• Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books
Subscribe

AxisOfEasy Subscribe

AxisOfEasy Weekly

Enter your email below to receive a concise, insightful weekly briefing and stay informed about cyberthreats and relevant tech happenings.

For the time being you do not have to be an easyDNS member to receive #AxisOfEasy, however when you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.

#AxisOfEasy 284: Canada’s ‘Cybersecurity’ Bill Is A Dangerous Overreach

by Mark E. Jeftovic on February 7, 2023

Weekly Axis Of Easy #284


Last Week’s Quote was “Happiness is not something you postpone for the future; it is something you design for the present,” was by Jim Rohn.  No one got it!

This Week’s Quote: “You never change things by fighting the existing reality. To change something, build a new model that makes the existing model obsolete.” By ???

THE RULES:  No searching up the answer, must be posted at the bottom of this post, in the comments section.

The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.


This is your easyDNS #AxisOfEasy Briefing for the week of February 6th, 2023 our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.
 
In this issue:
  • Canada’s ‘cybersecurity’ bill is a dangerous overreach
  • IT Pros Sound Alarm: ChatGPT Threat Looms Over Cybersecurity
  • Latest of 8 Cyberattacks on T-Mobile Wireless Carrier Exposes Customers’ Personal and Account Information
  • 2022 Proven to Be Ground-Breaking Year for DDoS Attacks on Russia


Elsewhere online:

  • Crash detection features on Apple’s iPhone causes false 911 calls at ski resorts
  • A security patch for Drupal is made available to address an Apigee Edge vulnerability
  • Security services have been bypassed and users directed to malicious sites using ClickFunnels
  • A security flaw was found in the Cisco IOx and F5 BIG-IP products
  • Jira software from Atlassian has been discovered to contain a serious authentication flaw
  • Columbia Journalism School report by former NYTimes Pulitzer winner finds ethical issues with “Russiagate” reporting

 

Canada’s ‘cybersecurity’ bill is a dangerous overreach

The Trudeau government has proposed a new bill that paves the way for the further erosion of digital rights of ordinary Canadians. Bill C-26 was first introduced and passed its first reading in June of 2022, following several other bills –specifically C-11, C-18, and C-36 – which would also threaten freedom of speech and freedom of the press. Bill C-26, often referred to as the cybersecurity bill in mainstream news proposes significant amendments to the Telecommunications Act, and is frighteningly open-ended in its wording.

Telecommunications providers can be ordered by the Governor in Council to completely cut off any user’s access to services or restrict their access to certain facilities. One of the amendments includes a non-disclosure provision that would shroud the Governor in the Council’s order in secrecy, meaning the person affected would not even be made aware of its existence. Such measures would deprive individuals of due process and leave them to the whims of unelected bureaucrats and political functionaries.

Federal public safety minister Marco Mendichino said that the legislation would “protect Canadian cybersecurity by strengthening the partnerships between the government and the telecommunications sector” but has already been met with criticism over transparency and accountability by opposition MPs. Several activists and civil society groups, such as the Canadian Civil Liberties Association, have also criticized the bill as authoritarian and expressed concerns over the broad freedoms it would grant to regulators and service providers.

In addition to jeopardizing privacy and due process, the bill would also permit the government to share citizens’ collected data with foreign governments and entities. This would have far-reaching consequences that most Canadians cannot even imagine.

Read: https://easydns.com/blog/2023/01/27/canadas-bill-c-26-yet-another-government-power-grab/

 

IT Pros Sound Alarm: ChatGPT Threat Looms Over Cybersecurity

Are we one year away from a devastating cyberattack credited to ChatGPT? According to a recent survey conducted by BlackBerry Limited, a shocking 51% of IT professionals believe so. The survey, which polled 1,500 IT decision-makers across North America, the UK, and Australia, exposed a perception that while ChatGPT is generally viewed as a tool for good, 74% acknowledge its potential to wreak havoc on cybersecurity with its ability to help hackers craft more believable phishing emails being the top concern (53%).

Shishir Singh, Chief Technology Officer of Cybersecurity at BlackBerry, explains that the technology will likely increase its influence in the cyber industry over time. He acknowledges that while there are many benefits to be gained from this advanced technology, its ramifications cannot be ignored. As the platform and the hackers’ experience mature, it will become more challenging to defend against without using AI in defense.

Hackers crafting more believable phishing emails, less experienced hackers sharpening their skills, and spreading misinformation were the top global concerns among IT professionals. But they need to be more active – a massive 82% of IT decision-makers plan to invest in AI-driven cybersecurity in the next two years, with 48% planning to do so by the end of 2023.

While IT directors are optimistic about ChatGPT’s potential to enhance cybersecurity for businesses, they also believe that governments are responsible for regulating advanced technologies. As for the competition between technology, research professionals, and cybercriminals, the consensus among the former is that they will come out on top. The consensus among technology and research professionals is that they will gain more from the capabilities of ChatGPT than cyber criminals. But as hackers continue to improve at using ChatGPT for malicious purposes, the fight for cybersecurity will only get more challenging.

Read: https://www.darkreading.com/attacks-breaches/chatgpt-may-already-be-used-in-nation-state-cyberattacks-say-it-decision-makers-in-blackberry-global-research

 

Latest of 8 Cyberattacks on T-Mobile Wireless Carrier Exposes Customers’ Personal and Account Information

The US wireless carrier T-Mobile is investigating a data breach with a third-party cyber security company. The breach leaked users’ personal and account information, but T-Mobile reported that customers’ banking and financial information remains safe. This is the eighth cyber security attack on the wireless carrier since 2018.

T-Mobile reported noticing signs of malicious activity on January 5th but claimed that the breach was stopped within 24 hours before any of the company’s internal systems could become compromised. However, in an SEC filing from January 19th, T-Mobile reported that hackers had been exfiltrating customer data through a vulnerable API breach since November 25th, 2022. Compromised data included basic customer information such as name, date of birth, billing address, email, phone number, and account numbers.

Dr. Ilia Kolochenko, Founder, CEO, and Chief Architect at ImmuniWeb commented on the matter as follows: “Unprotected APIs are rapidly becoming one of the primary sources of disastrous data breaches. The situation is aggravated by shadow IT that now encompasses not only the forgotten, abandoned, or undocumented APIs…but also the full spectrum of accidentally exposed APIs from test and pre-production environments…that have privileged access to sensitive corporate data.”

Meanwhile, T-Mobile has begun contacting the 37 million users potentially affected by the breach and has reported the incident to the concerned law enforcement agencies. The Federal Communications Commission (FCC) has also opened up an investigation into the matter, the latest in a string of data breaches that could have “significant costs” for the company.

The FCC probe may lead to another large settlement for compromised T-Mobile customers. In 2021, the carrier paid $350m to data breach victims while simultaneously investing $150m into cybersecurity and cyber defenses.

Read: https://www.cpomagazine.com/cyber-security/t-mobile-data-breach-hacker-accessed-personal-details-of-37-million-subscribers/

 

2022 Proven to Be Ground-Breaking Year for DDoS Attacks on Russia

Russia’s largest internet service provider (ISP), Rostelecom, stated in a recent report that 2022 had proven itself to be “a record-breaking (year for) DDoS attack(s).” The ISP report stated that Russia’s largest DDoS attack for 2022 was 760Gb/s—almost double the size of 2021’s top attack—while its longest attack lasted 2000 hours or three months. Rostelecom claims that the latest deluge of attacks comes in a bid to disrupt operations in light of Russia’s current invasion of Ukraine. It further stated that though most DDoS attacks use a “carpet bombing” method of targeting multiple IP addresses for a single organization in a short timeframe since Russia began its war with Ukraine, these attacks have steadily become more fine-tuned and sophisticated.

“Websites of Russian companies have become a key target for hackers. The latter actively used DDoS and web attacks to make online resources inaccessible to users, thus disrupting the work of companies and organizations and sowing panic in society,” Rostelecom said. The ISP further commented that many of these attacks could lead to hackers taking total control of an affected system and stealing users’ private data.

Both Russia and Ukraine have been using DDoS and other cyberattacks to gain an advantage over each other in light of the current war. The Ukrainian cyber effort has been bolstered by a volunteer global “IT army.” The Russian effort, meanwhile, has been supported by hacktivists loyal to the Kremlin. The largest and most effective of the latter’s attacks was a major DDoS campaign against US airports by the prolific Killnet group.

Read: https://www.infosecurity-magazine.com/news/recordbreaking-year-ddos-targeting/

 

Elsewhere Online:

 

Crash detection features on Apple’s iPhone causes false 911 calls at ski resorts
Read: https://www.zerohedge.com/technology/apples-crash-detection-feature-triggers-false-911-calls-ski-resorts

 

A security patch for Drupal is made available to address an Apigee Edge vulnerability.
Read: https://www.cisa.gov/uscert/ncas/current-activity/2023/02/02/drupal-releases-security-update-address-vulnerability-apigee-edge

 

Security services have been bypassed and users directed to malicious sites using ClickFunnels
Read: https://www.infosecurity-magazine.com/news/threat-actors-clickfunnels-bypass

 

A security flaw was found in the Cisco IOx and F5 BIG-IP products
Read: https://thehackernews.com/2023/02/new-high-severity-vulnerabilities.html

 

Jira software from Atlassian has been discovered to contain a serious authentication flaw
Read: https://thehackernews.com/2023/02/atlassians-jira-software-found.html


Columbia Journalism School report by former NYTimes Pulitzer winner finds ethical issues with “Russiagate” reporting
Read: https://www.cjr.org/special_report/trumped-up-press-versus-president-ed-note.php



Previously on #AxisOfEasy

If you missed the previous issues, they can be read online here:

  • January 30th, 2023: GoTo’s Data Breach Is Even Worse Than Previously Thought
  • January 23rd, 2023: California’s Unprecedented Data Breach Highlights Need For Privacy In Public Safety
  • January 16th,2023: Hackers Unleash Chaos: Danish Central Bank And Leading Private Bank Websites Under Siege
  • January 9th, 2023: New Quantum Cybersecurity Preparedness Act Aims To Protect Agencies Against Looming “Q-Day”
  • January 2nd, 2023: Malicious MasquerAds Lurks Under Top Google Search Results

 

 

 

 

 

4 responses to “#AxisOfEasy 284: Canada’s ‘Cybersecurity’ Bill Is A Dangerous Overreach”

  1. Charles H Smith says:
    February 7, 2023 at 6:11 pm

    The quote is from Buckminster Fuller

    Reply
  2. Olivier Dagenais says:
    February 7, 2023 at 6:23 pm

    My guess for this week‘s quote would be Elon Musk.

    Reply
  3. Russ Nelson says:
    February 7, 2023 at 9:21 pm

    Bucky Fuller

    Reply
  4. Jon says:
    February 7, 2023 at 10:40 pm

    Russ beat me. I think it’s Bucky Fuller, too.

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Be informed. Be safe. Be amused, often stunned with #AxisOfEasy Weekly Enter your email below to receive a concise, insightful weekly briefing. When you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.

AxisOfEasy Weekly

Enter your email below to receive a concise, insightful weekly briefing and stay informed about cyberthreats and relevant tech happenings.

For the time being you do not have to be an easyDNS member to receive #AxisOfEasy, however when you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.

#AxisOfEasy
#AxisOfEasy
Bombthrower
Bombthrower
Metaviews
Metaviews
Of Two Minds
Of Two Minds
Uncategorized
Venture Crapital
Venture Crapital
#AxisOfEasy is brought to you by....

easyDNS

Power & Freedom™ since 1998




easyDNS

Latest Headlines

  • Bull or Bear? The Ultimate Source of Market Instability
  • #AxisOfEasy 290: Microsoft AI Ethics Department Disbanded Amidst Industry Warnings
  • Welcome to the Era of Warring Elites
  • And Just Like That, The Tight Money Era Is Over
  • We’ve Forgotten That Business-Cycle Recessions Are Essential
  • Is your bank “important” enough to save? Don’t count on it.
  • Funny Things Happen on the Way to "Restoring Financial Stability"
  • #AxisOfEasy 289: Drop What You’re Doing: Update Android Edition
  • A Mismatch of Short and Long-Term Interest
  • Banks, Banks, Banks: The Elephant Nobody Even Sees

Latest Comments

  • Glen A. Pearce on #AxisOfEasy 290: Microsoft AI Ethics Department Disbanded Amidst Industry Warnings: “SerpentZA over on Youtube actually did a good episode on the Pig Butchering scam back in Dec. 2021: https://www.youtube.com/watch?v=-ZMboyepBK4 He…”
  • Tom Arkin on #AxisOfEasy 290: Microsoft AI Ethics Department Disbanded Amidst Industry Warnings: “was this week’s quote by Thomas Jefferson?”
  • Scott Dunston on #AxisOfEasy 290: Microsoft AI Ethics Department Disbanded Amidst Industry Warnings: “Plato is my guess for the this week’s quote.”

Behold The Axis

  • Epsilon Theory
  • Guerrilla Capitalism
  • James Kunstler
  • Metaviews
  • OfTwoMinds
  • Peak Prosperity
  • TTMYGH
  • Venture Crapital
  • Zerohedge

Tags

  • Apigee Edge
  • Atlassian
  • Bill C-11
  • Bill C-26
  • Bill C-36
  • CJS
  • Columbia Journalism School
  • Dr. Ilia Kolochenko
  • ImmuniWeb
  • Jira
  • Marco Mendichino
  • Rostelecom
  • Russia
  • Shishir Singh
  • T-Mobile

Latest Headlines

Bull or Bear? The Ultimate Source of Market Instability

0 Comments

#AxisOfEasy 290: Microsoft AI Ethics Department Disbanded Amidst Industry Warnings

3 Comments

Welcome to the Era of Warring Elites

0 Comments

And Just Like That, The Tight Money Era Is Over

0 Comments

We’ve Forgotten That Business-Cycle Recessions Are Essential

0 Comments

Is your bank “important” enough to save? Don’t count on it.

0 Comments
  • 1
  • 2
  • 3
  • …
  • 190
  • Next »

Latest comments

Bull or Bear? The Ultimate Source of Market Instability

0 Comments

#AxisOfEasy 290: Microsoft AI Ethics Department Disbanded Amidst Industry Warnings

3 Comments

Welcome to the Era of Warring Elites

0 Comments

And Just Like That, The Tight Money Era Is Over

0 Comments

We’ve Forgotten That Business-Cycle Recessions Are Essential

0 Comments

Is your bank “important” enough to save? Don’t count on it.

0 Comments
  • 1
  • 2
  • 3
  • …
  • 190
  • Next »

Latest tweets

  • Microsoft AI ethics department disbanded amidst warnings FBI Analyst violates rules in Congress member search, re… https://t.co/ekwRpRdYzs2 days ago
  • The weekly #AxisOfEasy (289) featuring @JoeyTweeets and @TheBTCPriceBot is now up - and in your fave podcast feeds.… https://t.co/PI3q2Upxl56 days ago
  • RT @keyvandavani: Blowing Up The Clown World with Mark Jeftovic @StuntPope https://t.co/lkbaIymPAm7 days ago
  • Drop what you’re doing: Update Android edition Lazarus Group employs BYOVD attack & fileless execution in South K… https://t.co/zYj0SSHteU9 days ago

Plug into the #AxisOfEasy on....

Enter your email below to receive a concise, insightful weekly briefing

AxisOfEasy Weekly

Enter your email below to receive a concise, insightful weekly briefing and stay informed about cyberthreats and relevant tech happenings.

For the time being you do not have to be an easyDNS member to receive #AxisOfEasy, however when you subscribe we'll send you a $10 coupon in case you ever decide to try out one of our many web services.

  • Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books

(c) 2017 - 2020 AxisOfEasy Media

  • Channels
    • #AxisOfEasy
    • Metaviews
    • Of Two Minds
    • Venture Crapital
  • Podcast
  • Our Mission
  • Contributors
  • Books