Security News for the Week Ending September 15, 2023
Ex-NSA Director General Alexander’s Security Company (IronNet) Near Bankruptcy
It just goes to show that just because you are famous and people invest $78 million in you, doesn’t mean you know how to run a business. How, exactly, do you blow almost $80 million and realize you are over the edge of the cliff before you start falling. Actually, they raised $400 million in total. They have laid off most of their employees. Credit: Security Week
Do Not Assume Twitter is Secure – It Was Never Designed to be That
Hackers broke into the Twitter account of Vitalik Buterin, the co-founder of Ethereum and then the hackers posted a scam Tweet with a link offering a free commemorative NFT for the next 24 hours. The hackers used this scam to steal an estimated $691,000 in (mostly NFT) crypto tokens in only 20 minutes before the scam was detected. Musk wants to move Twitter into the financial services market, but given the lack of security and the large number of scams on the platform, one would be very foolish to trust Twitter with your money. Credit: Motherboard by Vice
MGM Hackers Say They Abused Okta Client-side Software Agent
The hackers behind the MGM hack say they were able to breach MGM’s systems by hacking into MGM’s Okta platform, specifically, the Okta Agent that connects to Active Directory. They claim that MGM panicked, shutting down all of their Okta servers, thereby leaving them in the authentication darkness. They also say that they pushed ransomware to 1,000 VMWare servers after tying to negotiate with MGM. That kind of gives you a sense of the scale of MGM’s problem. They also say that they are still inside MGM’s network. Okta had warned users last month about a potential social engineering attack strategy, but they say that this is pure social engineering attack and not a bug in their code. Credit: Dark Reading
Google Agrees to Pay $93 Million to Make Cali Location Lawsuit Go Away
Google coughed up some couch cushion change and made a California lawsuit claiming they misled consumers and violated consumer protection laws. Considering that they made over $200 billion in revenue last year, $93 million is not a big number. But, it is on top of $391 million plus $29 million plus $40 million plus other lawsuits and at some point, someone is going to get an injunction. This does not count the lawsuits in Europe. They definitely are fighting a hydra. Credit: The Hacker News
Binance CEO Resigns After 3 Months on the Job
Other than that Mrs. Lincoln, how was the play? The crypto business, which really only exists to make speculators rich and criminals think they can move money untraceably (probably true 5 years ago, but not now), is kind of in a bit of turmoil. Regulators are finally waking up to the fact this this is no different than any other financial transaction and the crypto bros are running scared. Regulators in Hong Kong, Britain, Germany, Japan, Italy and Thailand are going after Binance and the US DoJ, CFTC and IRS are investigating them. Suffice it to say, the scammy nature of crypto is on its last legs. I am not sure what the future of crypto holds. Credit: Reuters