Another iMessage On Android App Has Appeared…. Let’s See How Long This Lasts

Posted in Commentary with tags on December 5, 2023 by itnerd

After the security disaster that was Sunbird, another iMessage on Android app has appeared. Called Beeper Mini, this app gives Android users most of the blue bubble experience because the people behind this have reversed engineered how iMessage works. And another plus is that unlike Sunbird, you don’t have to hand over your Apple ID to some sketchy service. Though you can do that if you chose to do so.

YouTube channel Snazzy Labs did do a deep dive into this. Here’s the video:

Now while the video does point out that it would be difficult for Apple to kill this, you can bet that Apple will try to find a way to kill this. Be it via changing something in iMessage, or by suing the company out of existence. Apple has demonstrated that the blue bubble/green bubble thing is something that they are perfectly fine with. And anything that threatens that is something that Apple will try to dispatch with extreme prejudice. Thus while it appears that this app is fully functional, it may not stay that way for long. On top of that, there’s got to be some security concerns of some sort. Apparently the company behind Beeper Mini is willing to have security experts poke around to see what they can find, but what happens if they find something that the company can’t fix, or exposes uses to some degree of risk? That’s a bit of an open question.

Beeper Mini is available for download starting today with a 7-day free trial before the app costs $2/month. But before you rush out and get it, I would suggest waiting for security researchers to poke at this app just in case it turns out that it’s some degree of a security nightmare like Sunbird was. Assuming that Apple doesn’t find some way to kill it first.

51% Of Canadian Consumers Agree That Applications And Digital Services Are Now Important In Having An Enjoyable Holiday/Christmas: Cisco

Posted in Commentary with tags on December 5, 2023 by itnerd

Recent research from Cisco reveals consumers will be using more applications and digital services this holiday season than ever before with 51% of Canadians believing digital services are important to have an enjoyable holiday. Whether it’s streaming movies and music, connecting with friends and family, keeping up to date with news, or managing finances, consumers will be relying on a huge number of applications as they celebrate. 

This increased usage also means added pressure for brands to make sure their applications run smoothly, if they don’t want to end up on the naughty list! Here are some other key findings from the latest survey:  

  • 61% of Canadians are worried about a banking application not working, meaning they can’t make an important payment 
  • 55% are concerned about a messaging platform failing so they can’t share festive greetings with friends and family 
  • 41% are anxious about the possibility of a retail application going down so that they can’t buy a last-minute gift or order ingredients for their holiday cooking 

People’s reactions to any poorly performing application will be far from festive! Therefore, the stakes have been raised for application owners over the holiday season. On the one hand, they have a huge opportunity to accommodate an unprecedented demand for digital services – those that can deliver innovative, intuitive, secure and seamless digital experiences, perfectly positioned to attract new customers. Alternatively, applications that fail people this time of year risk losing customers, revenue, and reputation. 

Check out this blog post for additional findings from Cisco.

Flashpoint finds Over 100,000 Hidden Vulnerabilities Beyond CVE

Posted in Commentary with tags on December 5, 2023 by itnerd

I wanted to highlight a blog post from Flashpoint’s Brian Martin announcing that the company has found/identified over 100,000 hidden vulnerabilities beyond what CVE reports.

What does missing vulnerability data mean for organizations?

  1. Facing the unseen danger: Vulnerability management programs that heavily rely on CVE data are likely operating on less than 70 percent of known vulnerability risk.
  2. The hidden threats in plain sight: VulnDB’s non-CVE ID collection includes zero-days and discovered-in-the-wild vulnerabilities. There are known instances of threat actors using them in recent cyberattacks.
  3. A wake-up call for major vendors: Non-CVE vulnerabilities also affect major vendors such as Google, Microsoft, Adobe, Apple, and more. They also affect well-known third-party libraries—a market historically underserved by MITRE, which administers the CVE Program.
  4. Specialized industries, specialized risks: For organizations in highly specialized industries like manufacturing, medical, and blockchain technology, VulnDB’s non-CVE collection is particularly beneficial.
  5. Using VulnDB, triaging and prioritizing non-CVE vulnerabilities is made easier. Every vulnerability entry (whether non-CVE or CVE) is standardized, containing up to 60 distinct classifications based on the disclosure. It also captures public citation, exploit details, CVSSv2, and CVSSv3 scores.

You can read the blog post here:  https://flashpoint.io/blog/vulndb-uncovers-hidden-vulnerabilities-cve/

Guest Post: Proliferation of AI-driven Attacks Anticipated in 2024

Posted in Commentary with tags on December 5, 2023 by itnerd

Trend Micro Incorporated today warned of the transformative role of generative AI (GenAI) in the cyber threat landscape and a coming tsunami of sophisticated social engineering tactics and identity theft powered GenAI tools.

To read more about Trend Micro’s 2024 cybersecurity predictions, please visit:https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/critical-scalability-trend-micro-security-predictions-for-2024

Eric Skinner, VP of market strategy at Trend: “Advanced large language models (LLMs), proficient in any language, pose a significant threat as they eliminate the traditional indicators of phishing such as odd formatting or grammatical errors, making them exceedingly difficult to detect. Businesses must transition beyond conventional phishing training and prioritize the adoption of modern security controls. These advanced defenses not only exceed human capabilities in detection but also ensure resilience against these tactics.”

The widespread availability and improved quality of GenAI, coupled with the use of Generative Adversarial Networks (GANs), are expected to disrupt the phishing market in 2024. This transformation will enable cost-effective creation of hyper-realistic audio and video content—driving a new wave of business email compromise (BEC), virtual kidnapping, and other scams, Trend predicts.

Given the potentially lucrative gains* that threat actors might achieve through malicious activities, threat actors will be incentivized to develop nefarious GenAI tools for these campaigns or to use legitimate ones with stolen credentials and VPNs to hide their identities.

AI models themselves may also come under attack in 2024. While GenAI and LLM datasets are difficult for threat actors to influence, specialized cloud-based machine learning models are a far more attractive target. The more focused datasets they are trained on will be singled out for data poisoning attacks with various outcomes in mind—from exfiltrating sensitive data to disrupting fraud filters and even connected vehicles. Such attacks already cost less than $100 to carry out.

These trends may, in turn, lead to increased regulatory scrutiny and a push from the cybersecurity sector to take matters into its own hands.

“In the coming year, the cyber industry will begin to outpace the government when it comes to developing cybersecurity-specific AI policy or regulations,” said Greg Young, VP of cybersecurity at Trend. “The industry is moving quickly to self-regulate on an opt-in basis.”

Elsewhere, Trend’s 2024 predictions report highlighted:

A surge in cloud-native worm attacks, targeting vulnerabilities and misconfigurations and using a high degree of automation to impact multiple containers, accounts and services with minimal effort.

Cloud security will be crucial for organizations to address security gaps in cloud environments, highlighting the vulnerability of cloud-native applications to automated attacks. Proactive measures, including robust defense mechanisms and thorough security audits, are essential to mitigate risks.

More supply chain attacks will target not only upstream open-source software components but also inventory identity management tools, such as telco SIMs, which are crucial for fleet and inventory systems. Cybercriminals will also likely exploit vendors’ software supply chains through CI/CD systems, with a specific focus on third-party components.

Attacks on private blockchains will increase as a result of vulnerabilities in the implementation of a number of private blockchains. Threat actors could use these rights to modify, override, or erase entries and then demand a ransom. Alternatively, they could try to encrypt the entire blockchain if it’s possible to seize control of enough nodes.

*BEC cost victims over $2.7bn in 2022, according to the FBI.

23andMe Puts A Number To Them Being Pwned In October

Posted in Commentary with tags on December 5, 2023 by itnerd

Back in October of this year, 23andMe was pwned in a credential stuffing attack. Fast forward to today and it appears that 23andMe has put a number to the number of people affected by this attack:

On Friday, the California-based company said in a regulatory filing that the personal data of 0.1% of customers – or about 14,000 individuals – had been accessed by “threat actors”. But the filing warned that hackers were also able to access “a significant number of files containing profile information about other users’ ancestry”.

The company confirmed to TechCrunch on Saturday that because of an opt-in feature that allows DNA-related relatives to contact each other, the true number of people exposed was 6.9m – or just less than half of 23andMe’s 14 million reported customers.

Another group of about 1.4 million people who opted in to 23andMe’s DNA relatives feature also “had their family tree profile information accessed”, the company also acknowledged. That information includes names, relationship labels, birth year, self-reported location and other data.

23andMe said in a statement: “We were made aware that certain 23andMe customer profile information was compiled through access to individual 23andMe.com accounts.

“We believe that the threat actor may have then, in violation of our terms of service, accessed 23andme.com accounts without authorization and obtained information from those accounts.”

That is a non-trivial number of people who have had been affected by this. And I don’t exactly see, nor have I heard of any direct communication to users of this service. George McGregor, VP, Approov Mobile Security concurs with that:

   “This is starting to look like a good case-study in how to not handle a breach. It’s difficult at this point to be confident that no more bad news will be forthcoming. In addition, there has still (as of December 4th) been no direct communication to users. Let it be a lesson for others to ensure a solid data breach plan is in place!”

23andMe really needs to get its act together as from what I can see, they have failed their user base miserably. And given the scope and scale of this hack, they need to do better. Much better.

UPDATE: Ted Miracco, CEO, Approov Mobile Security adds this:

   “With data breaches, the compromise of DNA connections, family tree information, and genetic data exceeds the conventional threat posed by compromised credit cards and social security numbers. The depth of personal insight inherent in one’s familial relationships (& genetic blueprint!) amplifies the potential for profound and lasting damage. 

   “As it has been said, ‘great power comes with great responsibility’, and the alarming lack of transparency surrounding this breach heightens the implications for individuals and their privacy. The repercussions of this breach extend far beyond casting a shadow on the company’s reputation and raising questions among shareholders about the adequacy of security measures, as this problem will not be fixed with an apology and 12 months of credit monitoring services. We should expect the consequences of this breach will be far reaching, and hopefully lead to better accountability. ”

Fortra Launches Cloud Email Protection To Combat The Rise Of Advanced Threats 

Posted in Commentary with tags on December 5, 2023 by itnerd

Fortra today introduced a transformative advancement in email security with the launch of Cloud Email Protection. This integrated cloud email security (ICES) solution sets a new standard by seamlessly blending artificial intelligence, threat intelligence, and automated remediation to stop advanced threats that elude traditional defenses and make it through to corporate inboxes.   

In a landscape where legacy email security tools are not optimized for cloud environments and struggle to combat advanced threats, Cloud Email Protection emerges as the industry’s first cloud-native solution offering a comprehensive, flexible email security stack. This will include inline secure email gateway functionality, advanced threat detection, and post-delivery remediation – all unified within a single, robust platform.  

For more information about Fortra’s Cloud Email Protection, click here.

Wise survey reveals that Canadians continue to prioritize travel and remittances this holiday season despite financial uncertainty. 

Posted in Commentary on December 5, 2023 by itnerd

The holiday season is here and although inflation and ongoing economic uncertainty may have a significant impact on holiday budgets, a new survey conducted by Wise, a universal account enabling Canadians to send, spend or receive money internationally, found that two priorities remain; travel and remittances.  

Wise Holiday Travel Trends

  • Despite 55% of Canadians being concerned about finances this holiday season, travel remains top of mind with a quarter (25%) still prioritizing international vacations and more than one-in-ten (13%) Canadians saving to visit friends and family abroad.
    • 17% of Gen Z and younger millennials (18 to 34 years old) are planning to travel internationally this holiday season, despite 64% of them feeling concerned about finances.
  • More than half (59%) of those who typically travel abroad during the holidays cited inability to afford the trip being the reason holding them back from setting sights internationally this season.  
  • Among Canadians who are feeling the financial strain this holiday season, nearly a quarter (24%) claim their spending this year will shift more towards experiences (such as traveling) rather than physical goods.

Wise Remittances Trends

  • Among the Canadians who are feeling the financial strain this holiday season (55%), more than half of them (51%) are still planning to send remittances to loved ones this year though they will be lower than previous years.
  • Among Canadians who send remittances abroad, more than one-third (36%) say they will be sending less money as a result of the rising cost of living.
  • Gen Z and younger millennials are the groups more likely to send money to loved ones overseas, with 52% of them citing that compared to previous years, this year their remittances will be lower.
  • Canadian Gen Z’s and younger millennials are more likely to send money abroad to their loved ones, despite 64% of them feeling financial stress this holiday season.

Wise is a universal account to conveniently manage money internationally without hidden fees. With a Wise Account, you can send, spend and hold multiple currencies all in one convenient place.  The Wise Card, which operates just like a debit card, is connected to your Wise Account enabling you to hold 40+ currencies. It can be tapped or swiped anywhere credit cards or debit cards are accepted, supporting payments through Apple and Google Pay.  Whether you’re sending money to another country, spending money abroad, or making and receiving international business payments, Wise is on a mission to make your life easier and save you money, no matter the time of year.

The findings from this survey were conducted by Wise from November 16th to 19th, 2023 among a representative sample of 1,510 online Canadians who are members of the Angus Reid Forum. The survey was conducted in English and French.

New Disney+ Scam In Multi-Stage Email Attack Using Brand Impersonation & Personalized Attachments

Posted in Commentary with tags on December 5, 2023 by itnerd

Abnormal Security has published a novel Disney+ scam email that uses brand impersonation and personalization to send a convincing fake subscription charge notice. Mike Britton, the CISO of Abnormal Security, will demonstrate why this multi-stage attack is unique, what makes it challenging to detect, and how to stop impersonation attacks with AI.

The attachment is personalized and contains details about an upcoming bill, including the customer’s name, an invoice number, and the total amount to be paid in US dollars – a charge far more than the basic and premium Disney+ subscriptions combined. 

The threat actor incorporated Disney+ branding and colors while personalizing each email’s subject line and greeting the individual recipient with the target’s name in the PDF filename and within the content of the fake invoice, an unusual tactic due to the manual effort required to do this for each email.

You can read the report here.

VISO TRUST Integrates 2024 Shared Assessments (SIG) Questionnaire Into AI-Powered TPRM Cyber Risk Management Platform

Posted in Commentary with tags on December 5, 2023 by itnerd

VISO TRUST reaffirms its commitment to staying at the forefront of cybersecurity innovation by announcing the integration of the 2024 Shared Assessments Standardized Information Gathering (SIG) Questionnaire into its state-of-the-art platform.

The Shared Assessments SIG Questionnaire is renowned across industries for its role in standardizing third-party risk information. Not only does the VISO TRUST platform support the SIG, but it can also automatically populate the SIG from vendor artifacts and evidence, freeing risk professionals to focus on the more strategic aspects of their mission. With this new integration, VISO TRUST is equipping its users with tools to streamline and enhance their risk assessment processes – faster and with unprecedented accuracy. The integration underscores VISO TRUST’s dedication to delivering cutting-edge solutions that empower organizations to navigate the evolving cybersecurity landscape with confidence.

Developed with input from 300 CISOs, the VISO TRUST Platform is relied upon by many of the largest and most mature companies, contains more than 2.4 million companies in its vendor database, recognizes more than 25 security frameworks, and leverages hundreds of different types of source artifacts.

The Shared Assessments SIG Questionnaire is revered for its thorough coverage of risk areas, enabling organizations to conduct comprehensive assessments of third-party cybersecurity. With its integration into VISO TRUST’s AI-powered TPRM platform, users gain the advantage of a holistic perspective on vendor risk, allowing for informed decisions with unparalleled precision. VISO TRUST’s patented Artifact Intelligence not only supports the Shared Assessments framework but can also automatically complete SIG questionnaires using existing security program artifacts and evidence. Furthermore, it can enrich any completed SIG questionnaire to generate a comprehensive risk assessment without requiring user intervention.

VISO TRUST’s integration of the 2024 Shared Assessments SIG Questionnaire exemplifies the company’s ongoing commitment to setting industry standards through the application of AI and adherence to best practices. This milestone further solidifies VISO TRUST’s position as an AI innovative leader in the TPRM arena and the frontrunner in cyber risk management.

For more information about VISO TRUST and its AI-powered TPRM platform, please visit www.visotrust.ai.

Aptum Partners with Bridgepointe Technologies

Posted in Commentary with tags on December 5, 2023 by itnerd

 Aptum, a global cloud solutions provider specializing in technology consulting and managed services, today announced a new strategic partnership with Bridgepointe Technologies, a tech advisory firm helping mid-market and enterprise companies to evaluate, implement and manage technology investments. 

Through this new agreement, Bridgepointe can now offer Aptum’s comprehensive cloud solutions to its global client base. These solutions include the following: 

  • Advisory & Consulting Services: Expert IT project management services to ensure initiatives are delivered on time and on budget while reducing the management burden on an organization’s team.
  • Private Cloud Managed Services and Public Cloud Managed Services: Aptum offers an end-to-end view of cloud solutions, enabling customers to build their cloud as they wish, optimizing for business results. Platform choices factor in connectivity, security, cost and ongoing management resources. 
  • Application Modernization & DevOps: From managed DevOps, educational workshops, cloud and application assessments, to providing professional services, Aptum’s experts help customers reimagine and build for cloud success. 

Bridgepointe’s customers are supported by a world-class team of Tech Strategists and highly experienced engineering, procurement, implementation, CX consultants and expense management professionals. 

The agreement is effective immediately, with Aptum solutions now available to Bridgepointe customers and prospects in the U.S., Canada, the UK and around the world.