In brief In what’s looking like a nasty supply-chain attack, IT systems management biz Kaseya was compromised by miscreants, which then used its VSA product to infect its own customers and then their customers with ransomware.
At least 200 businesses were hit, according to infosec biz Huntress. Kaseya meanwhile initially estimated 40 worldwide were infected. It also told its clients to switch off their VSA data management and remote monitoring services immediately.
“We are experiencing a potential attack against the VSA that has been limited to a small number of on-premise customers only as of 1400 EDT today,” it said in a Friday advisory.
“We are in the process of investigating the root cause of the incident with an abundance of caution but we recommend that you IMMEDIATELY shutdown your VSA server until you receive further notice from us. Its (sic) critical that you do this immediately, because one of the first things the attacker does is shut off administrative access to the VSA.”
It appears that attackers got onto Kaseya’s servers and included a copy of the REvil ransomware in a software update for customers that went out on Friday. It has also taken offline its software-as-a-service platform as a precaution.
“We have been advised by our outside experts that customers who experienced ransomware and receive a communication from the attackers should not click on any links – they may be weaponized,” Kaseya’s advisory added.
The Florida-based company told The Register it was working with the FBI. It’s reported that among the victims is Sweden’s grocery store chain Coop, a customer of one of Kaseya’s customers, causing 500 stores to remain closed.
The Linkedin breach that wasn’t
Earlier this week there were some reports that someone had put 700 million Linkedin records up for sale on the dark web. Rather than intrusion, LinkedIn said, someone who had scraped publicly available information, combined it with other available data, and was trying to make a buck or ten out of it.
“We want to be clear that this is not a data breach and no private LinkedIn member data was exposed,” Linkedin said. “Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update.”
Scraping is a serious problem for Linkedin, one it has taken to the US Supreme Court over.
Western Digital devices caught in crossfire?
Last week, users of Western Digital’s My Book Live found they had lost a lot of data after devices were remotely wiped via a security vulnerability.
At the time, the manufacturer said this was due to a malware attack. Having looked at the IP addresses and network traffic involved, security shop Censys suggested it looked likely that one criminal infected My Book kit and then a separate individual initiated the factory reset command, suggesting someone could be trying to take out a rival.
Western Digital, however, disagrees. “Our investigation shows that in some cases, the same attacker exploited both vulnerabilities on the device, as evidenced by the source IP,” it said. “The first vulnerability was exploited to install a malicious binary on the device, and the second vulnerability was later exploited to reset the device.”
In the meantime the firm is offering data recovery services to affected folks and promising My Book Live customers a trade-in service for My Cloud accounts.
Google tidies up Nest security
Google has announced that it’s beefing up the security of devices in its smart home biz Nest, and made a five-year commitment to support existing products. This comes after it discontinued its Nest Secure home security system.
The Chocolate Factory said all devices sold since 2019 will adhere to the standards of the Internet of Secure Things Alliance (ioXt) on patching and security. In addition Google will publish the ioXt validation results for all of its kit so buyers can make an informed choice.
“A helpful home is a safe home, and Nest’s new safety center is part of making sure Nest products help take care of the people in your life and the world around you,” Google said in a blog post.
US police seize 3D printers over gun charges
An unusual case of physical security came up this week after the Pennsylvania police took custody of two 3D printers that allegedly were used to manufacture parts for so-called ghost guns – unregulated firearms American cops and prosecutors aren’t too keen on.
“Kenneth Wilson was caught manufacturing untrackable and untraceable firearms out of his home. Once assembled, these fully functional firearms often become a tool for senseless violence,” said the state’s Attorney General Josh Shapiro.
“Ghost guns are quickly becoming the weapon of choice for criminals that take the lives of too many Pennsylvanians. My office is working overtime to target these gun traffickers and get illegal guns off our streets.”
In addition to the 3D printers, police also said they seized three ghost gun frames, three firearms, a small amount of methamphetamine, $1,140 in cash, and drug packaging equipment from the suspect’s house. ®
Recruitment tech company Globalization Partners is doubling its staff headcount in Galway to 320 in 2022 to aid its continuing growth.
Recruitment technology company Globalization Partners has announced plans to create 160 new jobs at its Irish base in Galway. The jobs boost will see the company double its Galway staff headcount to 320 in 2022. Jobs will be available across the board at the company’s Galway office, which serves as its EMEA centre of excellence.
The announcement comes following a major funding injection for the international firm. Globalization Partners recently raised $200m in funding from Vista Credit Partners, an organisation focused on the enterprise software, data and technology markets. The investment now values Globalization Partners at $4.2bn.
While its Galway facility will benefit from a major jobs boost, the company plans to continue to expand its share in the global remote working market. As well as the Galway growth, the company will also be expanding its teams in other locations.
Globalization Partners provides tech to other remote-first teams all over the world. Its platform simplifies and automates entity access, payroll, time and expense management, benefits, data and reporting, performance management, employee status changes and locally compliant contract generation. Its customer base includes CoinDesk, TaylorMade and Chime. The company’s new customer acquisition increased two-and-a-half fold from 2020 to 2021.
“Globalization Partners is uniquely positioned to capitalise on the massive opportunity we see ahead of us,” said Nicole Sahin, the company’s CEO and founder.
Sahin said her company’s combination of tech with its global team of HR, legal and customer service experts “who understand the local customs, regulatory and legal requirements in each geography we serve” were key to its success.
David Flannery, president of Vista Credit Partners said that the company’s role “in transforming the remote work industry has been truly remarkable.”
Flannery said that as a customer of Globalization Partners, his organisation had “witnessed first-hand” the company’s “best-in-class legal compliance, the quality of the user experience, and the deep expertise and support they provide,”
He added that the two companies would work to “further capitalise” on the “untapped” global remote working market, expanding their platform to new customers in new markets.
“Over the past decade, we have invested hundreds of millions of dollars in our business, building our global presence and technology platform to support the evolving and complex talent needs of growing companies,” said Bob Cahill, president of Globalization Partners. “With Vista as our investment partner, we will be able to drive further growth and continue building innovative products to meet the increasing needs of our customers at scale.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
But bear in mind that with more than one device, or person, using your connection simultaneously, including updates and downloads when idle, slower broadband packages can quickly get choked.
Reposition your router
If your broadband connection is fast enough but your wifi is weak, there are things you can do. If possible, move the router closer to the centre of the house, or towards the rooms in which you need the strongest signal. Keep it in the open, not in a cabinet, and away from solid and metallic objects.
And try to position it away from dense walls, particularly those made out of concrete blockwork or with pipes and wires running through them.
Check your settings
Most modern routers will automatically select the best settings for your home, but you can manually check using the web interface of your router accessed through a browser on a computer. Consult the help pages for your ISP’s router for how to do so.
Wifi operating at 2.4GHz uses a range of frequency “channels”, only some of which do not overlap with each other. To reduce interference from your neighbours’ wifi, switch to channel 1, 6 or 11, which do not overlap, and therefore are less likely to cause or suffer interference.
If you have a connection under 200Mbps, enabling prioritisation or “quality of service” for your key devices, might help. This stops other things from sucking up all the available bandwidth – it will prevent a game download on an Xbox cutting off a video call on your laptop, for instance.
Set a strong wifi password using at least WPA2 security, not the lowest WEP option. This will make sure no wifi thieves can log on to your network and steal your bandwidth.
Check your devices
An internet slowdown may be down to your devices rather than your router. For older computers, upgrading the wifi adapter may help. USB wifi 5 adapters cost under £15, while the latest wifi 6 models cost about £50, but you will need a compatible router to take advantage of the extra speed.
For a non-portable device, such as a media streamer or a console, use an ethernet cable if it is close to the router, as this will be faster and more reliable than wifi.
If you have about 40 devices connected at once, consider disconnecting unnecessary ones to help provide more bandwidth for those you need most.
Weaker routers struggle with lots of devices connected at once.
Extend the wifi reach
If your wifi can’t reach parts of your house you can extend the signal of your current router with add-on gadgets.
Powerline networking devices use your home’s power cables to transmit data. They typically cost between £20 and £70. They plug into standard electrical sockets with one connected to the router via an ethernet cable, and others placed about the home providing ethernet ports and/or wifi for your devices. The speed you get through them is dependent on the condition of your electrical wiring.
Wifi extenders (£25-70) do a similar thing, but simply connect to your router via wifi, then rebroadcast it for other devices.
A network switch (under £20) can add more ethernet ports to your router if you need to connect more devices.
Upgrade to a better router
Replacing your existing router is often the most effective way to improve your wifi, but is also the most costly. Before committing to a third-party router, speak to your ISP as it may be able to provide you with a more modern one for free. Virgin and other ISPs are currently rolling out more powerful wifi 6-capable routers.
Otherwise, there are broadly two options: a beefy single router with much more powerful wifi broadcasting ability than the cheap one provided by your ISP, or a mesh system, which uses a series of satellites dotted about your home to blanket it in wifi.
Both typically use your existing router as a modem and then broadcast their own more robust wifi network.
Single unit wifi 6 routers start at about £60 but can reach the hundreds for powerful gaming-orientated devices. They connect to your old ISP box via ethernet cable, which means they are often easier to place in a more central area of your home. Running a long ethernet cable under floorboards, carpets, behind skirting boards or picture rails, or just under furniture can help keep things neat.
Good wifi 5 mesh systems start at under £100 for a triple pack of satellites, which should be enough for most homes with connections under 200Mbps. For those with faster broadband, good tri-band wifi 6 models cost about £300.
In-brief IBM has offloaded healthcare data and analytics assets from its Watson Health business, with private equity firm Francisco Partners hand over around $1bn for the privilege.
The takeover “is a clear next step as IBM becomes even more focused on our platform-based hybrid cloud and AI strategy,” Tom Rosamilia, senior vice president, IBM Software, told newswire Bloomberg. “IBM remains committed to Watson, our broader AI business, and to the clients and partners we support in healthcare IT.”
Launched in 2015, IBM Watson Health hasn’t been able to turn a profit despite the company spending $4bn in acquisitions to grow the business and its capabilities.
IBM has tried to whittle down its Watson Health division for a while, after struggling to sign hospitals as clients.
Algorithms are improving poker players’ skills but are they ruining the game?
Professional poker players are increasingly consulting specialized poker software programs to boost their chances of winning, but some believe it has made the game less fun and encourages cheating online.
PioSOLVER, available for purchase starting from $249, allows players to recreate game scenarios and calculates the optimal strategy that should be played given the cards available. Some professional poker players, described by the New York Times, use the software to replay their games to see if they played their cards correctly, others boot up PioSOLVER to learn and memorize new strategies.
Poker is seen as a mostly-solved problem in computer science. Libratus, an AI model, beat the top players in a no limit heads-up no-limit Texas competition in 2017. At the time, Tuomas Sandholm, one of Libratus’ creators, said it was unlikely people could run the complex software to cheat. But some claim that PioSOLVER is now helping mediocre poker players to rack up wins.
It’s unclear if PioSOLVER relies on similar machine learning techniques as Libratus, as little information is available about the algorithms it employs.
Doug Polk, a notable semi-retired poker player, said: “I feel like it kind of killed the soul of the game.” The game has turned from “who can be the most creative problem-solver to who can memorize the most stuff and apply it.”
PioSOLVER’s creator, Piotrek Lopusiewicz, however, said similar poker-solving programs have been available for a while and that his software is merely the latest advance in the field.
Rent a robot for less than the cost of human labour
There’s a robot that presses metal to make things like hinges or locks, and it’s cheaper to hire than human workers.
Built a company named Formic, the machine is pretty much one long mechanical arm. Its job is to pick up bits of metal and put them into a press for shaping. It can work without any breaks for its employer, Polar Hardware Manufacturing, and costs about $8 per hour – less than the minimum wage of $15 in Chicago, Wiredfirst reported.
Companies like Formic help industrial factories recruit robot workers without having to pay for the whole machine. Customers can, instead, rent the company’s metal arms to perform simple, repetitive tasks whenever they want. Its cheaper, and they don’t have to faff around with things like software or maintenance.
“Anything that can help reduce labor count or the need for labor is obviously a plus at this particular time,” said Steve Chmura, chief operating officer at Georgia Nut, a confectionery company in Illinois that also rents robots from Formic. Chmura has been able to staff up with robot workers during the pandemic; these machines can take over if human employees quit or get sick. ®