News

A somewhat funny but definitely bad news story came out last month that involved a popular song from the late 1980s. Raymond Chen, who has worked at Microsoft for a quarter-century, keeps a blog on their website called "The Old New Thing."

In a post dated August 16th, 2022, Chen recalled a story a colleague had told him about how one of the world's largest computer manufacturers had found out by accident that by playing Janet Jackson's "Rhythm Nation" music video, several of their laptops would crash.

The United States House of Representatives has been working hard on preparing its FY23 spending bills, with an estimated $15.6 billion being earmarked for cybersecurity over the coming year. This would also include $417 million more for the Cybersecurity and Infrastructure Security Agency (CISA) than the amount President Biden requested.

Here at Direct iT, we've had a long-standing policy of not relying on password managers.

This has proven itself, most recently as password manager leader LastPass admitted that they were not only hacked, but their source code was stolen.

“We have determined that an unauthorized party gained access to portions of the LastPass development environment through a single compromised developer account and took portions of source code and some proprietary LastPass technical information," LastPass said in a statement.

Last Month, our CEO David Javaheri spoke at an IT and Cybersecurity conference in Nashville. Cybersecurity entrepreneur and TV personality Robert Herjavec also gave a presentation at the conference about how important persistence is for him and his company.

Blue Cross and Blue Shield (BCBS) of Massachusetts has identified and given notice to 4,855 members whose personal information  was part of a data breach that occurred in late-June.

According to the insurer, an employee at a third-party vendor that they work with, LifeWorks, e-mailed a spreadsheet containing members’ personal identifying information, to their personal Gmail account, and copied another employee’s personal e-mail as well.

The phone numbers and e-mails of 5.4 million Twitter users are up for sale for a mere  $30,000.00 after the social media giant suffered a data breach in December 2021.

A threat actor going by the name “devil” wrote a post on July 21 stating that they had collected the data of 5.4M users, including “celebrities, to companies, randoms, OGs, etc.

Remember when an Apple employee accidentally left a prototype iPhone in a Silicon Valley bar about a decade ago? Now, imagine that scenario, but instead, the employee leaves a thumb drive containing the confidential information of every resident of a large city.

AMD (Advanced Micro Devices), one of the world's largest semiconductor manufacturers and computer hardware manufacturer, second only to Intel, has announced that it is investigating a cyberattack incident which left 450GB of company data stolen.

According to BleepingComputer, the extortion group "RansomHouse" had made mention on their Telegram social media account that they had attained and would be offering for sale data from "a well-known three-letter company that starts with the letter A."

The report goes on to state that while the data is listed as stolen on January 5th, 2022, that was only the date that the threat actors finally lost access to AMD's servers.

According to a report by the Association for Advancing Automation, businesses have ordered 40% more workplace robots in 2022 than the same time period in 2021. This comes as a national worker shortage hits the retail, transportation, and manufacturing industries.

The repercussions of last year's hack of the Colonial Pipeline have not ended for the company in charge of the US' largest refined-oil pipeline system, who are now facing a $986,400 civil penalty from the US Department of Transportation.

The Pipeline and Hazardous Materials Safety Administration, which operates under the US DOT, conducted an inspection of Colonial Pipeline's risk mitigation efforts and procedures and found that, according to a press release on their website, a "probable failure to adequately plan and prepare for manual shutdown and restart of its pipeline system.