HCL Technologies Expands Reach In Canada With New Engineering & R&D Centre

Posted in Commentary with tags on January 27, 2022 by itnerd

HCL Technologies (HCL), a leading global technology company, has opened its Innovation Center focused on Engineering and R&D services in Edmonton, Alberta. Bringing together an ecosystem of partners from academia, government institutions, startups and technology providers, HCL’s Innovation Center will serve as a hub for HCL Engineering teams to co-innovate with customers and solve complex business problems for clients globally. 

The Edmonton Center will house an engineering and co-innovation lab, which will enable high tech and software clients, including Fortune 100 leaders, to not only envision their products, but also to see rapid product prototyping, collaborative research and continuous learning to create faster time to market. Clients can leverage the Center to create new product designs while collaborating on go-to-market solutions. The Edmonton team will be engaged in product engineering, platform engineering, operational technology services and next-generation engineering, research and development. 

As part of its expansion, HCL Technologies will hire college graduates from local educational institutions including The University of Alberta, MacEwan University, NAIT, SAIT and others. 

In addition to the Edmonton Center, HCL Technologies’ continued success in Canada is driven by the support of Global Delivery Centers in Mississauga, Ontario, and Moncton, New Brunswick. 

For more details on employment opportunities at HCL Technologies, please visit www.hcltech.com/careers.

Chaes Banking Trojan Grabs Sensitive Details Via 800 Compromised WordPress Sites

Posted in Commentary with tags on January 27, 2022 by itnerd

First documented by Cybereason in November 2020, a banking trojan dubbed Chaes which is an info-stealing malware is delivered via a sophisticated infection chain that’s engineered to harvest sensitive consumer information, including login credentials, credit card numbers, and other financial information. It has compromised over 800 WordPress websites and it’s targeting Brazilian customers of Banco do Brasil, Loja Integrada, Mercado Bitcoin, Mercado Livre and Mercado Pago. And uses a fake version of Chrome to do its evil work.

Eddy Bobritsky, CEO of Minerva Labs provided this comment:

Browser based attacks are one of the most common vectors used by adversaries to gain control of an internal system on a target network.

Attackers usually exploit known and unknown (zero-day) vulnerabilities in browser applications, either by running malicious ads on unsuspecting websites, or injected browser extension.

This has become such a widespread issue, that most endpoint security vendors now offer browser isolation features to protect from these types of attacks.

Saryu Nayyar, CEO and Founder, Gurucul added her thoughts:

“This is a multi-stage browser-based attack that is focused on harvesting user credentials, primarily targeting banking customers accounts. While consumers need to be vigilant and cautious before clicking on any unusual links at these compromised sites, banking institutions can also help their customers by implementing solutions that identify suspicious logins and unusual transactions. Behavior based fraud analytics that baselines user activity and monitors for unusual transactions are a critical solution that must be part of a layered security program within financial institutions.”

Given the scope of this threat, the only real mitigation is just to be super careful in terms of what you click on. That’s true in the best of times, but it’s really important in light of this threat.

Another Day…. Another Email #Scam…. This Time The Targets Are Customers Of Shaw

Posted in Commentary with tags on January 27, 2022 by itnerd

Today’s scam alert revolves around an email that you might get that claims to be from Shaw:

Now, let’s ignore the fact that I am not a Shaw customer for a second. Which should be the first sign that this is a scam. And let’s ignore that this was sent directly to me, which makes it a targeted scam that concerns me a bit. And finally let’s ignore that the last sentence is grammatically incorrect (“please make payment immediately”) the big hint that this is a scam is this:

When I hover my mouse over one of the links, it comes back with this. Which could be a redirect to a website to steal your credit card details, or a means to download malware of some sort. I don’t know and I don’t care as I am not going to click it to find out. The bottom line is that it is not https://signin.shaw.ca which is Shaw’s account page. So this is a scam. Guaranteed. That means that if you get one of these emails, your best route is to delete it and move on with your life. Oh yeah, don’t click on any links either.

I will be alerting Shaw to this just in case they are not aware of this scam and hopefully they will get the word out to their customer base as they are clearly being used to scam the unsuspecting.

UPDATE: There’s one other sign that this is a scam:

This is the email address that the email came from. That’s not Shaw. Thus it’s a big red flag that should tell you that this is a scam.

UPDATE #2: Shaw replied to this rather quickly with some good advice and a request. First the advice:

Hey there. Thanks for taking the time out to share this with us. Please do not click the link or reply to the email. Shaw will never request for you to confirm your personal information unsolicitied by email. We are aware of a recent influx of phishing emails and appreciate you letting us know. Of course Shaw will never request account or personal details via email.

They also requested that I send the email and the headers to their Internet Abuse department. Hopefully they can use that info to do something about this scam.

Darktrace Extends Autonomous Response To Enforce Normal Behavior On Endpoints

Posted in Commentary with tags on January 27, 2022 by itnerd

Darktrace today announced that its Autonomous Response technology now takes action on the endpoint – rounding out the Darktrace Antigena product family, which already includes coverage for SaaS applications, cloud, email, network, and Operational Technology (OT).

Endpoints have moved farther outside traditional infrastructure and have started housing even more sensitive data. As a result, CISOs and security professionals have been left grappling with the complexities of protecting their organizations and dynamic workers in the wake of flexible work arrangements and the dawn of the ‘Great Resignation’.

A novel approach to this challenge could be to augment security teams with AI that learns on the job how this flexible, dynamic workforce is working. Irregularity of endpoint activity can be continuously re-evaluated, and subtle, indiscernible actions can be taken that allow productive work to continue while stopping only threatening activity.

Antigena Endpoint does just that. It detects anomalous activity and intelligently makes micro-decisions based on unusual activity, such as out-of-the-ordinary initial file downloads and data exfiltration attempts, command and control traffic or lateral movement that might represent a cyber-threat. It uses various techniques to interrupt attacks on Mac, Windows, and Linux devices, including data leaks, ransomware and insider threats.

Contextual awareness gained from other parts of the digital estate is also beneficial in stopping endpoint attacks. For example, in the case of Antigena Email and Antigena Endpoint deployed together, the precision of response is enhanced by the more nuanced understanding of new and expected senders across all endpoint and email activity. A brand-new sender soliciting an employee into making a bank transaction on its own might warrant action. But, with the added information that the website has no prior relevancy to the organization, the increased context would solidify the case and alter the system’s response.

Darktrace a global leader in cyber security AI, delivers world-class technology that protects over 6,500 customers worldwide from advanced threats, including ransomware and cloud and SaaS attacks. Darktrace’s fundamentally different approach applies Self-Learning AI to enable machines to understand the business in order to autonomously defend it. Headquartered in Cambridge, UK, the company has 1,700 employees and over 30 offices worldwide. Darktrace was named one of TIME magazine’s ‘Most Influential Companies’ for 2021.

Spotify May Regret The Stance That They’ve Taken When It Comes To Joe Rogan

Posted in Commentary with tags on January 27, 2022 by itnerd

Last night news filtered out that Neil Young who had been demanding that either Spotify remove his catalog of music from the platform, or remove Joe Rogan from the platform because Young would not be on a platform with an anti-vaxxer like Rogan came to a head. In short, Spotify removed Young’s music. Effectively siding with Joe Rogan.

This triggered a backlash against Spotify. Here’s some examples on Twitter:

Of course there are those on the other side of the argument as well:

Frankly, I’m not surprised that things went down like this. Spotify paid something in the neighbourhood of $100 million USD for the Joe Rogan Experience podcast. So the chances that Spotify was going dump this podcast were between slim and none with slim packing their bags to leave town.

Now I spent a lot of time trolling Twitter last night and this morning, and I found way more Tweets against this move to remove Young’s music rather than for it. In other words, a lot more people on Twitter appear to support Neil Young. And they also appear to be against vaccine mis-information. Now is that due to the fact that these people are more vocal on Twitter? Maybe. Twitter while being a good source to get a pulse about what people think about a situation is hardly the definitive source of what people think. But I really think that Spotify has this wrong and they’ve picked the wrong side of this argument. Starting with this comment which was part of their statement when they pulled Neil Young’s catalog yesterday:

“We have detailed content policies in place and we’ve removed over 20,000 podcast episodes related to Covid since the start of the pandemic.

So they’ve removed podcasts related to COVID? I have to assume that they mean podcasts that have mis-information related to COVID because it isn’t clear from that sentence. But interestingly, they didn’t remove Joe Rogan’s podcast which is known to have COVID mis-information. Likely because they did pay about $100 Million USD for it, along with the listeners who come with it. From a PR perspective, the optics of that statement suck because it suggests that Rogan gets a free pass due to the value that his podcast brings to Spotify. Which doesn’t surprise me. But it does send one clear message to Spotify subscribers. Which is if you don’t like the fact that they’ve sided with Joe Rogan, cancel your subscription. And that appears to be happening based on what I see on Twitter. On what scale that cancellations are happening I don’t know, but I am guessing that we’ll find out the next time that Spotify reports their numbers.

The thing is that this situation is causing people to dump Spotify and try Tidal, Apple Music, and other streaming services. And they may not come back to Spotify if they like the service that they switched to. Which of course is great for those other services. But it’s bad for Spotify. What makes it worse for Spotify is that one of those companies that I mentioned above is a three trillion dollar company who buys other companies using the loose change in Tim Cook’s sofa. In other words, if Apple who is a company who isn’t afraid to take a stand decides to take a shot at Spotify, it might not end well for Spotify as Apple has way deeper pockets than Spotify and they may sense that Spotify is vulnerable at the moment. Which means that it’s the perfect time for Apple to try and take the kill shot. And then there’s the possibility that a Taylor Swift or an Adele decides to follow Neil Young’s lead and takes their fan base off of Spotify. Can Spotify afford to take that hit?

At this point Spotify needs to do a rethink of this and find a way to exit this situation gracefully. I say that because this has the potential to become a train wreck for Spotify. If it hasn’t already.

This will be fun to watch.

UPDATE: Well this isn’t going well for Spotify. This has happened since I wrote this article:

In case you haven’t seen or heard of this guy before, Tedros Adhanom Ghebreyesus runs the World Health Organization. And he’s clearly picked a side in this argument. And it’s not Spotify’s side. And he’s not the only doctor to call out Spotify. Earlier this month hundreds of doctors and health care professionals in the U.S wrote an open letter to Spotify about the misinformation being shared on the podcast, according to Rolling Stone.

Spotify is really going to regret being on the wrong side of this. I am calling it now.

Introducing the 2022 Canadian creators of #YouTubeBlack Voices Fund

Posted in Commentary with tags on January 27, 2022 by itnerd

 In 2020, YouTube announced the #YouTubeBlack Voices Fund, which was created to directly support Black creators and artists so that they can thrive on YouTube. Today, they’re announcing their 2022 #YouTubeBlack Voices creator grantees, which include five exceptional Canadian creators.

Over the next year, YouTube will work closely with these creators, offering dedicated partner support, seed funding to develop their channels, and participation in an intensive development program that will cover production, community engagement and wellbeing.

This year’s Canadian creators represent diverse content found on YouTube, from beauty tips with Tosin Ayeronwi (BGT), Caribbean cooking with Chris De La Rosa (CaribbeanPot) and financial advice from Reni Odetoyinbo (xoReni). These creators are offering resources in spaces where representation is so important, and they recognize the impact their voices can have on the Black community.    

Meet the Canadian creators in this year’s #YouTubeBlack Voices class:

  • Mane Yousuf(852K subs, 83M views) Mane Yousuf is entertaining the masses with laughter and good vibes. By mixing spontaneous interactions with viral songs, Mane has created several shows that showcase his passion, and highlight his personality. With access to YouTube, he’s now broadcasting from Calgary to the globe and sharing his humor with the world. 
  • CaribbeanPot(795K subs, 90M views) Chris De La Rosa’s love of Caribbean cooking has taken him from a small village in Trinidad and Tobago to millions of kitchens around the world. His website CaribbeanPot.com. launched in 2009 as a place for the self-taught chef to document family recipes for his daughters and share his favorite dishes. Now, he has a strong community on YouTube cooking to master his recipes.  
  • BGT(21K subs, 622K views) As Tosin navigates adulthood, her career, and finding her passion, she’s taking her subscribers along for the ride. She launched her channel in 2019, and makes sketches with friends along with fitness content, self-growth vlogs and beauty tips.  
  • xoReni(10.9K subs, 810K views) After buying her first house at the age of 23, Reni saw an opportunity to help more people understand “adulting”. She launched her YouTube channel to become a resource for viewers, and support with career development, financial literacy, and lifestyle content. Her goal? Make complex topics simple.
  • Nora G’s Nook(51K subs, 2M views) Nora G. is a Waterloo-based creator that describes herself as versatile and multifaceted. With an array of passions, she knew she needed a creative outlet to express herself. So Nora G’s Nook was born, where Nora shares everything from interior design to DIYs, fun recipes and fitness tips, and what she calls RTTJMS (Random Things That Just Make Sense!). With every video, she aims to educate, entertain and enlighten. 

You can also see the full talent roster in this video.

Guest Post: Keeping it Private: How to Protect Your Data from Privacy Breaches

Posted in Commentary with tags on January 27, 2022 by itnerd

By Jeff Crum, Commvault

Data privacy has always been a hot topic but in today’s world of data sprawl, data security threats, and increasing data regulations, the stakes have never been higher.

Bad actors, human error, ransomware, and other security threats pose risks to data every minute of every day. Plus a more stringent regulatory environment is forcing organizations to enforce compliance – or risk fines. And as data increases in volume and sprawls across applications and storage, these efforts become increasingly complicated.

Let’s take a look at some key principles of data privacy:

  • Protection & Recovery: One important area in ensuring data privacy is making sure that your data is protected. This includes the ability to recover data in the event of accidental deletion – and in the case of a malware or ransomware attack. Making sure you can recover your data in these scenarios mitigates the impact of some of these worst-case scenarios.
  • Access & Prioritization: Once you have a protection mechanism deployed, ensuring that sensitive data and personally identifiable information (PII) is locked down tight is an important safeguard you can put into place. Prioritizing the protection of sensitive data, including PII, using technology such as AI/ML, reduces the risk of exposure. Additionally automation helps take the risk of human error out of the equation. Automation can also extend to detecting anomalous data access, raising the red flag so that you can step in and protect key data before it is compromised.
  • Compliance & Governance: Together, all of the actions above can appropriately address compliance with key data regulations and help define your overall data governance regime, taking global scope and regional nuances into account. Read about how South Tyrol Civil Protection Agency overcame their challenges with GDPR compliance here.

This may sound simple but getting data privacy right can be incredibly complex. Let’s talk about some things you can do to make ensuring data privacy easier.

  • Manage data sprawl. Data growth and an increasing number of data sources and repositories continue to challenge enterprise data management, with no end in sight. But there are some things you can do to mitigate this, including  looking at the number of tools that you’re using to manage data across your environment, breaking down data silos in the process. This blog by Commvault’s Don Foster goes into further detail about what data sprawl is and how to help solve for it.
  • Take a comprehensive approach to data management. The principles mentioned above require a number of different data management capabilities – including data protection, data security, data compliance and more, which make use of advanced techniques with AI/ML as well. Look for data management platforms and solutions that provide deep capabilities in  these areas.
  • Simplify your environment. Let’s face it—most companies have many, many vendors, some of which do the same or similar things, and all of which have access to your data. By scaling back the number of trusted vendors and streamlining deployments, you can capture efficiencies and mitigate risk. By introducing a single data management platform, you can simplify the user experience and reduce errors related to data privacy, and help allow your data to work for you instead of against you.

Data privacy is a deep and complex topic, but at Commvault, we can help you crack the code. For more information, visit www.commvault.com/data-compliance.

Almost 25% Of Organizations Still Not Adhering To Security Compliance Mandates: IBM i Marketplace Survey

Posted in Commentary with tags on January 27, 2022 by itnerd

HelpSystems, a cybersecurity and automation software company, today announced the findings from its eighth annual IBM i Marketplace Survey. The survey provides a close look at how organizations use the IBM i platform and the IT initiatives it supports. It reveals the trends shaping and driving the market and provides insight into what the future may bring for this technology.

Key Findings

  • In addition to cybersecurity, other top concerns include high availability/disaster recovery (59%) and modernizing applications (56%).
  • 24% of respondents do not adhere to any compliance mandates.
    • The biggest increase is those adhering to HIPAA regulations (21%).
  • Remote operations brought new challenges including security concerns with remote access (46%) and supporting employees working from home (42%).
    • Many organizations are making changes to better support remote operations such as automating manual processes (38%), leveraging IBM i Access Client Solutions (34%), and implementing layered security around VPN access (32%).  
  • RPG usage has soared to 93%.
  • 73% of respondents are considering upgrading to Power10.
  • A new finding this year was a 33% increase in IT and business automation.

Aside from year-over-year trends and data points, the report findings also answer the following questions: 

  • Are more organizations adopting IBM i in the cloud? 
  • Are shops expanding their IBM i usage? 
  • How does IBM i’s ROI compare to other servers?
  • Are IBM i customers staying current on the latest OS levels?

Methodology and Demographics

This survey represents the viewpoints of IBM i professionals from around the globe across multiple industries and regions. This diverse sampling spans variability in budgets, company size, server size, operating system versions, and experience levels to give a representative and diverse look at the worldwide IBM i market. Manufacturing reclaimed the top seat as the main industry of our respondents this year, with an increase of four points to 18%. 

This year saw a trend upward in responses from smaller organizations (less than 500 employees). 50% of respondents work for an organization with fewer than 499 employees, an increase of 4 points from the previous year. This correlates with smaller manufacturers running IBM i. In terms of the job titles of respondents, they largely remained the same with small, 2-point increases from administrators and director/VP titles. 

To learn more about how IBM i shops are using the platform and what the future of IBM i looks like, sign up for the accompanying webinar, taking place today at 10AM EST: https://www.helpsystems.com/resources/webinars/2022-ibm-i-marketplace-survey-results-revealed.

To access the complete 2022 IBM i Marketplace Survey results, visit: https://www.helpsystems.com/resources/guides/ibm-i-marketplace-survey-results

New Research Shows That The Antivirus Software Market Has Declined Along With An Outlook for 2022

Posted in Commentary with tags on January 27, 2022 by itnerd

The nearly $2 billion antivirus market slowed over the past year as faith in software effectiveness dropped, as did overall usage. First-time subscribers fell by half.

Still, more than three-quarters of American adults (77 percent) currently use antivirus software, and of those, 24 percent also have it on their phones.

These vacillating indicators, per a new report on personal antivirus software usage, and outlook for 2022, by Security.org, reflect a year of bold promises from Apple’s XProtect and Microsoft’s Windows Defender, amid a continued rise in ransomware and identity theft. 

Other findings include:

  • Approximately 30.5 million households have free antivirus protection on their computers, and 49.8 million currently pay for their software (of the latter, more than 50 percent rely on McAfee or Norton programs)
  • Windows and Mac users were similarly affected by viruses in the previous 12 months (10.3 percent of Windows clients compared to 8.3 percent of Apple’s)
  • Paid users were 17 percent less likely to experience breakthrough viruses or malware in the past 12 months
  • Thirty-six percent of paid users said their antivirus software was “very effective” compared to 24 percent of free users
  • Nearly 40 percent of people without antivirus software are open to installing it on their devices in the next six months (up from 25 percent in January 2021). Sixteen percent said antivirus protection that included VPNs would be most appealing

The report can be viewed here:

White House OMB Announces “Zero Trust” Strategy

Posted in Commentary with tags , on January 26, 2022 by itnerd

That White House’s Office of Management and Budget (OMB) has released a Federal strategy today to move the U.S. Government toward a “zero trust” approach to cybersecurity. This report has more digestible details. But here’s the key point:

The U.S will adopt a “zero trust” approach, meaning the federal government will assume no actor, system, network, or service operating outside or within the security is trusted, according to a memo from the acting director of the Office of Management and Budget, Shalanda Young.

In a statement, the White House said that the “growing threat of sophisticated cyber attacks has underscored that the Federal Government can no longer depend on conventional perimeter-based defenses to protect critical systems and data.”

Anurag Gurtu, CPO, StrikeReady had this to say:

“As part of any digital transformation, Zero Trust networks should be a key initiative that focuses on securing resources (data, identities, and services), rather than securing physical networks.

By focusing on tailored controls around sensitive data stores, applications, systems, and networks, the Zero Trust model shifts the focus away from varying types of authentication and access controls.

The Zero Trust initiative should be supported by other key initiatives such as modernizing the security operations as well as uniting and empowering cyberdefenders. Without one of these, an organization’s security will be shaky at best.”

I like the fact that The White House is putting their influence behind this. That will hopefully encourage companies to do the same thing.

UPDATE: I have additional commentary from Lucas Budman, CEO, TruU:

“Securing only endpoints, firewalls, and networks provide little protection against identity and credential-based threats. Users should be authenticated continuously, from the time they try to login to the moment they log out. Until organizations start implementing identity-centric security measures, account compromise attacks will continue to provide a perfect camouflage for data breaches. The initial step in any successful Zero Trust strategy should focus on granting access by verifying the person requesting access, understanding the context of the request, and determining the risk of the access environment. This never trust, always verify, enforce least privilege approach provides the greatest security for organizations.

It’s also important in a Zero Trust construct to recognize that devices that access data (laptops, desktops, mobile devices) have identities, as well. You have to understand the device’s posture when accessing the network in order to provide proper device level authentication and authorization. If the user only has access to non-sensitive or public information, the enterprise may not care that their device might have malware; however, if the user is trying to access sensitive financial or customer data, access should only be given to those devices that are managed, trusted and protected. In any case, simultaneous device risk data and identity authentication allow customers to implement policies that respond to potential threats as they happen by stepping up identity verification on compromised endpoints and limiting access to high-value assets associated with those endpoints.”