Archive for January 19, 2022

IT Leaders Prioritize Secure Remote Work: Citrix

Posted in Commentary with tags on January 19, 2022 by itnerd

Two years ago, IT leaders were forced into remote work. Many viewed it as a temporary experiment. Today, they see it for what it is: the future of work. And they’ve made it their top priority. According to the results of a Pulse survey conducted by Citrix Systems, Inc., 100 percent of 400 IT and security leaders across North America, EMEA, and APAC have adopted the hybrid model, and rank enabling it as job number one for their organizations.

Leading the Charge

Business leaders who once bristled at the idea of remote work because they didn’t think employees could deliver outside the office now see the benefits it can deliver in terms of employee productivity and experience. They are calling on IT to enable it, and as revealed by the Citrix-Pulse survey, they’re answering.

When asked to rank their top five priorities over the next five years, respondents said:

  • Enabling distributed collaboration
  • Ensuring always-on availability
  • Empowering individual focus
  • Providing a consistent, consumer-like experience from device to device and location to location
  • Automating work

Leaping Hurdles

But they’ll face some challenges in executing. When asked to identify the top obstacles to driving digital transformation, Citrix survey participants cited:

Lack of understanding the needs across the business to effectively prioritize investments (41 percent)

Cumbersome, complex infrastructure (34 percent)

Lack of investment in cloud (24 percent)

Security is also a concern. When asked what they see as the top risks opened by remote and hybrid work, those polled called out:

  • Ransomware attacks (41 percent)
  • Insider threats (18 percent)
  • API/software breaches and vulnerabilities (16 percent)
  • Phishing and cloud-related attacks (15 percent)

And, their teams are stretched to the max, with respondents noting:

  • 70 percent are working more hours
  • 56 percent are leaving
  • 50 percent are experiencing decreased productivity
  • 49 percent are less satisfied with their jobs
  • 24 percent are disengaged

Pushing Forward

How do the leaders polled plan to overcome these challenges? By focusing on seven key things:

  • Bridging the cybersecurity gap (32 percent)
  • Managing the pace of digital acceleration with cybersecurity investment (29 percent)
  • Zero Trust Network Access (14 percent)
  • Vendor consolidation/simplification (13 percent)
  • Security AI and automation (7 percent)
  • App/API protection and/or browser isolation for SaaS and web apps (3 percent)
  • Acceleration to SASE (2 percent)

You can find the full survey here.

CISA Insights Urges US Organizations To Defend Against Data-Wiping Malware

Posted in Commentary with tags on January 19, 2022 by itnerd

CISA Insights has posted a new bulletin urging US organizations to defend against potential critical threats, similar to the malicious attacks Ukraine is currently battling. CISA is warning and encouraging organizations to strengthen cybersecurity defenses against data-wiping attacks recently seen targeting Ukrainian government agencies and businesses. 

Saryu Nayyar, CEO and Founder, Gurucul had this comment:

“The CISA’s guidance has several detailed measures that should be followed by every organization. One area of particular note is ‘identifying and quickly assessing any unexpected or unusual network behavior’. This is especially relevant when it comes to unusual communications, but also privileged access violations. In fact, another piece of guidance states: ‘take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic’. It is critical to monitor for and determine if access violations are taking place, but with stolen credentials commonly being used by attackers appearing valid to most detection solutions, this is really where behavioral analytics can determine if the access is indeed legitimate, suspicious or malicious and help security teams investigate further or rapidly respond.”

Clearly there’s a threat out there that the CISA is worried about, and given the which means that US organizations should take this seriously.

UPDATE: Antonio Martinelli, Director of Cyber Training at GRIMM had this additional commentary.

Attack surface reduction is a critical aspect of any Information Security program, yet something companies have consistently been struggling with since The Internet became ubiquitous. We’re seeing it’s easier now more than ever for employees to spin up new cloud resources and enroll in SaaS services without proper channels being involved, leading to companies being hit by attacks in these ever-expanding blind spots. A cyclical process of active asset inventory identification and subsequent attack surface assessment & reduction is mandatory in this day and age of Shadow IT complacency.

Apple Fights Hard Against App Store Bill

Posted in Commentary with tags on January 19, 2022 by itnerd

This week, politicians on Capitol Hill are debating a bill that would shake up the App Store to such a degree, that side loading of apps among other things would be allowed. All in the name of consumer choice. CNBC has the details:

The American Innovation and Choice Online Act, introduced by Sens. Amy Klobuchar, D-Minn., and Chuck Grassley, R-Iowa, would prohibit dominant platforms from favoring their own products over rivals.

That could have significant implications for companies like Apple and Google, which host rival apps on their app stores alongside their own, and Amazon, which sells private-label products on its marketplace alongside third-party brands.

The Open App Markets Act, introduced by Sens. Richard Blumenthal, D-Conn., and Marsha Blackburn, R-Tenn., would similarly prevent dominant platforms from preferencing their own products, but is focused specifically on app stores.

The bill would prevent companies with dominant app stores, like Apple and Google, from conditioning distribution of an app on whether the developer uses the platform’s in-app payment system, for example.

And:

Apple has consistently argued that its control over the App Store is essential to deliver a secure and private experience to its customers. Otherwise, it argues, users could install malware and other malicious software. Android phones allow users to sideload apps, although users have to agree to several warning pop-ups in the software to do so.

In the Tuesday letter, Apple warned that allowing users to sideload apps, as the bills would enable, would be a “big loss for consumers” and said it would allow app developers to ignore Apple’s privacy policies and open the door to attacks from scammers.

“But, if Apple is forced to enable sideloading, millions of Americans will likely suffer malware attacks on their phones that would otherwise have been stopped,” Powderly wrote in the letter.

Apple argues that the bills should give the company the ability to defend its rules under the argument that they “increase consumer welfare.”

Now Apple’s arguments might be valid if they actually properly policed the App Store to keep scam apps out for example. And I cite this, this, this, and this as as examples. Maybe Apple should “walk the walk” as opposed to just “talking the talk.” But in the interest of having a different view, I got a comment from Chris Olson, CEO of The Media Trust

“Antitrust legislation may or may not benefit consumers, but any cybersecurity ramifications pale in comparison to the status quo. App guidelines have NOT protected mobile users from the biggest threats to their safety. Thanks to a complete lack of control over digital third parties, identity theft, phishing and malware attacks are rampant across all mobile platforms. Until that changes – and the app review process becomes more than a pointless formality – regulations should be the least of our concern.”

Now I will point out that most of what he is talking about is insanely common on the Android side of the fence, but having said that we are starting to see some of this on iOS. Thus I would say that maybe politicians should back off of what they are doing now, and force Apple to actually make the App Store a safer place.

Brand New And Crafty Phishing Attack impersonates Dept. of Labor

Posted in Commentary with tags on January 19, 2022 by itnerd

New research from email security firm INKY shows a phishing attack impersonating the US Department of Labor targeting Office 365 users. The phishing attack, which has been ongoing and active for at least a couple of months, uses over ten different phishing sites impersonating the government agency. Furthermore, those who do submit bids for the project will then be taken to a fake ‘error’ website, in order to trick the victim into entering their credentials again. If the victim falls for both traps, they are re-directed to the actual DoL site, showing little evidence of the attack that has taken place.

I have two comments on this new threat. The first is from Saryu Nayyar, CEO and Founder of Gurucul:

“Spoofed domains are the foundation of phishing attacks and spoofing government agencies is extremely difficult for users to identify unless they consistently research the addresses on their own before clicking on any links. That is why these types of attacks are so successful in stealing credentials or establishing a foothold within an organization. This one is particularly clever in thwarting email security through hijacked legitimate servers and even eventually directing users to a legitimate DoL site after they’ve acquired what they wanted. The latter is a subtle, yet effective twist. However, advanced behavioral analysis and out-of-the-box machine learning (ML) models would have detected the abnormal communications to the servers and/or malicious, but unknown, domains. It is critical for organizations to invest beyond the current SIEM and XDR tools and look at more Next gen SIEMs and advanced SOC platforms with a multitude of analytics and true ML models that can not only identify the malicious activity quickly, but also elevate the risk as determines it is part of an attack campaign. The analytics also provided needed context for a targeted automated response, potentially stopping the attack earlier in the kill chain before credentials can be stolen.” 

The second is from Chris Olson, CEO of The Media Trust:

“Today’s malicious actors are vigilant in generating new domain names to skirt around blockers. By the time a list is updated to reflect the latest source of a phishing or malware attack, the operation shifts to a brand new site. This is why organizations can’t depend solely on CMPs, ad blockers or other traditional tools to protect their online visitors: there is no replacement for live scanning to detect malicious code.”

I’ve heard of cases where a spoofing attack has cost an organization hundreds of thousands of dollars. Thus making sure you have the means to stop these attacks before the start is key to making sure that you’re not bleeding cash because of a spoofing attack.

Guest Post: Almost 70% of People Can NOT Distinguish Gmail’s Real Login Page From A Scam – Can You?

Posted in Commentary with tags on January 19, 2022 by itnerd

In the last decade, Google Workspace has become one of the most commonly used platforms for email and collaboration with over 1.8 billion users worldwide. Asserting it’s mobile-friendly dominance, 75% of those users access Google’s apps on their phones for the reliability and convenience of staying connected on the go. 

Unfortunately, Google, and many other large companies – including Fedex, Amazon, and Netflix – are often impersonated by bad actors looking to phish users and scam them into sharing personal details and account information with incredibly convincing, but fake, login pages. 

Only 33% Of People Could Distinguish A Real Website From A Fake

Many of us would like to think we recognize Google when we see it on our phones. However, a recent survey conducted by Lookout, the leader in delivering integrated Security, Privacy, and Identity Theft Protection solutions, has discovered phishing pages are so deceiving that only a third (33%) of consumers could reliably distinguish the real Google login website from the fake website, below:

Note, in the image above, “Option A” is FAKE, and “Option B” is REAL

Learn the tips to protect your email and safeguard yourself against ID theft: 

  • Google recommends that customers never enter their password after clicking a link in a message. If you’re signed in to an account, emails from Google won’t ask you to enter the password for that account. If you think an email that looks like it’s from Google might be fake, go directly to myaccount.google.com/notifications. On that page, you can check your Google Account’s recent security activity.
  • Attackers will always try to create high-pressure situations that cause you to not think about what’s happening. If you’re ever contacted in this way and the individual is asking you to download an app or click a link, simply don’t. 
  • Download a mobile security application on your device – like Lookout – that will block connections to phishing sites before they can do harm and alert you immediately if you download a malicious app. 

It Looks Like The Activision Blizzard CEO Is Being Shown The Door After All

Posted in Commentary with tags on January 19, 2022 by itnerd

Yesterday I posted a story that spoke about Microsoft buying Activision Blizzard for a incredible amount of money. In that story I said this:

Here’s what really interesting about this. Microsoft have decided to keep Bobby Kotick around. He’s been accused of creating a “frat boy” culture at Activision Blizzard and is under immense scrutiny for that. One wonders if Microsoft will deal with that eventually. 

I guess the answer is yes. Business Insider is reporting that Bobby Kotick is leaving the company when the deal closes:

Those sources said that both Microsoft and Activision have agreed that Kotick “will depart once the deal closes,” which could take anywhere from 12 to 18 months.

That’s in stark contrast to what Microsoft said in its press release on Tuesday morning.

“Bobby Kotick will continue to serve as CEO of Activision Blizzard,” the release said, “and he and his team will maintain their focus on driving efforts to further strengthen the company’s culture and accelerate business growth. Once the deal closes, the Activision Blizzard business will report to Phil Spencer, CEO, Microsoft Gaming.”

I guess the blowback from Microsoft’s press release from yesterday made the software giant reconsider. But it’s interesting that this is coming about via “sources” rather than an official Microsoft press release of some sort. That suggests to me that Microsoft is still trying to figure out how to clean up the “frat boy” culture that exists at this company.

In Depth: TELUS Health Launches Virtual Pharmacy Service In Canada

Posted in Commentary with tags on January 19, 2022 by itnerd

A telco launching a virtual pharmacy service in Canada?

It sounds weird unless you’re talking about TELUS who have heavily invested in health and other areas over the years. Thus having a virtual pharmacy in their case is a natural extension of what they do.

So let’s get to the details. TELUS Health launched its digital Virtual Pharmacy service to help improve medication adherence by offering Canadians the opportunity to set up automatic refill reminders for prescription medications that are shipped directly to their doorstep. Importantly, the service allows users to have unlimited one-on-one video and phone consultations with pharmacists from the comfort of their home, while also providing them with tools to keep track of their family’s medications through the service’s online dashboard.

TELUS Health’s Virtual Pharmacy allows users to conveniently book appointments for pharmacy services including video or phone consultations with a licensed pharmacist. The service empowers users to better manage a key aspect of their health through a combination of proven technology and personal service from caring and knowledgeable pharmacists. Virtual Pharmacy can save Canadians time while reducing the stress that may come with trying to get to a pharmacy on time to pick up a regular medication, and seeking pharmacy counsel in a crowded store, particularly as many continue to navigate COVID-19 requirements. It is also an ideal digital tool for caregivers who manage medications for others.

That sounds great. But there’s a big reason why this is a game changer. I spoke to Jason Kennedy who is a pharmacist working with TELUS Health and helped in creating this Virtual Pharmacy. In our conversation he highlighted a number of things including:

  • One-third of Canadians missed picking up their prescription medications on time in the past year with the majority citing their busy lifestyle as the reason;
  • Among these respondents, all of whom have their medications partially or fully covered by a benefits plan, nearly 60 per cent said it was because it slipped their mind and almost 50 per cent said it was due to work and family commitments.

But the most important thing that he highlighted to me was that when it comes to being able to give patients information about the medication that they are taking, it is extremely hard to do so in your traditional pharmacy setting due to the hustle and bustle that exists in that setting. By doing it virtually, the pharmacist has the undivided attention of the patient. That’s the game changing part in my mind as that’s going to ensure better outcomes for the patient.

TELUS Health Virtual Pharmacy is available in English in all provinces, excluding Quebec, through a free mobile app for both iOS and Android devices; the French version of the service will be available in the coming months. Canadian employers can also add Virtual Pharmacy to their workplace health benefits programs providing employees with convenient options to more easily access prescription medications while also supporting improved adherence which has been reported to help reduce absenteeism. Employers can learn more about adding Virtual Pharmacy to their workplace benefits plan here.

My take on this is that this is game changing stuff that I can get on board with. And I applaud TELUS for rolling this out.

For more information, please visit: www.teluspharmacy.com.

Infosec Institute Wins 2022 Best Relationship & Best Feature Set Awards From TrustRadius

Posted in Commentary on January 19, 2022 by itnerd

Infosec Institute, a leading cybersecurity education company, today announced that TrustRadius recognized Infosec with  2022 Best Relationship and Best Feature Set Awards for its security awareness training software. More than 1 million business technology buyers look to TrustRadius’ authentic, unbiased customer feedback every month to make better product decisions. 

These TrustRadius awards recognize companies that went above and beyond to provide clients outstanding customer service and deliver features that delighted their users in 2021. To win, each nominated organization must receive 10 TrustRadius reviews specifically mentioning their product’s customer support, likelihood to buy again or quality of the feature set. Winners also had to rank in the top three positions of their category in terms of the percentage of positive responses earned. The TrustRadius research team also uses textual review analysis to vet submitted customer feedback.

Infosec IQ reviews provided through TrustRadius include:  

  • “I deeply recommend Infosec IQ, especially if you are just starting your efforts [with] security awareness. It is super user-friendly, has a lot of content resources like video modules, posters, infographics, newsletters and assessments, so you can create whole security awareness programs and engage your learners in different communication channels throughout your organization. Their customer service is a differentiator that we really appreciate.”  — Information security lead, Inflection Point Systems 
  • “Infosec IQ has been a great investment. In fact, given the opportunity to do the purchase again, I would not even hesitate to choose Infosec IQ. I will be renewing our organizational training when it is time to renew. As an organization, the training has been easy, professional and overall outstanding.” — General manager, Nevada special utility district 
  • “I love Infosec IQ for their customer support and its ability to run reports to determine who needs extra training activities. It has made a difference in the mindset of our users.” — Technology coordinator, McComb School District
  • “Once it is set up, it requires very little maintenance as it automatically grades users based on their phishing click rate and response to learning activities so you can focus on analyzing the results. The support team at Infosec is extremely responsive and answers your questions immediately. We noticed an immediate drop in the click rate of phishing emails.” —  IT Professional, renewables and environment company 

Infosec IQ security awareness and training empowers employees with the knowledge and skills to stay cyber-secure at work and home. The platform includes over 2,000 awareness and training resources to equip organizations with everything they need to prepare employees to detect, report and defeat cybercrime. 

Read what verified Infosec IQ clients have to say on TrustRadius