Archive for August 13, 2020

Canadian Construction Activity Dropped 41% From March to April And Is Now Recovering: Construction Activity Index

Posted in Commentary with tags on August 13, 2020 by itnerd

New data shows how the COVID-19 pandemic has affected construction activity in Alberta, British Columbia and Ontario, with worker hours dropping in March and recovering in late spring and the summer. The Construction Activity Index is an effort by Procore to support the construction industry through the current pandemic by providing insights from construction activity data within the Procore platform. The index tracks weekly changes in worker hours from a baseline the week of March 16 through the week of July 27, 2020. 

Across the provinces for which data is available, worker hours dropped through March to a low of 41 per cent below baseline the week of April 6. All the provinces were all above the baseline as of the week of July 27. 

The provinces have had different COVID-19 caseloads, timelines and policies, including protocols addressing construction activity. Insights from data within Procore indicate that Ontario saw the sharpest decline, dropping 57 per cent below the baseline the week of April 6. Worker hours in Ontario then climbed before levelling off in June. Alberta’s decline was not as dramatic as seen in Ontario, but lasted longer, with construction activity dropping below the baseline in 12 of the 19 weeks covered in the data. In contrast, British Columbia has seen worker hours remain above the baseline except for a drop of seven per cent the week of April 6. 

Provincial and federal data is available for download here:

Results are available for Alberta, British Columbia and Ontario. The data and charts are for public use. Procore previously shared similar data on how the U.S. construction industry has been affected in a separate report:

Procore Technologies, Inc. has offices in Toronto and Vancouver, and provides construction management software to construction companies of all sizes across Canada.

Dell’s Back To School Must Haves And Guidance To Support Guardians & Families

Posted in Commentary with tags on August 13, 2020 by itnerd

With parents and children gearing up for a different learning experience virtually and in classrooms this year, having the right tech that suits one’s needs and budgets, has never been more relevant!

Below are some back-to-school must haves from Dell, to help students succeed in the new school year:

  • NEW XPS 13: Students demand both versatility and mobility in a laptop they can be proud to show off. This device can tackle school projects, edit photos and videos, stream 4k content without buffering, and enable videoconferencing with classmates and family. The ultramobile XPS 13 also effortlessly fits in your backpack, tote or purse. Starts at CAD $1,449.99.
  • NEW Inspiron 14 5000 2-in-1: Open browsers and apps quickly, and swipe through reading assignments with ease on this 14” 2-in-1 touchscreen laptop. The screen size is great for students who are also looking for a little extra viewing space for video chatting with friends and watching Disney+ and Netflix once homework is complete. Starts at CAD $699.99.
  • UltraSharp 25 USB-C Monitor (U2520D): Get the extra screen space to tackle school projects with the UltraSharp 25-inch monitor. It nestles perfectly with a compact base wherever your desk setup may be. With a wide colour coverage, images are displayed in true-to-life colour on this QHD monitor with VESA DisplayHDRTM 400, making it perfect for all your creative tasks or for consuming all forms of digital entertainment. Starts at CAD $464.29.

Additionally, Dell has created a guidance document to support guardians and families as they help students navigate extended school closures, by focusing on supporting social and emotional learning. I had a look at this and it is pretty comprehensive.

Silent Eight Extends On-Demand AI Solution

Posted in Commentary with tags on August 13, 2020 by itnerd

Silent Eight announced today that it will offer its powerful artificial intelligence (AI) solution for name, entity, and transaction alert adjudication on-demand, through the remainder of 2020. The decision comes in the wake of the current and ongoing pandemic, which has placed significant constraints and challenges on banks and financial institutions (FIs). These most notably include increasing and burdensome alert backlogs and unprecedented levels of cybercrime. The pandemic has also impacted the ability of both government and private sector institutions to meet their anti-money laundering and counter-terrorist financing (AML/CFT) obligations.

Silent Eight’s AI has historically been installed on-premise for Tier 1 institutions to solve name, entity, and transaction alerts. Now the solution will be widely accessible to a broader market, and across more sectors, as a means of providing immediate and ongoing backlog relief, without requiring a long term commitment. 

The custom AI is configurable in as few as two (2) weeks via cloud deployment and offers a new way for banks and FIs to solve alerts in a scalable and agile manner in real time, regardless of external conditions such as COVID-19.

The on-demand AI is available immediately. Clients pay only for alerts solved, with no minimum volume commitment.

Features and benefits of the AI include:

  • Fully customized; learns from your institutional processes and behavior
  • Military-grade encryption
  • Deployable in as few as 2 weeks
  • No limit on geographies, or hits per alert
  • Covers any type of alert: Adverse Media, PEP, Sanctions, Customer Due Diligence

To learn more, visit

Intuit QuickBooks Canada Joins Digital Main Street To Get Canadian Businesses Online

Posted in Commentary with tags on August 13, 2020 by itnerd

Intuit Canada today joins Digital Main Street in their mission to help facilitate getting 50,000 Canadian small businesses online over the next year through the development of e-commerce storefronts. Intuit Canada will also help Digital Main Street advance their online web platform and will enable small businesses to receive direct 1-on-1 support through consultation meetings and online webinar training sessions. 

According to a July 2020 survey done by the Canadian Federation of Independent Business (CFIB), just over half (57 per cent) of small businesses are fully open and around half (53 per cent) think it will take more than six months to get back to normal profitability. In Ontario, the government stated that around 40 per cent of small enterprises in the province do not have a website. By adopting and optimizing an online presence, small businesses may be able to avoid permanent closures and continue to reach and sell to customers. 

Over the next year, this new collaboration will support Digital Main Street initiatives across Canada in the following ways: 

  • By increasing the capacity of Digital Main Street programming, including supporting advanced development of the online web platform, which is a hub for small businesses to receive on-demand training.
  • By supporting the continued growth of the ShopHERE program powered by Google Canada, to help get 50,000 businesses online this year through the development of e-commerce storefronts.
  • By increasing the capacity of the Digital Service Squad, enabling SMBs to receive direct 1-on-1 support through consultation meetings and online webinar training sessions.

To learn more about Digital Main Street and the programs and learning opportunities available to main street business owners, visit 

Guest Post: Novel Malicious Software Discovered By ESET Continues To Grow The MITRE ATT&CKTM Knowledge base

Posted in Commentary with tags on August 13, 2020 by itnerd

Since going public in 2015, the MITRE ATT&CKTM knowledge base has witnessed a boon of contributions from the cybersecurity community. ATT&CK collates this information to provide a common language and structured intelligence on adversary behaviors across multiple threat groups. ESET’s most recent contributions comprise four entries in the Software and one extension in the Groups categories of ATT&CK.


1. Attor (S0438)

Attor is a previously unreported cyberespionage platform used in targeted attacks since at least 2013 against diplomatic missions and governmental institutions located mainly in Russia. Attor’s architecture consists of a dispatcher and loadable plugins.

ESET discovered and named the malware based on two notable features of its plugins: the Device monitor plugin’s capability of using AT commands to fingerprint GSM devices and the Tor client plugin’s use of Tor for command and control communication and exfiltration.

Attor’s functionality maps to 32 ATT&CK Enterprise techniques and 18 sub-techniques.

2. Okrum (S0439)

Okrum is a previously unknown backdoor that ESET first detected in late 2016 in attacks against diplomatic missions in Slovakia, Belgium, Chile, Guatemala and Brazil. The malicious actors behind Okrum employed several tactics to remain undetected, such as embedding the malicious payload within a legitimate PNG image, employing several anti-emulation and anti-sandbox tricks, and making frequent changes in implementation.

ESET discovered the Okrum backdoor delivering a Ketrican sample linking it back to the work of the Ke3chang (APT15) group. The Okrum entry comprises 28 ATT&CK Enterprise techniques and 24 sub-techniques.

3. ComRAT (S0126)

ComRAT, a favorite backdoor used by the Turla threat group since at least 2007, was discovered by ESET in its latest version (version four) released in 2017 targeting two ministries of foreign affairs and a national parliament. The operators were using the backdoor to discover, steal and exfiltrate confidential documents.

ESET researchers found 16 ATT&CK Enterprise techniques and 11 sub-techniques deployed. 

4. DEFENSOR ID (S0479)

DEFENSOR ID is an Android banking trojan that unleashes its fury when users grant permission to activate accessibility services. The app is packed with a host of malicious features, including stealing login credentials, SMS and email messages, displayed cryptocurrency private keys, and software-generated multifactor authentication codes; clearing bank accounts and cryptocurrency wallets; and taking over email and social media accounts.

DEFENSOR ID’s functionality maps to 6 ATT&CK Mobile techniques.


1. Turla (G0010)

ESET researchers identified several links between ComRAT v4 and the Turla threat group. Version four of the backdoor uses the internal name “Chinch” as in previous versions, uses the same custom command and control protocol over HTTP as ComRAT v3, shares part of its network infrastructure with Mosquito (another backdoor used by Turla), and was seen either dropped by or dropping other Turla malware families.

By linking ComRAT v4 to Turla, ESET provided extensions of 13 ATT&CK Enterprise techniques and 6 sub-techniques of the Turla group.

MITRE ATT&CK evaluations: Simulating the Carbanak/FIN7 APT group

MITRE ATT&CK is also notable for its evaluations. Running in its third round, the evaluations use simulated attacks to test the prevention and detection capabilities of security products against the techniques employed by high-profile adversaries. ESET and MITRE ATT&CK teams will be engaging in red and blue team activities putting ESET to the test against the techniques of the Carbanak/FIN7 APT group.

FIN7 is infamous for creating a front company called Combi Security that hired black hat recruits under the guise of various cybersecurity roles, such as penetration tester. The U.S. Department of Justice has arrested and charged four members of the group to date. ESET discovered Carbanak malware targeting point of sale systems for credit card data at a casino. Carbanak is known for targeting the finance and retail industries, including banks, forex trading companies, casinos, hotels and restaurants.

How does ATT&CK benefit ESET?

As of August 2020, the number of ESET contributions to MITRE ATT&CK has continued to grow, with ESET being one of the top referenced and engaged vendors directly involved in refinement and population of the MITRE ATT&CK knowledge base. ESET’s engagement with ATT&CK continues to inform product R&D, malware research practice and its ongoing cybersecurity awareness work. These ongoing contributions also help provide additional possibilities to transfer knowledge to that close-knit community.

More details on ESET’s work with MITRE ATT&CK can be found here:

1. Collective Security: ESET improves cyber armor with MITRE ATT&CK(TM) knowledge base

2. Advancing enterprise threat hunting with the MITRE ATT&CK™ knowledge base

3. Malware Researcher + Threat Analyst: two perspectives on the MITRE ATT&CK™ knowledge base