Archive for February 22, 2021

NurseryCam Pwned After Security Shortcomings Reported To The Register

Posted in Commentary with tags on February 22, 2021 by itnerd

This is a bit complicated so hang with me in a bit.

Daycare camera product NurseryCam was apparently hacked late last week. The BBC reported the news on the weekend and the company has shut the service down to lock it down. But here’s where things get interesting. The company was contacted by a security researcher who discovered flaws in the service. And according to The Register….. :

El Reg reported on the company’s security shortcomings last week after its inappropriate attempts to strongarm an infosec researcher into deleting a Twitter thread detailing vulnerabilities in its FootfallCam product.

When companies do that sort of thing, it never ends well. This incident was no exception:

A hacker contacted El Reg on Friday to say they had obtained real names, usernames, what appeared to be SHA-1 hashed passwords, and email addresses for 12,000 NurseryCam users’ accounts – and had then dumped them online.

Although this person claimed to have “redacted” those details, the redaction was so poor it was trivial to figure out the real names and contact details of NurseryCam’s parent users. El Reg, together with IoT security expert Andrew Tierney, verified that the credentials were genuine before notifying NurseryCam of the breach. The company began emailing parents the following day after taking its cameras offline.

This is likely now under investigation by the Information Commissioner’s Office and this might not end well for the company behinds this service. Especially since warnings about the lax security of this service have been floating around for years. It sucks to be the company behind this product.

Your Guide to the Rainbow Six Esports Season 2021

Posted in Commentary with tags on February 22, 2021 by itnerd

It’s time to leave the 2020 season in the dust and look towards an exciting fresh 2021 season of Rainbow Six Siege in Canada! With the Six Invitational and the 2021 NA League season on the horizon, it’s time to start blocking time off in your calendar to watch the action.

AN UPDATE ON THE SIX INVITATIONAL 2021 & THE MAY 2021 SIX MAJOR:

The Six Invitational 2021 will happen in May 2021. It will replace the Season 2021 Six Major of May. The 20 teams currently qualified for the Six Invitational will retain their slot and the prize money of the event will remain unchanged, with a prize pool cap set at USD $3,000,000.

NORTH AMERICAN LEAGUE 2021

With the merger of the US and Canada Divisions, 10 teams will be joining for the 2021 Season of the North American League. The 2021 Season will be broken down into 3 Stages and will be played offline at The Esports Arena in Las Vegas, Nevada. The health and wellbeing of our pro players, partners and staff is the main priority, which is why, throughout the season, work will be done to ensure the set up and respect of strict sanitary measures.

Where to watch:

English: Twitch.tv/Rainbow6

English: Twitch.tv/R6EsportsNA

Information on other regions can be found here.

Traeger Grills Expands Digital footprint With Grilling Industry’s First Apple Watch Control

Posted in Commentary with tags on February 22, 2021 by itnerd

Traeger Grills, the innovators behind the original wood-pellet grill, today launched its new Apple Watch app. A first-of-its-kind offering for the grilling industry, Traeger’s new Apple Watch app provides users with WiFIRE® compatible grills the ability to monitor and control their cooks anywhere, anytime from their wrist.

Following the relaunch of its immersive mobile app for Android and Apple last March, Traeger is now  expanding the possibilities of mobile connectivity between cook and grill with the Apple Watch app. Paired with the Traeger mobile phone app, the new Apple Watch app offers a handful of features built to help monitor meals and grill status. Features of the new Apple Watch App include:

Grill Temp – Users can monitor and control their grill temperature in real time and make adjustments from anywhere, be it from the kitchen or the ski slopes.

Probe Temp – Cooks can set a desired internal temperature and monitor their progress without ever lifting the lid.

Keep Warm Mode – Once the recipe on the grill is complete, but the rest of the dishes in the kitchen needs some additional prep, users can set their grill to “Keep Warm Mode” to reduce the grill temperature to XX degrees and ensure the food is ready when you are.

Timer – Alerts notify the cook when its ready to sauce, check, or pull your food.

Pellet Level – The pellet sensor will display current pellet levels in real time, so users know when to re-load the hopper and keep the stoked fire burning.

Super Smoke Mode – This feature allows users to blast their food with 100% hardwood smoke between temperatures from 165 up to 225 degrees. Users can adjust the grill temperature between the mode ranges, and turn on or off.

Traeger’s mobile app is packed with features and benefits, and serves as a digital epicenter that unites and expands the “Traegerhood,” connecting like-minded Traeger owners and die-hard grilling enthusiasts around the world. In addition to creating a profile and setting palate preferences, app users can make and share notes on recipes, creating a truly personalized digital experience and mobile grilling community.

Available now in the Apple Watch app on your iPhone, the all-new app serves as an extension of Traeger’s overall brand experience. Learn more about the digital experience and shop Traeger Grills by visiting www.TraegerGrills.com.

Martello iQ Wins Top Marks In TechGenix Product Review

Posted in Commentary with tags on February 22, 2021 by itnerd

Martello Technologies Group Inc., announced today that its iQ software solution has received a 4.5/5 rating in a product review by Microsoft MVP Brien Posey, published on TechGenix. Martello iQ is a digital experience and IT analytics platform that consolidates and analyzes data from multiple monitoring, IT services management and business applications for a more comprehensive view of how critical services and applications, such as Microsoft 365 are performing.

TechGenix, which provides content and reviews to millions of IT professionals globally, published the ‘gold star’ review this month, highlighting the tool’s unique value to enterprise IT professionals. The review cited several factors in determining the Martello iQ product’s score, including the dozens of integrations it supports, ingesting data from all of the disparate tools that an enterprise class organization is likely to be using. The solution’s multitenancy is another critical capability highlighted by Posey, allowing IT teams to monitor multi-cloud environments such as multiple Azure subscriptions. The Martello iQ software’s ability to not only ingest but also perform root cause analysis dramatically reduces the time required to solve problems, by reducing the complexity that is inherent in monitoring hybrid cloud resources. This can help organizations increase the availability of critical IT services.

Leiden University Medical Center (LUMC) in the Netherlands uses iQ: “Martello’s solutions have grown with us and helped us manage our multi domain and hybrid cloud environment more effectively,” said Willem Bouwman, IT Specialist, SQL Database and Monitoring Engineer in the Information Technology and Digital Innovation department of Leiden University Medical Center. Read the Leiden University Medical Center Case Study.

Here’s a video that gives you an overview of Martello iQ:

Aptum Panel Discussion: How Business Leaders Can Stay On The Offensive In Challenging Times

Posted in Commentary with tags on February 22, 2021 by itnerd

Recently, Susan Bowen, CEO and President of Aptum, hosted a panel discussion on “How business leaders can stay on the offensive in challenging times” with Philbert Shih, Managing Director of analyst firm Structure Research; Jack Danahy, Former SVP of Business Development and Chief Evangelist with managed security leader Alert Logic; and Mark Vivian, CEO of Oracle Managed Services provider Claremont.

During the discussion, they touched on these topics:

  • Business Strategy – How the pandemic has impacted business, and strategies to grow in the face of challenge
  • IT Security – Security in the new business landscape, and its impact on the IT environment
  • IT Infrastructure – The immediate impacts IT infrastructure can have on business success
  • Remote Work – Strategies to keep remote workers engaged and maintain (or even build) productivity

A defensive business strategy is often the fallback approach for organizations in turbulent times. Over the past year the COVID-19 pandemic has caused many organizations to adopt this mindset. Putting new remote work strategies in place, shifting budgets to compensate for unpredictable revenue and trying to maintain a ‘business as usual’ stance has consumed senior executives across all industries. To grow their customer base and revenues, businesses must now be on the offensive.

The panelists all agreed organizations looking to be more aggressive need to have a solid cloud strategy. Toronto-based Philbert Shih at Structure Research has followed the cloud and data centre market for 20 years and noted that like the 2008/2009 financial crisis, the pandemic has spurred interest in cloud and outsourced infrastructure. 

As businesses shift more of their infrastructure to the cloud, security will play a key role. For example, the increase in employees working from home creates different security dynamics, Alert Logic’s Jack Danahy noted. IT infrastructures that were once managed on-site now need to be managed remotely. And with more devices being used for both personal and professional applications, new security processes need to be explored. 

Technology isn’t the only factor organizations need to address to take a more offensive business stance post-pandemic. Remote work is here to stay and ensuring employees feel connected to one another and the company will be more important when they’re not in regular face-to-face contact.

All panelists believe over the next 12 months, more organizations will turn to the cloud to boost scalability, efficiency and security.  

Please see Bowen’s full blog here: https://aptum.com/blog/how-business-leaders-can-stay-on-the-offensive-in-challenging-times/

The roundtable recording is also available here.

Clubhouse Pwned…. And Privacy Concerns Emerge

Posted in Commentary with tags on February 22, 2021 by itnerd

Bloomberg is reporting that Clubhouse, which is an app that has gained popularity with people in the tech space, has had its chats breached not long after the company claimed to have stepped up security:

A week after popular audio chatroom app Clubhouse said it was taking steps to ensure user data couldn’t be stolen by malicious hackers or spies, at least one attacker has proven the platform’s live audio can be siphoned.

An unidentified user was able to stream Clubhouse audio feeds this weekend from “multiple rooms” into their own third-party website, said Reema Bahnasy, a spokeswoman for Clubhouse. While the company says it’s “permanently banned” that particular user and installed new “safeguards” to prevent a repeat, researchers contend the platform may not be in a position to make such promises.

Users of the invitation-only iOS app should assume all conversations are being recorded, the Stanford Internet Observatory, which was first to publicly raise security concerns on Feb. 13, said late Sunday. “Clubhouse cannot provide any privacy promises for conversations held anywhere around the world,” said Alex Stamos, director of the SIO and Facebook Inc.’s former security chief.

Well that’s not good. And this makes this situation worse:

A week ago, the SIO released a report saying it observed metadata from a Clubhouse chatroom “being relayed to servers we believe to be hosted” in China. Agora’s obligations to China’s cybersecurity laws mean that it would be legally required to assist in locating audio should the government contend it jeopardized national security.

That suggests to me that this app should be avoided regardless of how popular it is. And that’s highlighted by comments made by Lourdes Turrecha, founder and CEO of privacy consulting firm PIX LLC. He wrote on Medium that Clubhouse rolled out its app without much regard for privacy. Turrecha claims that Clubhouse collects not just its users’ personal information but also their contact information. Further, Turrecha says, Clubhouse also accesses users’ Twitter account information without explaining why. That’s not good and maybe those who think that using Clubhouse is the new hot thing to do may now want to think twice.