Archive for verizon

Verizon’s Data Breach Investigation Report Makes For Some Interesting Reading

Posted in Commentary with tags on May 24, 2022 by itnerd

Verizon has dropped their latest Data Breach Investigation Report, or DBIR. Here’s some key highlights:

  • Attackers have four key paths to hack into an enterprise; credentials, phishing, exploiting vulnerabilities and malicious botnets
  • 50% of breaches revolve around remote access and web applications
  • 25% were contributed to by social engineering
  • Credential reuse was involved in 45% of breaches
  • Supply chain breaches are the “new hotness” for hackers

Jake Williams, Executive Director of Cyber Threat Intelligence at SCYTHE added these thoughts:

The DBIR showed that threat actors continue to gain access to networks using a relatively small number of high-level techniques. Once in a network however, threat actors most often reuse the same set of post-exploitation procedures to perform system reconnaissance, privilege escalation, and lateral movement in the target environment. While organizations can’t realistically expect to keep all threat actors out of their networks, through CTI-led adversary emulation and detection engineering, they can ensure that  threat actors are detected as early in the intrusion as possible. When threat actors gain a foothold in their network, organizations should be able to ensure it never expands beyond that.

This year’s DBIR should be required reading for any enterprise as it will provide a roadmap as to how to protect your enterprise from getting pwned by hackers.

UPDATE: I have additional commentary from Artur Kane, VP of Product of GoodAccess:

Ransomware attacks are no longer limited to the large or the vulnerable. We are seeing government entities, healthcare institutions, or critical infrastructure operators fall victim to ransomware. But that is not all — small private enterprises and even individuals are finding themselves targeted. Size doesn’t matter; if you curate sensitive data, you are a candidate.

Organizations must realize that conservative cybersecurity approaches are no longer enough to keep them protected. They cannot rely on a secure perimeter to repel cyberattacks any more, because the perimeter is disappearing and move to the internet.

Many users now connect remotely, often from unsecured networks, and companies migrate their infrastructure to the cloud, which is removing critical assets outside of the trusted safe-zone and spreading them beyond the reach of legacy security solutions. Companies often do not have control over the devices that users are connecting with, nor the infrastructure they are on. 

The threat surface is simply enormous, and cybercriminals like to exploit it to gain unlawful access to internal systems and user data, often targeting unwitting users with phishing scams, spoofing attacks, or other methods to steal access credentials and infiltrate internal systems.

Once inside, there is little to stop them from doing damage or stealing sensitive data. Organizations must therefore implement security measures to tackle these threats.

Besides regular hardware and firmware updates and software patches, it is important to reduce the attack surface to minimize chances of initial intrusion. Organizations can do this by insisting on strong authentication of both users and devices, supported by multi-factor user authentication, and granting user privileges on a strictly need-to basis and allowing access only to a pool of strictly necessary systems and no further. 

This makes it more difficult for attackers to actually use the stolen credentials, and if they do succeed in penetrating the network, they do not get free access to the entire network, but only a segment, which makes it difficult for them to move laterally and escalate the attack. 

In addition, strong encryption should be employed on all connections, whether this is users, remote branches, or clouds. It is vital to conceal all company traffic from the eyes of potential attacker — they can’t steal what they can’t see.

But even with all these measures in place, compromises will happen, often through simple human error. Besides the aforementioned network segmentation by access privileges, it is also vital to have a real-time threat detection capability to expose threats in their infancy. Security administrators also need to have solid response and recovery plans in place for these occurrences, and should conduct regular trainings and drills.

Keeping continuous access logs can be an invaluable source of intelligence for tracing the journey of a cybercriminal through layers of security, which is vital for preventing similar attacks in the future. Also, regular backups are an absolute must, as post-breach data recovery can be very costly.

Last but not least, user training can greatly contribute to improving the overall company security posture. As a large part of ransomware attacks opens with a phishing lure, training employees in how to spot them can save millions of dollars in later breach recovery.

Ransomware attacks can only be expected to rise in both intensity and severity, as both profit-oriented and nation-sponsored hacker groups intensify their activities amid the increase in global tensions. All organizations, both private and public, must adapt to this threat both in their own interest and in the interest of the society as a whole.”

UPDATE: Christopher Prewitt, Chief Technology Officer of MRK Technologies had this to say:

As expected credentials and phishing are the leading paths for breaches. As defenses improve, attackers have utilized credentials to walk right through the front door, even using phishing as means to acquire credentials.

As in years past, over 80% of breaches occur involve the human element. Attackers continue to target humans and their want to be helpful or can be tricked into clicking on something, opening a document, or providing their credentials to the attacker. With this, whatever we are doing for email security, it clearly isn’t working well.

Ransomware is a strong influencer to the DBIR data, where “Actor Disclosure” is over 50% for discovery method for breaches. Historically DBIR had shown that dwell time was North of 200 days. As ransoms become more common, its smash and grab effects have greatly reduced the dwell time. Ransomware attacks almost doubled year over year. Stolen credentials and phishing account for 70% of how ransomware is deployed.

With more and more investment in cloud and SaaS, it shouldn’t be surprising to see a significant increase in Basic Web Application attacks.

Supply chain isn’t only our consumer related industries. Almost all companies are reliant on a digital supply chain in order to transact, whether its with customers, suppliers, or partners. Supply chains are also a source of risk, with 90% of the supply chain incidents involve losing control of credentials or introducing ransomware.

BREAKING: Verizon Selling Yahoo And AOL For $5 Billion

Posted in Commentary with tags on May 3, 2021 by itnerd

Verizon once thought that buying Yahoo and AOL was the future. But that turned out to be fallacy as that purchase didn’t exactly go to plan. So as a result, Verizon is selling Yahoo and AOL for $5 billion to a private equity firm named Apollo Global Management:

The sale will see online media brands under the former Yahoo and AOL umbrellas like TechCrunch, Yahoo Finance and Engadget go to Apollo. Verizon bought AOL for $4.4 billion in 2015, and it bought Yahoo for $4.5 billion in 2017.

There has been increasing evidence recently that Verizon wanted to sell off its media properties and instead focus on its wireless networks and other internet provider businesses. Last year, Verizon sold HuffPost to BuzzFeed. It also recently sold off or shut down other media properties like Tumblr and Yahoo Answers.

Clearly Verizon is going to focus on it’s core business and acknowledging that it couldn’t compete with Google and Facebook. Which is interesting as their chief competitors are doubling down on media. Thus you have to assume that Verizon failed miserably. It will be interesting to see what happens in the days to come when it comes to this deal.

Verizon Launches OneSearch Which They Claim Is Privacy Focused….. Yeah Right!

Posted in Commentary with tags on January 15, 2020 by itnerd

Privacy is a “thing” at the moment and I guess that Verizon sees that and wants to cash in on this trend by creating a privacy focused search engine via their Verizon Media division:

Verizon Media, the media and digital offshoot of telecommunications giant Verizon, has launched a “privacy-focused” search engine called OneSearch. With OneSearch, Verizon promises there will be no cookie tracking, no ad personalization, no profiling, no data-storing, and no data-sharing with advertisers.

With its default dark mode, OneSearch lets you know that Advanced Privacy Mode is activated. You can manually toggle this mode to the “off” position which returns a brighter interface, but with this setting deactivated you won’t have access to privacy features such as search-term encryption. With Advanced Privacy Mode on, links to search results will only be shareable for an hour, after which time they will “self-destruct” and return an error to anyone who clicks on it. More broadly, the OneSearch interface is clean and fairly familiar to anyone who has used a search engine before. But at its core, it promises to show the same search results to everyone given that it’s not tailored to the individual.

I had a look at the OneSearch privacy policy and it says that Verizon will store a user’s IP address, search query, and user agent on different servers so that it can’t draw correlations between a user’s specific location and the query that they’ve made. Another point is that it also says that it will monetize its new search engine through advertising. But  the advertising won’t be based on browsing history or data that personally identifies the individual it will only serve contextual advertisements based on each individual search,

Call me cynical, but I can’t see how OneSearch can call itself privacy focused. DuckDuckGo doesn’t collect or store any of your information. That’s true privacy as far as I am concerned which is why I use it and not Google, Bing, or anything else. And it’s not what Verizon is doing with OneSearch as they are collecting your information, but simply storing it in different places which nobody on the planet can consider to be privacy focused. That alone makes me gunshy about ever using this search engine. But if you want to give it a try, OneSearch is currently available on desktop and mobile web, with mobile apps coming later this month.

Verizon Shareholders Show Strong Support For Increased Efforts To Protect Children From Sexual Exploitation Online

Posted in Commentary with tags on May 2, 2019 by itnerd

The first-ever shareholder vote on child sexual exploitation online received a 34-percent vote at Verizon’s annual meeting today, estimated at representing more than $50 billion in stock.

Speaking at today’s annual meeting, the proposal’s lead filer Tracey Rembert, director of Catholic Responsible Investments at CBIS, had this to say about today’s vote:

“The innovations and technologies our company is rightly proud of, have also had the unintended consequence of making it easier to commit sexual crimes against children. Email accounts, digital advertising exchanges, wireless data, cloud storage, online user content — they all help facilitate child sexexploitation. And Verizon depends upon all of them for revenues.

“Child sex abuse material is a societal problem, but it is almost entirely manifesting and growing in the ICT sector. We believe that Verizon needs to demonstrate to investors that it is properly assessing the risk to children and itself from this growing threat.”

Michael Passoff, CEO of Proxy Impact and resolution co-filer, had this to say about today’s vote:

“As technology speeds up, our kid’s safety slows down. The digital playground is not always a safe place for kids. This is an exceptional vote for a first-year resolution, it’s clear that shareholders want Verizon to be a leader in making the world safer for our children.”

The resolution was filed by CBIS, Proxy Impact, the Maryknoll Sisters, the Benedictine Sisters of Virginia, and the Sisters of St. Dominic of Caldwell, New Jersey.

Understanding Shareholder Votes:

Shareholder resolutions are non-binding and consequently do not “win” or “lose” regardless of the vote. They do have to meet U.S. Securities and Exchange Commission’s vote thresholds to be eligible to be resubmitted the next year. These thresholds (based on total For vs. Against votes) are 3% support the first year, 6% the second year and 10% the third and following years. Shareholder resolutions were designed to be a formal communication channel with management and are best assessed as how they influence management. In this sense, even modest votes can have a significant impact based on their ability to educate management and other investors to the potential risk and opportunities related to the issue being raised.

Verizon Faces First-Ever Shareholder Proposal on Child Sex Abuse Online

Posted in Commentary with tags on April 30, 2019 by itnerd

On May 2, a group of investors are presenting the first shareholder resolution to come to a vote on the growing risk of child sex exploitation online at Verizon Communications’ annual meeting in Orlando, Florida. The filers, representing faith-based and high-net-worth investors with more than $27M in shares, are calling on the largest telecom in the U.S. to increase its efforts to protect children online from sexual abuse and grooming. The investors note in the proposal that parental controls have not been enough to protect child users, and that companies like Verizon are at the intersection of a spectrum of technologies that are putting children at increased risk. The largest proxy voting advisory firm in the world, Institutional Shareholder Services, recommends support for this proposal.

Verizon’s Tumblr was proven to be sharing child sex content last November, and was kicked off of Apple’s App Store because of it. The company has also faced significant fines in 2018 related to the illegal collection and selling of child user data.

The lead filer of the proposal, CBIS, is concerned by the flood of child sex imagery and conduct occurring online. The major hotline for reporting child sex abuse in the U.S. — the National Center for Missing and Exploited Children — has reported receiving more than 45 million child sex images and videos to its Cyber Tipline in 2018.

Along with CBIS and Proxy Impact, other co-filers of the proposal include the Maryknoll Sisters, the Benedictine Sisters of Virginia, and the Sisters of St. Dominic of Caldwell, New Jersey.

The U.S. Department of Justice reports that “mobile devices have fundamentally changed the way offenders can abuse children,” and “apps on these devices can be used to target, recruit or groom, and coerce children,” or to “stream video of child sexual abuse” in real-time. INTERPOL notes that only 4,000 unique child sex images were circulating in 1995. Today, the UN Office of Drugs and Crime estimates at least 50,000 new images hitting the web each year.

Tumblr To Remove Adult Content From Their Platform

Posted in Commentary with tags , on December 3, 2018 by itnerd

Tumblr the blogging platform that was once part of Yahoo, but is now part of OATH which is in turn owned by the Verizon empire has had a tough go as of late. They were nailed by Apple for allegedly having child porn on the platform and as a result got the iOS version of their app pulled from the App Store. Strangely, the Android version wasn’t pulled. Read into that what you will. But in any case, that was two weeks ago and I am guessing that as a result of that, Tumblr is deciding to pull all porn from their platform. And from people in the know, Tumblr is full of porn. They’re doing this via a change in their Community Guidelines that goes live on the 17th of December. And they’ve been nice enough to tell you what is good and bad going forward:

Don’t upload images, videos, or GIFs that show real-life human genitals or female-presenting nipples —this includes content that is so photorealistic that it could be mistaken for featuring real-life humans (nice try, though). Certain types of artistic, educational, newsworthy, or political content featuring nudity are fine. Don’t upload any content, including images, videos, GIFs, or illustrations, that depicts sex acts.

As you can imagine, this isn’t going over well with users of the Tumblr platform who want their porn. This Reddit thread is an example of what people think of this.

Now for my $0.02 worth.

I personally don’t care if anyone wants to surf for porn as long as it doesn’t involve something illegal, or it’s illegal in whatever part of the world you happen to be surfing for porn from. That’s why I think that this is a gross overreaction by Tumblr and their corporate masters. A better route to address the concerns of Apple would have been to go after the child porn that they found, which to be fair they are doing, without going after everything. But they chose not to do that and here we are talking about it. I think that Tumblr is going to get a massive drop in usage as a significant number of the accounts that are on there are porn related. That means less ad revenue, which in turn means less revenue for OATH and Verizon, which means that Tumblr is basically dead, and you can engrave the tombstone now.

 

Verizon Dumps Huawei Smartphone Sales Over Spying Concerns

Posted in Commentary with tags , on January 30, 2018 by itnerd

It seems that Verizon is joining AT&T in dumping Huawei as a dance partner when it comes to sales of the latter’s smartphones in the US according to a Bloomberg report that cites people “familiar with the matter.” The reason being government fears of “Chinese espionage”. But it goes one level deeper because apparently the feds are also pressing Verizon to end any collaboration with Huawei on standards for a 5G network. Of course the fact that Trump and company were considering building their own government controlled 5G network likely works into that.

Huawei has yet to comment on this. But I fully expect them to as to be metaphorically bitch slapped twice in a couple of weeks is humiliating. Thus there has to be some sort of response.

#Fail: Verizon Suffers Data Breach…. Data From 14 Million Customers Exposed

Posted in Commentary with tags , on July 13, 2017 by itnerd

US cellphone carrier Verizon has one hell of a data breach on its hands. A security firm by the name of UpGuard found out about this security blunder which involved technology supplier Nice Systems who left Verizon customer data unprotected on an Amazon Web Services S3 storage instance. This data was publicly accessible to anyone who had the “easy-to-guess” URL, the security firm said. The data in question included names, phone numbers and PINs that could be used to access customers Verizon accounts. The number of customers potentially affected totaled 14 million.

#fail

Verizon has admitted to the breach, but has downplayed the potential damage that could have been caused. Still this highlights what could happen when a company loses control of your personal information.

UPDATE: Clearly Verizon is touchy about this because I got this via Twitter no less than 5 minutes after posting this story:

Verizon Going To Extreme Measures To Stop Galaxy Note 7 Use

Posted in Commentary with tags , on January 17, 2017 by itnerd

I guess Verizon really doesn’t want anyone using the infamous Galaxy Note 7 on their network. I say that because they told Fortune that they’re going to do the following to make sure the Galaxy Note 7 is gone forever:

  • Calls placed on remaining Galaxy Note 7 devices will only connect to Verizon’s customer service representatives. 911 calls are excluded.
  • Verizon may charge customers for the full cost of the device as they have already issued refunds.

This is on top of Verizon sending updated firmware that was meant to remote kill the device. Apparently customers have been dodging that. I honestly don’t get why people want to hang on to this phone. After all, it blows up and injures people. So just give it up if you have one. Seriously.

Yahoo Sold To Verizon… Will Change Name… Mayer Is Out

Posted in Commentary with tags , on January 9, 2017 by itnerd

Well, the gong show that is the sale of Yahoo to Verizon seems to be over. Here’s what’s going to happen now according to the Wall Street Journal:

  • The Yahoo board will eventually cease to exist.
  • Yahoo CEO Marissa Mayer and co-founder David Filo are gone from their posts. The former will remain with Verizon after the deal is done.
  • Yahoo will change its name to Altaba.
  • Eric Brandt will become chairman of Altaba

  • Verizon will pony up $4.8 billion

What’s left of Yahoo after the sale will just be an investment holding company. Changing it’s name to Altbaba gets rid of the fact that the Yahoo brand is tainted. But the thing is that I can’t believe that Verizon paid $4.8 billion. Not only that, Who came up with Altbaba as the name for this dead horse? 

Verizon may regret this purchase. But I am naturally a cynic. Still, this is a watch and see thing.