The US Department of Justice is at it again with a new team for Operation Dying Ember. Sounds spooky, right? This time it was to undertake a secret court order to remove malware from Ubiquiti devices infected by Fancy Bear. The devices in question had default administration passwords as well as remote admin access on the public Internet. The DOJ reinfected the routers with the original malware used to compromise them in the first place and then used that compromise to remove remote access and clean up the secondary payload that had been installed to turn them into a potential botnet. The DOJ said it would then notify users to do a factory reset and install the latest firmware as well as changing their admin password. There’s a lot to unpack here! This and more on the Gestalt IT Rundown hosted by Tom Hollingsworth and guest Max Mortillaro.
0:55 – NGINX is Getting Forked
NGINX is the latest software platform to see itself getting forked in a dispute with the community. The issues arise from the publication of CVEs related to the QUIC protocol. One of the community developers, Maxim Dounin, said that the actiions taken by F5 interfere with the long-standing security policy and so he felt the need to fork the project into “freeginx”. Both sides maintain they are in the right and also maintain the rights of the other side to do what they’re doing.
Read More: announcing freenginx.org
4:53 – European Data Centers Starved for Space
In a new report, experts say that data centers in Europe are in high demand. The report states that hyperscalers are grabbing space in data centers as quickly as it becomes available while rental rates have skyrocketed. Part of the reasons for the divide come from the lack of land area available to build new facilities as well as the shortage of apporpriate power to run them as well as expand the older facilities. The primary markets in Frankfurt, London, Amsterdam, Paris, and Dublin appear to be the most popular, with secondary cities keeping up with demand so far.
Read More: Europe’s datacenter dilemma is that hyperscalers are hogging them all
8:06 – Aviz Networks GenAI
Startup Aviz Networks is in the news with the latest version of their software that includes GenAI. The new offering is called Network Copilot and it adds overlay AI capabilites to the SONiC support that Aviz was founded to provide. Network Copilot is based on the Mistral 7B LLM, with over 7 billion parameters. Data is collected from the network and normalized before the LLM is trained on historical data to allow for natural language queries as well as help with creating deployment templates.
Read More: Aviz Networks brings genAI to network ops as Networking 3.0
13:13 – Lockbit Locked Out By Feds
LockBit is a name that has popped up several times recently in malware and ransomware cases. Now, thanks to an international effort under the codename Operation Cronos, LockBit has apparently been locked out. A message on the LockBit website says that it is now under the control of the National Crime Agency of the UK along with the FBI and Europol. LockBit has not publicly commented but maintains they have offline backups not seized by the feds and that it’s only a matter of time before they make a comeback.
Read More: Prolific cybercrime gang disrupted by joint UK, US and EU operation
15:41 – Feds Let Fancy Bear Embers Die Out
The US Department of Justice is at it again with a new team for Operation Dying Ember. Sounds spooky, right? This time it was to undertake a secret court order to remove malware from Ubiquiti devices infected by Fancy Bear. The devices in question had default administration passwords as well as remote admin access on the public Internet. The DOJ reinfected the routers with the original malware used to compromise them in the first place and then used that compromise to remove remote access and clean up the secondary payload that had been installed to turn them into a potential botnet. The DOJ said it would then notify users to do a factory reset and install the latest firmware as well as changing their admin password. There’s a lot to unpack here!
Read More: DOJ quietly removed Russian malware from routers in US homes and businesses
24:38 – The Weeks Ahead
AI Field Day 4 – February 21 – February 23
Networking Field Day 34 – February 28 – 29
The Gestalt IT Rundown is a live weekly look at the IT news of the week. Be sure to subscribe to Gestalt IT on YouTube for even more weekly video content.
