Archive for July 20, 2021

Amazon Web Services Takes Out NSO Group Linked Accounts

Posted in Commentary with tags , on July 20, 2021 by itnerd

Hot on the heels of the report of the NSO Group selling spyware to nation states to allow those countries to go after a journalists and activists on a massive scale, the news is out via Motherboard that Amazon Web Services is cutting ties with the NSO Group by taking down any accounts associated with them:

The move comes as a group of media outlets and activist organizations published new research into NSO’s malware and phone numbers potentially selected for targeting by NSO’s government clients.

“When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts,” an AWS spokesperson told Motherboard in an email.

Amazon and The Washington Post are owned by Jeff Bezos. And The Washington Post was part or the report of the spyware that the NSO Group was using. So I am sure that this is no coincidence. Also, while I am sure that this will hurt the NSO Group, I doubt this is fatal to them. But it will be interesting to see if this alters how NSO spyware is delivered to its targets.

Guest Post: Atlas VPN Says That Over 60% Of Android Apps Have Security Vulnerabilities

Posted in Commentary with tags on July 20, 2021 by itnerd

When a developer leaves a mistake in application code, it can create a security vulnerability that criminals may exploit.  

According to the data presented by the Atlas VPN team, 63% of Android applications had known security vulnerabilities in Q1 2021, with an average of 39 vulnerabilities per app. 

Gaming apps had the most vulnerabilities out of all Android app categories. A whopping 96% of top free games apps were found to contain vulnerable components. Additionally, 94% of top-grossing games apps and 80% of top paid games apps also had vulnerabilities. 

Despite the fact that financial apps require some of the most personally sensitive data, vulnerabilities were also discovered in 88% of banking apps, 84% of budgeting apps, and 80% of payment apps

Education apps have the most high-level vulnerabilities Not all vulnerabilities are equal. While some may just be minor issues that do not pose any active threat to the user, other vulnerabilities can cause serious repercussions. Let’s delve deeper into the different types of Android security vulnerabilities registered since 2018.  

Education apps had the highest number of exploitable Android vulnerabilities with possible fixes as of the first quarter of 2021— 43%. Meanwhile, apps in the top games category had the biggest number of exploitable Android vulnerabilities with no available fixes — 6%.  

Overall, 44% of the Android app vulnerabilities were classified as high-risk, meaning they represented a tangible threat.  

Ruth Cizynski, the cybersecurity researcher and writer at Atlas VPN, shares her thoughts on the situation: “Given that the Google Play store applications have been downloaded millions of times, it is safe to say they pose significant security risks to Android users. ” 

To read the full article, head over to:  https://atlasvpn.com/blog/over-60-of-android-apps-have-security-vulnerabilities

Brands Only Have One Shot To Impress Customers With Digital Experiences: Cisco AppDynamics

Posted in Commentary with tags on July 20, 2021 by itnerd

Cisco AppDynamics today released the latest report in its App Attention Index research series, revealing consumer reliance on applications and digital services has soared since the start of the COVID-19 pandemic. The global study, which examined the digital behaviors of more than 13,000 global consumers, also identified consumers now have a zero tolerance policy for poor application experience and automatically place blame on the application and brand, no matter where a performance issue stems from.

Consumers blame the brand when the application experience fails

Since the start of 2020, consumers have experienced a sudden and total reliance on digital services, altering how they engage with brands, consume goods and services, and make purchasing decisions. In fact, the research shows that people are using 30 percent more applications today than they did before the pandemic.

The research highlights that because of their increasing reliance and use of digital services, 76 percent of consumers say their expectations of digital services have increased since the start of 2020. Alarmingly for brands, when their expectations aren’t met 60 percent of consumers will now automatically blame the application and the brand no matter where the issue actually lives. Whether it’s within the application itself – such as pages loading slowly, downtime, or security failures; or external factors like internet connectivity, slow payment gateways or technical issues with third party services – to the consumer there is no distinction and they will now place responsibility firmly on the brand.

  • 72 percent of people believe it’s the responsibility of the brand to ensure that the digital service or application works perfectly.
  • 92 percent say they expect digital services to have reliable, consistent performance.

Loyalty lies with brands that invest in application experience

Consumers have not only come to rely on applications and digital services to function in everyday life, but they also used them to facilitate social interactions in the absence of traditional ways of connecting in person. The research found that the majority of consumers (85%) say that digital services have become a critical part of daily life, with 84 percent stating they helped them get through the pandemic in a positive way. Additionally, consumers are now loyal to brands based on how significantly they invested in digital services during the pandemic.

  • 72 percent say they feel grateful to the brands that invested in digital during the pandemic so they could get access to the services that they love and rely on.
  • 67 percent say they feel more loyal to brands that went above and beyond with the quality of their digital service during the pandemic.

Brands have one shot to get the ‘total application experience’ right

61 percent of consumers now state their expectations for digital services have changed forever and they will no longer tolerate poor performance. The research goes on to find that 72 percent of consumers believe it’s the responsibility of the brand to ensure that digital services work perfectly, and more than half (57%) state that brands have one shot to impress them with their digital experiences before they switch to another provider. 

  • 72 percent say they simply don’t care who is responsible for problems with digital services, they just want them fixed and to work.
  • 68 percent consider it disrespectful to users for brands to offer a poor digital experience in this day and age.
  • 57 percent believe most problems with digital services and applications are completely avoidable.

73 percent of consumers stated that even as life returns to normal, they know they will continue to rely on the digital services they utilized during the pandemic. This means the pressure technologists are under to tackle the complexities of modern architectures in order to deliver flawless digital experiencesisn’t going away.

Cisco AppDynamics is committed to helping technologists take on these challenges of leading technology health and performance to deliver the ‘total application experience’ to users. To learn more about Cisco’s full-stack observability solution and how the AppDynamics Business Observability platform can help technologists deliver the ‘total application experience’ to consumers, visit appdynamics.com.

Other Resources:

Research Methodology: 

The research included interviews with more than 13,000 consumers, including 2,000 interviews in both the United States and the United Kingdom, and 1,000 interviews within Australia, Canada, France, Germany, India, Japan, Russia, Singapore and the United Arab Emirates. The research was conducted by Insight Avenue in June 2021.

OpenText Announces A New Customer Data Platform, A New AI-driven Solution To Uncover & Remediate High-Risk Content & Expanded Cloud API Services

Posted in Commentary with tags on July 20, 2021 by itnerd

 OpenText™ today announced the release ofOpenText™ Cloud Editions (CE) 21.3, delivering innovations in the OpenText Cloud that will enable businesses of all sizes to become more intelligent, secure and connected.

CE 21.3 features a number of significant new products, solutions and integrations to support Information Management in the cloud at scale, including:

  • OpenText™ Experience CDP, a new customer data platform, and an essential feature of the highly integrated OpenText™ Digital Experience Platform. Experience CDP increases prospect conversation rates by unifying customer data from first- and third-party data sources, including Google Marketing Platform, to enable better targeting and more relevant personalized and omni-channel experiences.
  • OpenText™ Magellan Risk Guard, a new AI solution that helps organizations ensure compliance and mitigate risk by uncovering and remediating potentially sensitive, inappropriate, or detrimental text, images, or video content within business systems. Risk Guard is easy to deploy and includes 20 prebuilt AI models that identify risk across 50 pre-defined categories such as personally identifiable information (PII), drugs, alcohol and violence.
  • An update to OpenText™ Extended ECM for Office 365, that provides deeper integrations with Microsoft Teams​, further simplifying collaboration, productivity, and compliant control of information.
  • As part of OpenText’s commitment to deliver information management solutions as Cloud APIs,OpenText™ Developer Cloud  now delivers APIs for content services, fax, notifications, capture and security. Webroot® real-time threat protection and monitoring APIs help protect sensitive data and reduce the potential risks of cyber-attacks. Additionally, the OpenText™ Business Network Cloud now offers connectors to 135 API in the SAP S/4HANA® Cloud, enabling organizations to unlock real-time data flow and minimize disruptions when migrating to the SAP S/4HAHA Cloud. 

CE 21.3 also contains significant updates across each of the OpenText Clouds, as well as new solutions tailored to address unique industry requirements.

The OpenText Content Cloud empowers modern work by improving user and process productivity, and automating the management of critical business content. Further innovations beyond OpenText Extended ECM include:

  • OpenText™ Core for Regulatory Plans, a SaaS solution for Life Sciences helps organizations plan, manage, and track complex regulatory submissions​.
  • OpenText™ Core Share for SAP solutions, available at the SAP Store, enables secure remote collaboration in the cloud within an SAP business process.
  • OpenText™ Axcelerate™ delivers enhanced chat review functionality and expanded collection capabilities for Google Workspace and Microsoft Exchange.

The OpenText Business Network Cloud connects business to global commerce and trading networks through a unified integration platform. In addition to new API connectors, innovations include:  

  • OpenText™ Lens is now available in OpenText™ Trading Grid Classic to provide near real-time visibility for B2B transactions, tailored experiences, and new reporting capabilities to enhance productivity and communication. 
  • OpenText™ IoT Platform simplifies the user experience and delivers APIs with operational features for internalization and device onboarding and provisioning.

The OpenText Experience Cloud provides a single platform to deliver modern engagements across the customer journey. ​In addition to the new customer data platform, innovations include:

  • OpenText™ Media Management now integrates with Shutterstock to streamline image search and asset management.
  • OpenText Media Management also introduces a new Jobs Dashboard that provides immediate visibility of all current projects, helping teams and stakeholders to optimize collaboration and meet deadlines.
  • The launch of the OpenText Voyager Connect Community, an online community for digital experience and information management professionals to network and share ideas, content, and resources.

The OpenText Security & Protection Cloud strengthens cyber resilience by protecting and securing data to withstand and quickly recover from cyberattacks and accidental data loss. Recent innovations include:

  • OpenText™ Managed Detection & Response (MDR) Service helps enterprise customers uncover hidden risks and threats to help prevent financial, legal, or reputational impact.
  • OpenText™ EnCase Forensic and OpenText™ EnCase Endpoint Investigator now enable the collection of social media artifacts from cloud-based collaboration and storage applications including, Microsoft Teams, Amazon S3, Dropbox and Box. 
  • Webroot® Business Endpoint Evasion Shield offers better protection by identifying threats earlier in the attack chain.
  • Webroot® Security for Chromebook now includes antivirus and web filtering protection.
  • Webroot® Security Awareness Training delivers regionalized and localized content in additional languages for EMEA.

The OpenText Developer Cloud is a single source of cloud API services that helps developers quickly bring their ideas to life using powerful, developer-trusted APIs. Enhancements to the Developer Cloud include more accessible API documentation, new learning materials, and a new Developer forum.

Underpinning each of the clouds are OpenText™ Advanced Technologies. In addition to Risk Guard, newinnovations include

  • Support for Amazon EMR Data Lake and a text classification model for a Life Sciences taxonomy using Medical Subject headings (MeSH)​.
  • Deeper integrations between OpenText™ Core Case Management and OpenText™ Core Content to better connect content to processes.

OpenText Industry Solutions are tailored to address the unique requirements of individual industries, bringing together information management products from across the OpenText portfolio. New solutions in CE 21.3 support the following industries:

For more information on OpenText CE 21.3, visit here or check out the latest blog from OpenText Chief Product Officer, Muhi Majzoub.