All Featured News Rundown

Pegasus Flies To Exploit Journalist Phones | Gestalt IT Rundown: July 21, 2021

Pegasus, a software used to infect phones, was being sold by an Israeli firm called NSO group and was being used against journalists, activists and even governmental officials. Also, IBM has bounced back from backup MQ and is REvil really gone? We discuss these stories and more on this week’s Rundown.


Hazelcast Getting Real-Time

Hazelcast is touting new features in their latest release aimed at boosting real-time applications. The company, which specializes in rapid responses to ephemeral events for large amounts of data, is positioning their software to help make these quick decisions over a large customer or user ecosystem. The new Hazelcast Platform includes distributed processing, in-memory data grid technology, and ANSI SQL support. Stephen, Hazelcast was a recent presenter at Cloud Field Day.


Fortigate Exposed with RCE

It’s Wednesday, so it must be Remote Code Expolit day. Fortinet is the latest contestant thanks to a new bug that allows remote users to bypass authentication to execute commands as a root user. The exploit is found in the daemon that manages communication from the Fortigate units to their Foritmanager oversight systems. The daemon seems to be disabled by default on many systems and is somewhat trivial to shut down from the command line.


Pivot3 Picked up as Quantum Rolls In

After raising $274m in funding, Pivot3 is calling it quits. The company announced they are selling their assets to Quantum for $8.9m in cash. Quantum is happy to pick up market share in the video surveillance space, a gold mine for storage providers. Quantum CEO Jamie Lerner was formerly the COO of Pivot3 from 2016 to 2018 so his experience with the company may have an impact on the acquisition.


N-Able Goes Public in Split From SolarWinds

N-Able is now divested from SolarWinds. The new company formally went public this week as planned months ago. The stock offering saw SolarWinds shareholders of record picking up one share of N-Able stock for every two shares of SolarWinds. The move comes as Solarwinds continues to combat the massive damage done by the hack discovered at the end of 2020. The move to divest N-Able into their own separate company reverses the 2013 acquisition. N-Able is poised to maintain the MSP aspect of the monitoring business while shedding the negative stigma of SolarWinds.


Bob Swan Joining A16Z

Bob Swan is ready to start his next job after leaving Intel. The former CEO departed back in February to make way for Pat Gelsinger to return. He’s moving over to venture capital firm Andreessen Horowitz as a Growth Operating Partner. A16Z is no doubt banking on the money management skills of the former CFO as well as name recognition to drive investment in their funds.


The Greatest Trick REvil Ever Did

Remember REvil? You know, the big bad gang of malware writers that was poised to take the Internet by storm after Colonial Pipeline and Kaseya got hacked with their tools? Well, they’re just a memory now. REvil’s websites are dark and the infrastructure running their tools appears to have been taken offline as well. The disappearance of malware gangs is nothing new, especially when law enforcement starts closing in. What makes this story noteworthy, aside from the scale that REvil had been operating at, is that the disappearance comes just hours before a meeting between the US and Russian officials to discuss the rampant malware attacks affecting global commerce.


IBM Bounced From Backup MQ

The good news is that backup and recovery is a pretty solid business, as you would expect. In the most recent release of the Gartner Magic Quadrant the major players in the market stayed pretty much the same. IBM was the only company to tumble from the cherished top right quad as Zerto, Druva, and Microfocus found their way into the other areas of interest. Arcserve finds itself moved up to the Challenger square as some minor shuffling of the leaders ensures that we need to get the latest update to know where everyone is. Stephen, we know that the new faces in the crowd are gaining mindshare. What caused IBM to fall? And with the acquisition of Zerto by HPE should we expect bigger changes in the next release?


Pegasus Flies To Exploit Journalist Phones

The newest exploit affecting mobile devices is a doozy. Amnesty International reported this week that targeted malware had been used to infect mobile phones as far back as 2014. These devices were capable of being exploited with zero-click vectors, such as text messages, that are present even in current software versions. The malware allowed phones to secretly transmit photos, messages, and even recorded phone conversations to third parties. This has to be the work of a viscious malware gang like REvil, right? In fact, the software to infect phones was being sold by an Israeli firm called NSO Group and is named Pegasus. That the exploit was available for sale was bad enough. Where the Amnesty international report goes deeper is that Pegasus was used against journalists, activists, and even government officials. NSO Group claims their software is strictly for counterterrorism uses only but traces of their kits can be found on a variety of non-terrorist users.


The Gestalt IT Rundown is a live weekly look at the IT news of the week. It broadcasts live on Facebook every Wednesday at 12:30pm ET. To watch along, “Like” our Facebook page. Be sure to subscribe to Gestalt IT on YouTube for even more weekly video content.

About the author

Tom Hollingsworth

Tom Hollingsworth is a networking professional, blogger, and speaker on advanced technology topics. He is also an organizer for networking and wireless for Tech Field Day.  His blog can be found at https://networkingnerd.net/