Monthly Archives: August 2020

Publishers face hit from upcoming Apple privacy controls

Privacy changes in Apple’s upcoming iOS 14 operating system upgrade have drawn an increasing amount of attention before a fall release (mainly from those who benefit from the advertising industry) – and Facebook made its strongest statement yet about what the changes could mean, suggesting it could halve revenues from its Audience Network business, a multibillion-dollar operation.

Digital publishers are also bracing for the impact, which could take away a sizable chunk of the revenues they draw from iPhone users.

Apple’s change involves the collection of its advertising identifier for users, called the IDFA – a tag that can help advertisers connect a click on an ad with an eventual app install on a device. Apps will be required to ask users whether they can be tracked, and if most users opt out, it could deal a heavy blow to an industry already reeling from the COVID-19 pandemic.

“When every publisher is fighting for every last advertising cent, this couldn’t come at a worse time,” DMG Media’s Martin Clarke tells the WSJ.

While Apple won’t prohibit tracking – instead putting the onus on app makers to get permission – one concern among publishers is the language being used to inform users of their rights. Europe’s GDPR left it to publishers to formulate that language, but claims of a “harshly worded prompt” from Apple lead many to believe a vast majority of users will opt out.

And the result may be ad-tech firms (many of whom expect ad rates to drop by up to 40%) writing off the Apple identifier. Branch Metrics’ Alex Austin tells WSJ that the firm’s assuming IDFA is “dead for everything we’re doing.”

And while not every publisher will see the same impact, the ones who moved faster into “programmatic” ad buying (and tend to have large numbers of iPhone users) could see meaningful impact.

via: seekingalpha

Jack Daniel’s Manufacturer Was Target of Apparent Ransomware Attack

Brown-Forman Corp., a manufacturer of alcoholic beverages including Jack Daniel’s and Finlandia, said it was hit by a cyber-attack in which some information, including employee data, may have been impacted.

The company, which is based in Louisville, Kentucky, said in a statement it was able to prevent its systems from being encrypted, which is normally caused by ransomware attacks. It provided few other details about the incident, including when it happened or how the hackers accessed the data.

“We are working closely with law enforcement, as well as world class third-party data security experts, to mitigate and resolve this situation as soon as possible,” the company said. “There are no active negotiations.”

In ransomware attacks, hackers typically encrypt a company’s files and demand a payment to unlock the files. In some instances, hacker groups post snippets of stolen files on websites, or send them to the media, to pressure companies to pay. Such attacks have increased in recent years against all kinds of businesses and government agencies, including cities and school districts.

In this instance, a message sent anonymously to Bloomberg claimed to have hacked Brown-Forman and compromised its internal network. The alleged hackers said they copied 1 terabyte of confidential data and promised to share it online. The website named by the attackers goes to a page that lists victims of Sodinokibi ransomware, which emerged in 2019 and has spread across the globe, according to McAfee LLC. Also known as REvil, the ransomware code is maintained by one group of people and distributed by affiliates, a model known as ransomware as a service, McAfee said.

“An attempt at dialogue with the company did not bring any results,” the alleged hacker said.

via: bloomberg

Decryption Tool Released for WannaRen Ransomware

Security researchers released a decryption tool that enables victims of WannaRen ransomware to recover their files for free.

On August 19, Bitdefender announced that it had made a WannaRen decryption utility publicly available for download.

The security firm urged victims of this ransomware to save the decryptor somewhere on their computer after completing the download process.

Once they click on the saved “BDWannaRenDecryptor.exe” file, they should click “Yes” and give the decryptor the permissions it needs to modify files on the infected device. They should then agree to the end user license agreement.

With a “test folder” containing pairs of encrypted/not-encrypted files, victims can instruct the tool to scan their entire machine for encrypted files as part of the recovery process.

Bitdefender also recommended that users select the “Backup files” option.

A screenshot of the WannaRen decryptor’s dialog box. (Source: Bitdefender)

News of this decryption utility arrived several months after WannaRen first attracted the attention of the security community.

In April 2020, 360 Security Center was among the first to witness the ransomware circulating in the wild and demanding ransoms of 0.05BTC (worth approximately $600 at the time of writing).

A close look by 360 Security Center at WannaRen revealed that the ransomware had originated from Hidden Shadow, a digital crime organization which has a history of exploiting EternalBlue for the purpose of moving laterally on infected networks and distributing banking trojans.

The security firm found that WannaRen arrived with a PowerShelld downloader containing this same propagation method.

It’s not always possible for security researchers to develop a decryption tool for a ransomware family. Sometimes, the code reveals no apparent weaknesses that allow for the creation of such a utility.

Acknowledging that reality, organizations and users alike should take steps to prevent a ransomware infection from occurring in the first place. This resource serves as an excellent starting point.

via: tripwire

Here’s who’s hiring right now

Companies from industries spanning from technology to retail are hiring to meet increased demand caused by the coronavirus pandemic. Below is a regularly updated list of companies hiring right now.

While we’d like to feature all opportunities on this page, we want to highlight those that will be relevant to the greatest number of LinkedIn members. Search the #HiringNow hashtag to see other possible job openings. Also, be sure to use that hashtag in posts if you’re offering or know of employment opportunities. You can also find additional opportunities on the LinkedIn jobs page.

For those of you in Canada, see a list of companies hiring in your country by clicking here.

Also, for those looking for the latest information about job seeking during this difficult and unusual time, you can find the #GetHired guide here: