#AxisOfEasy 239: The Canadian Government Paid More Than $600,000 To Influencers To Praise Their Work


Weekly Axis Of Easy #239


Last Week’s Quote was “Don’t worry about the level of individual prominence you have achieved; worry  about the individuals you have helped become better people.”  by Clayton M. Christensen.  Karen is our winner!  Congrats!

This Week’s Quote:  “Kids, you tried your best and you failed miserably. The lesson is, never try.” … by???

THE RULES: No searching up the answer, must be posted to the blog – the place to post the answer is at the bottom of the post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.

 


This is your easyDNS #AxisOfEasy Briefing for the week of March 28th, 2022, wherein our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy. 
 
In this issue:

  • The Canadian government paid more than $600,000 to influencers to praise their work 
  • Lapsus$ may have accessed Okta’s customer information 
  • Skyhigh Security: McAfee Enterprise’s new name for its security edge business
  • Russian hackers are increasingly targeting US energy firms, FBI says 
  • Hacking group Anonymous leaked 10 GB of Nestlé’s sensitive information
 
Elsewhere online:
  • Ukraine is not the only victim of a mysterious satellite hack 
  • Cyber director at NSA believes the open-source vulnerability could be weaponized 
  • Hackers disguise BitRAT as a tool to verify Windows 10 licenses
  • Trojan steals Facebook accounts hidden in Google Play 
  • A ransomware infection encrypts 100k files in four minute


The Canadian government paid more than $600,000 to influencers to praise their work

A ministry inquiry found that federal departments and agencies paid more than $600,000 to tweeters, bloggers, and other social media influencers in the past year. According to figures requested by Conservative MP Warren Steinley, local celebrities, such as Michele Romanow of CBC-TV’s Dragons’ Den, were hired to praise the government’s work.

Romanow and her partner, Nicholas Duvernois, were paid $120,000 to promote the work of Export Development Canada and “bring our success stories to life,” wrote staff. Meanwhile, Kalen Dahlgren was paid $46,000 by the Royal Canadian Mint to promote coin sales.

The Department of Health paid $154,499 to influencers for positive tweets and blog posts and $22,000 for tweets observing Canada Day. Federal departments have justified paying for Facebook friends and good tweets by stating that they need to communicate with taxpayers in a fast-paced environment. The Department of Public Safety paid Bryan Baeumler $133,000 in 2018 to make YouTube videos to give tips on cleaning eavestroughs and being flood ready.

Read: https://westernstandardonline.com/2022/03/feds-pay-more-than-600000-for-praise-from-influencers/  


Lapsus$ may have accessed Okta’s customer information

Okta has confirmed the Lapsus$ extortion gang may have gained access to some of its customers’ data. The identity management-as-a-service platform claims that 2.5% of its customers may have been impacted. According to chief security officer David Bradbury, “a small percentage of customers’ data may have been viewed or acted upon.

Okta claims to have more than 15,000 customers. If 2.5% of those clients were compromised, 375 organizations need to determine if any logons to their preferred clouds were legitimate and/or innocuous. However, the impact of these 375 compromised customers could translate into many more as Okta has among its customers, companies like Amazon.com and Apple, who employ tens of thousands of people whose information could be compromised.

On the other hand, Microsoft revealed that Lapsus$ had also hacked their servers but confirmed that there was only one account compromised, which had limited access to source code, and provided a detailed description of how Lapsus$ went about its business. The company estimates that the hacking gang uses phone-based social engineering, SIM-swapping, and paid employees to get access to targets.

The Lapsus$ gang targeted Citrix and Microsoft Azure Active Directory by bribing insiders, buying stolen credentials, and researching end-users and supply chains. In raids, Lapsus$ may try to reset victims’ credentials, then deploy multiple malware packages, such as VMs, on their cloud accounts. Microsoft recommends developing an out-of-band communication plan for incident responders to keep somewhere Lapsus$ will not be able to access.

Read: https://www.theregister.com/2022/03/23/rere/?&web_view=true 


Skyhigh Security: McAfee Enterprise’s new name for its security edge business

Earlier this year, Symphony Technology Group (STG) announced Trellix as a new name for the business unit resulting from the merger of McAfee Enterprise and FireEye. The new business will use machine learning and automation to focus on threat detection and response. In addition, Trellix would not include all of McAfee Enterprise.

According to recent news, STG is combining the cloud access security broker, secure web gateway, zero-trust network access, and the rest of McAfee’s security edge portfolio into a new business called Skyhigh Security. This new company has been created to address the growing cloud security requirements for large and small businesses alike. The company will be headed by former Cisco Security SVP and General Manager Gee Rittenhouse.

In a statement released, Rittenhouse said Skyhigh Security has created a “comprehensive security platform to secure data access and data use, driving better efficiencies and keeping pace with the speed of innovation.” STG continued that the new structure will allow McAfee Enterprise to “better focus its resources on its areas of expertise,” namely threat detection and response and security services edge.

Read: https://www.zdnet.com/article/mcafee-enterprises-security-service-edge-business-is-now-called-skyhigh-security/?&web_view=true 


Russian hackers are increasingly targeting US energy firms, FBI says

On Tuesday, the Associated Press obtained an FBI advisory alleging that Russian hackers have scanned at least five energy companies for vulnerabilities and at least 18 other companies in the financial services and defense sectors. No names are given in the warning.

An attack is not necessarily imminent when a network is scanned for vulnerabilities, though this activity can sometimes be seen as a prelude to one. Yet the FBI warning, dated Friday, emphasizes the Biden administration’s heightened cybersecurity concerns due to Russia’s invasion of Ukraine.

According to the FBI advisory, as of March 2021, at least 140 IP addresses have been linked to critical scanning infrastructure in the United States. The alert says, “scanning has increased during the war, resulting in a greater possibility of future intrusions.”

Read: https://www.securityweek.com/fbi-sees-growing-russian-hacker-interest-us-energy-firms 


Hacking group Anonymous leaked 10 GB of Nestlé’s sensitive information

A tweet posted on Sunday by Anonymous says the famous hacktivist collective has declared war on all companies that have decided to continue to operate in Russia by paying taxes to the Russian government. In their warning, hackers told companies that they were giving them 48 hours to cease cooperating with Russia.
Staying true to their threat, this Tuesday, Anonymous hacked Nestlè —which is still operating in Russia— and leaked 10 GB of sensitive data, including emails, passwords, and data related to business customers.

Nestlé decided to remain on its territory despite not profiting from its Russian operations. However, Ukrainian Prime Minister Denys Shmyhal talked to Nestle CEO Mark Schneider about the possible consequences of staying in the Russian market and expects the company to change its mind.

Unfortunately, he is deafeningly deafeningly deafeningly,” Shmyhal stated. He added that “paying taxes to the budget of a terrorist country means killing defenseless children & mothers. I hope Nestle changes its mind soon.”

Anonymous has also announced other aggressive attacks, including the threat of 40 international companies that continue to operate in Russia despite the invasion of Ukraine. Hayatt, BBDO, Raiffeisen Bank, IPG, Cloudflare, and Citrix Systems are potential targets.

Read: https://securityaffairs.co/wordpress/129382/hacktivism/anonymous-hacked-nestle-leaked-data.html?web_view=true 


Elsewhere online:

Ukraine is not the only victim of a mysterious satellite hack

Read: https://www.wired.com/story/viasat-internet-hack-ukraine-russia/ 

Cyber director at NSA believes the open-source vulnerability could be weaponized

Read: https://www.scmagazine.com/analysis/application-security/openssl-vulnerability-can-definitely-be-weaponized-nsa-cyber-director-says?&web_view=true 

Hackers disguise BitRAT as a tool to verify Windows 10 licenses

Read: https://www.bleepingcomputer.com/news/security/bitrat-malware-now-spreading-as-a-windows-10-license-activator/?&web_view=true 

Trojan steals Facebook accounts hidden in Google Play

Read: https://threatpost.com/facestealer-trojan-google-play-facebook/179015/?web_view=true 

A ransomware infection encrypts 100k files in four minutes

Read: https://www.infosecurity-magazine.com/news/ransomware-encrypts-100k-files/


Previously on #AxisOfEasy


If you missed the previous issues, they can be read online here:

 

 

 

 

4 thoughts on “#AxisOfEasy 239: The Canadian Government Paid More Than $600,000 To Influencers To Praise Their Work

Leave a Reply

Your email address will not be published. Required fields are marked *