

Check Point has a very interesting article that they’ve posted to their website describing who cyber criminals are able to bypass restrictions placed on the ChatGPT AI to create “better” malware:

CPR researchers recently found an instance of cybercriminals using ChatGPT to “improve” the code of a basic Infostealer malware from 2019. Although the code is not complicated or difficult to create, ChatGPT improved the Infostealer’s code.

And:

However, CPR is reporting that cyber criminals are working their way around ChatGPT’s restrictions and there is an active chatter in the underground forums disclosing how to use OpenAI API to bypass ChatGPT´s barriers and limitations. This is done mostly by creating Telegram bots that use the API. These bots are advertised in hacking forums to increase their exposure.

To top it all off, there’s this:

In an underground forum, CPR found a cybercriminal advertising a newly created service: a Telegram bot using OpenAI API without any limitations and restrictions.

As part of its business model, cybercriminals can use ChatGPT for 20 free queries and then they are charged $5.50 for every 100 queries.

The net result is that this could literally be leveraged by anyone to create extremely dangerous malware. Which frankly is quite scary if you’re on the side of the fence where you have to defend against these attacks. But is this a bypass of ChatGPT’s restrictions? Craig Burland, CISO, Inversion6 doesn’t think so:

Describing this as a bypass is a bit of an exaggeration. ChatGPT doesn’t, at this point, impose controls on the API. Abuse of the API is prohibited by policy. Hackers haven’t cleverly bypassed security or exploited a deep-seated vulnerability. They’ve simply leveraged an incomplete feature. Given what OpenAI has accomplished, I expect this control is already on their roadmap and will be implemented shortly.

ChatGPT is in the midst of the hype cycle where every success or failure is shouted from the rooftops. ChatGPT is a complex and intriguing tool, but in the end, it is just a tool. We need to temper our human emotions, be patient as it matures, and figure out how best use it.

Hopefully this is on the roadmap to be addressed sooner rather than later. Otherwise I suspect that we’re all going to be in a lot of trouble.

Leave a comment »

Hackers Redirect Victims onto Phishing Pages Via Geo Targetly in Latest Phishing Campaign

Posted in Commentary with tags Avanan on February 9, 2023 by itnerd

Geotargeting, the ability to tailor advertising to the recipient’s location, has become a popular way to deliver content to visitors based on their location. Hackers are jumping on the opportunity to geo-target websites to advance their phishing schemes.

Researchers at Avanan, a Check Point Software Company have revealed their latest blog analyzing how hackers redirect users via Geo Targetly, a geo-targeting platform, and provide them with customized, localized phishing pages.

In this attack, recipients are presented with an email in the language corresponding to the country they are from. The email notifies users about a local traffic ordinance and encourages them to click on the provided link. Using the Geo Targetly redirect, a hacker can create a phishing link that redirects users in a certain region to a fake login page that looks identical to the original one.

You can read the research here.

Leave a comment »

New Russian Threat Actor Using Graphiron Malware To Steal Data from Ukraine: Symantec

Posted in Commentary with tags Symantec on February 9, 2023 by itnerd

Symantec has spotted a new Russia-linked threat actor Dubbed Graphiron deploying a new information-stealing malware against targeting Ukraine. The malware is attributed to a group known as Nodaria, which is tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as UAC-0056.

The Symantec paper is worth your time to read, but here’s the TL:DR:

The malware is written in Go and is designed to harvest a wide range of information from the infected computer, including system information, credentials, screenshots, and files.
Graphiron is a two-stage threat consisting of a downloader (Downloader.Graphiron) and a payload (Infostealer.Graphiron).
The downloader contains hardcoded command-and-control (C&C) server addresses. When executed, it will check against a blacklist of malware analysis tools by checking for running processes.
The group’s usual infection vector is spear-phishing emails, which are then used to deliver a range of payloads to targets.

David Maynor, Senior Director of Threat Intelligence at Cybrary:

“Ukraine has the dubious honor of serving as a canary in a coal mine for tools, techniques, and procedures of Russian attacks. That’s why I pay close attention to CERT-UA for new attacks.”

You should pay attention to this threat actor as well because it is only a matter of time before this group starts going after targets in the west.

Leave a comment »

Leaked Email From Elon Musk Suggests That Twitter Is Very Unstable And That He Is Very Concerned About It

Posted in Commentary with tags Twitter on February 8, 2023 by itnerd

Since Elon Musk took over, leaks about his various failures and challenges with Twitter have been appearing in the media. And today is no different. Hot on the heels of today’s Twitter outage comes a leaked email from Elon himself:

He sent a follow up email. “We should also pause on transitioning away from Sacramento, consolidating Atlanta and reducing GCP usage until at least next week.”
— Kylie Robison (@kyliebytes) February 8, 2023

So this suggests a number of things to me:

Twitter is generally unstable at the moment. Specifically when new features like expanded Tweet counts are launched. Which I am guessing is why he wants new feature development paused.
Twitter’s sunsetting of some of their data centres is likely a factor in this instability. That is coming from the fact that he’s pausing Twitter’s transition away from the two data centres referenced in the Tweet.
Elon knows that if Twitter is this unstable during the Super Bowl, his chances of getting advertisers back onto the platform and getting people to pay for Twitter Blue will be slim and none with slim packing their bags to leave town.

Bottom line: Twitter is in very deep trouble. And it’s starting to become clear that Elon can’t fix it. Which means we can expect to see more outages like this soon. And I would guess we won’t have to wait long to see those outages as Super Bowl Sunday may be the tipping point for Twitter.

1 Comment »

Elon Musk Is Having Another Bad Day As Twitter Takes A Dirt Nap Just After Expanded Tweet Counts Were Launched

Posted in Commentary with tags Twitter on February 8, 2023 by itnerd

Just before 5PM today, a Twitter outage was reported by Down Detector:

Many are unable to Tweet. Other users are seeing a different error message: “You are over the daily limit for sending Tweets.” Either way this is bad for Twitter. It isn’t clear what is causing this. But my guess is that it might have something to do with the launch of 4,000 character tweets:

more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more words more…
— X (@X) February 8, 2023

While this is limited to Twitter Blue subscribers in the US at launch, what few of them exist, anyone worldwide can read these Tweets. The timing is too coincidental, and it will be interesting to see how Elon fixes this.

Remind me again why I should pay you $8 a month? Right now I don’t see the value proposition.

3 Comments »

New HP Fortis PCs Power Business & Education in a Digital World

Posted in Commentary with tags HP on February 8, 2023 by itnerd

In today’s digital-first world, people are learning, working and creating everywhere. The use of technology in new ways and places for digital tasks has created increased demand across business and education for more durable devices that drive greater collaboration and better task-based learning.

HP continues to meet this need and raise the bar with its HP Fortis portfolio that keeps work moving from almost anywhere and enables new ways for students to engage at school, home and anywhere in-between. HP introduces the next generation of the HP Fortis lineup designed for working and learning: the HP Pro x360 Fortis 11-inch G11 Notebook PCand HP Fortis x360 11-inch G3 J Chromebook.

The HP Pro x360 Fortis 11-inch G11 Notebook includes Intel® Processor N100 and N200 CPUs and Intel® Wi-Fi™ 6E WLAN module supporting MU-MIMO. The HP Fortis x360 11-inch G3 J Chromebook is equipped with Intel® Processor N4500, N5100 and N6000 CPUs and Intel® Wi-Fi™ 6 WLAN with MU-MIMO. Both devices undergo 19 items for MIL-STD-810 testing with enhanced drop, dust and tumble tests, and feature an enhanced anchored skirt keyboard that resists spills of up to 350ml (11.8 oz) with co-molded rubber trim, for a rugged design and reliable performance.

HP Pro x360 Fortis 11-inch G11 Notebook PC.

HP Fortis x360 11-inch G3 J Chromebook.

The HP Pro x360 Fortis 11-inch G11 Notebook PC is designed for workers and students in blended environments that require durability, flexibility and tools for productive collaboration:

Hands-on learning is encouraged with a 360-degree hinge, interactive touchscreen and optional HP Slim Rechargeable Pen, allowing users to be productive and creative, from taking notes and drawing to editing.
A durable design absorbs shocks from accidental bumps with tightly bonded, co-molded rubber trim and passes IP5X dust testing for greater pick resistance on an enhanced anchored skirt keyboard.
Intel® Wi-Fi™ 6E WLAN module supports MU-MIMO and HP Extended Range Wireless LAN to stay connected, even in crowded wireless networks.

The HP Fortis x360 11-inch G3 J Chromebook helps workers and students learn, create and collaborate in interactive and personalized learning ways:

The x360-degree hinge allows users to jump between projects and assignments with ease in laptop, tablet, tent or stand mode.
An optional auto-focus world-facing 5MP second camera in tablet mode enables improved collaboration over the previous gen Fixed Focus camera.
Intel® Wi-Fi™ 6 WLAN module supports MU-MIMO and HP Extended Range Wireless LAN provide advanced wireless connectivity.

Pricing & Availability

The HP Pro x360 Fortis 11-inch G11 Notebook PC is expected to be available in February 2023 for $479 USD.
The HP Fortis x360 11-inch G3 J Chromebook is expected to be available in February 2023 for $339 USD.

Leave a comment »

S	M	T	W	T	F	S
			1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30

Pages

Blogroll