Archive for June 1, 2022

The Office Of The Privacy Commissioner Of Canada Says Tim Horton’s Was Tracking You Illegally

Posted in Commentary with tags , on June 1, 2022 by itnerd

Tim Horton’s was recently under investigation by the The Office of the Privacy Commissioner of Canada because of accusations that they were tracking you without your permission. The results of that investigation are now out and….

People who downloaded the Tim Hortons app had their movements tracked and recorded every few minutes of every day, even when their app was not open, in violation of Canadian privacy laws, a joint investigation by federal and provincial privacy authorities has found.

The investigation concluded that Tim Hortons’ continual and vast collection of location information was not proportional to the benefits Tim Hortons may have hoped to gain from better targeted promotion of its coffee and other products.

The Office of the Privacy Commissioner of Canada, Commission d’accès à l’information du Québec, Office of the Information and Privacy Commissioner for British Columbia, and Office of the Information and Privacy Commissioner of Alberta issued their Report of Findings today.

The Tim Hortons app asked for permission to access the mobile device’s geolocation functions, but misled many users to believe information would only be accessed when the app was in use. In reality, the app tracked users as long as the device was on, continually collecting their location data.

The app also used location data to infer where users lived, where they worked, and whether they were travelling. It generated an “event” every time users entered or left a Tim Hortons competitor, a major sports venue, or their home or workplace.

The investigation uncovered that Tim Hortons continued to collect vast amounts of location data for a year after shelving plans to use it for targeted advertising, even though it had no legitimate need to do so.

The company says it only used aggregated location data in a limited way, to analyze user trends – for example, whether users switched to other coffee chains, and how users’ movements changed as the pandemic took hold.

While Tim Hortons stopped continually tracking users’ location in 2020, after the investigation was launched, that decision did not eliminate the risk of surveillance. The investigation found that Tim Hortons’ contract with an American third-party location services supplier contained language so vague and permissive that it would have allowed the company to sell “de-identified” location data for its own purposes.

There is a real risk that de-identified geolocation data could be re-identified. A research report by the Office of the Privacy Commissioner of Canada underscored how easily people can be identified by their movements.

None of this sounds good and doesn’t leave Tim Horton’s looking good. I suspect that because of that, Tim Horton’s agreed to these items:

  • Delete any remaining location data and direct third-party service providers to do the same;
  • Establish and maintain a privacy management program that: includes privacy impact assessments for the app and any other apps it launches; creates a process to ensure information collection is necessary and proportional to the privacy impacts identified; ensures that privacy communications are consistent with, and adequately explain app-related practices; and
  • Report back with the details of measures it has taken to comply with the recommendations.

This report makes it clear that you can’t trust Tim Horton’s and their apps. And even after the above items are implemented, I still wouldn’t trust them. So what does Tim Horton’s have to say about this? Not much really:

“Data from this geolocation technology was never used for personalized marketing for individual guests. The very limited use of this data was on an aggregated, de-identified basis to study trends in our business — and the results did not contain personal information from any guests,” spokesperson Michael Oliveira said in an email.

“We’ve strengthened our internal team that’s dedicated to enhancing best practices when it comes to privacy and we’re continuing to focus on ensuring that guests can make informed decisions about their data when using our app.”

Sure they are. I am not buying what they are saying.

It is worth noting that Tim Horton’s is still facing four class-action lawsuits in B.C., Ontario, and Quebec? So their issues are not over by a long shot.

New survey from Cisco AppDynamics Finds the average Canadian traveler uses 23 digital apps for vacation prep

Posted in Commentary with tags on June 1, 2022 by itnerd

The pandemic put a pause on travel over the last few years, so it’s no surprise consumers are eager to make up for lost time. In fact, 76% of Canadians say they are looking forward to taking a trip this year. But as they plan their much-anticipated summer vacations, just how dependent they’ve become on digital applications to make it happen might surprise you.

From researching destinations to scheduling flights and booking hotels, the average Canadian uses 23 different digital applications throughout their vacation process. It’s clear that digital applications and services have become a crucial part of the vacation experience, which means the pressure is on for brands to ensure their apps perform flawlessly this summer.

In its new global study of consumers, including Canadians, Cisco AppDynamics explored how applications are being used throughout the vacation process and the significance of their role today.

Key insights from Canadian travelers:

  • 64% say applications and digital services are now central to their vacation experience
  • 70% say if a travel app, like an airline or hotel booking, were to fail it would disrupt their vacation and 42% claim it could ruin their whole trip
  • 33% say if they experience a problem with an application when planning, booking or traveling on vacation, they’ll immediately switch to an alternative
  • 42% say they don’t intend to carry any paper-based tickets, relying entirely on applications such as digital wallets throughout their trip

You can have a look here for additional details from the study and tips on how technologists can leverage full-stack observability to maintain the performance of their applications this summer.

Simply Easier Payments Integrates With AMS360 Agency Management System By Vertafore

Posted in Commentary with tags on June 1, 2022 by itnerd

 Simply Easier Payments, which offers turn-key and customizable payment solutions for the insurance industry, announced today it has added Vertafore’s AMS360 agency management system to its list of integrations it offers at no cost. The integration allows its users to pull up and pay AMS360 invoices using the Simply Easier software. 

Simply Easier, a North Carolina-based business which has long worked with other Vertafore platforms, has been working diligently on the integration which will allow Vertafore users to process payments via AMS360, which is a proprietary system that helps independent insurance agencies streamline workflows, increase renewals and retentions among insureds and improve employee productivity.

The collaboration will allow insurance agencies to offer their insureds a convenient, simple, and secure way to pay their premiums through the agency’s website. 

Simply Easier Payments offers customer-payment solutions for the insurance industry, offering both turnkey and customizable payment solutions. Along with a growing list of partners in the insurance space, Simply Easier is also adding its tools to other agency management systems to make it even easier for clients to manage customer payments.

Founded in 2006, Simply Easier Payments is a leading total payment solution partner for the insurance sector and financial advisors accepting mobile and online payments. Providing a one-stop credit card payment processing solution designed for regulated businesses, it offers a hassle-free experience without the high fees other providers charge, and it’s 100 percent compliant in all 50 states in the U.S. For more than a decade, Simply Easier Payments has provided secure, compliant, and reliable payment solutions to thousands of businesses around the nation. Since its inception, reliability and affordability have been the cornerstone principles for delivering real, working solutions to its customers. To learn more, visit:  https://www.simplyeasier.com. 

Nuspire Named Top Service Provider By CRN

Posted in Commentary with tags on June 1, 2022 by itnerd

Nuspire, a leading managed security services provider (MSSP), today announced that CRN, a brand of The Channel Company, has named Nuspire to its 2022 Solution Provider 500 list. 

CRN’s annual Solution Provider 500 ranks North America’s largest solution providers by revenue and serves as the gold standard for recognizing some of the channel’s most successful companies. With a combined revenue of more than $434 billion, this year’s list represents an impressive amount of influence and impact wielded by these companies on today’s IT industry and the technology suppliers they partner with.

Nuspire has become a staple in the CRN Solution provider 500 List for years thanks to its highly skilled team of cybersecurity experts and lineup of managed security solutions that address the ever-evolving cybersecurity threat landscape.

Nuspire is a managed security services provider (MSSP), offering managed security services (MSS), managed detection and response (MDR), endpoint detection and response (EDR) that supports best in breed EDR solutions, and cybersecurity consulting services (CSC) that includes incident readiness and response, threat modeling, digital forensics, technology optimization, posture assessments and more. Their self-service, technology-agnostic platform, myNuspire, allows greater visibility into your entire security program. Powered by the self-healing always on Nuspire Cyber X Platform (CXP), myNuspire will help CISOs alleviate the pain associated with tech sprawl, provide intelligence driven recommendations, solve for alert fatigue and help their clients become more secure over time. Their deep bench of cybersecurity experts, award-winning threat intelligence and three 24×7 security operations centers (SOCs) detect, respond, and remediate advanced cyber threats. Their client base spans thousands of enterprises from midsized to large enterprises that span across multiple industries and geographic footprints. For more information, visit www.nuspire.com 

Horizon3.ai NodeZero Offers True Understanding of Cyber Risk Profile Across The Entire Environment

Posted in Commentary with tags on June 1, 2022 by itnerd

Horizon3.ai today announced it has extended the capabilities of its NodeZero platform to include external penetration testing. With this enhancement, Horizon3.ai is the first autonomous penetration testing platform to offer organizations both internal and external penetration testing in one self-service platform.

Horizon3.ai’s autonomous penetration testing platform, NodeZero, continuously assesses an enterprise’s internal infrastructure and external attack surface, identifying ways an attacker could chain together harvested credentials, misconfigurations, dangerous product defaults, and exploitable vulnerabilities to compromise systems and data. By extending NodeZero’s capabilities to include both internal and external penetration testing, organizations can now assess all their assets – including on-prem, cloud, and hybrid, from both inside and outside the perimeter.

When you combine the results of an external and internal penetration test, organizations have a true understanding of their cyber risk profile across their entire environment.

NodeZero offers organizations the following benefits:

  • Verify if public facing assets open doors to ransomware exposure – Ransomware attacks have become democratized, with criminal groups establishing Ransomware-as-a-Service (RaaS) operations, renting ransomware to recruited affiliates that, in turn, run attacks against organizations and pay a “royalty” to the RaaS providers. With NodeZero, organizations will understand what attack paths ransomware actors can exploit to breach the perimeter, move laterally within the network, and gain access to “crown jewel” data.
  • Visualize the risk and impact – See the risk and impact of misconfigured third-party applications and weak or default credentials as an attacker would use them to breach your perimeter. Credential attacks are the fastest growing attack path across the globe, and NodeZero will autonomously and safely attack your public-facing assets so you know where your most critical problems exist.
  • Improve asset management and eliminate shadow IT – With NodeZero, organizations can continuously discover their public-facing assets, hybrid cloud assets, and internal assets. NodeZero allows organizations to understand and visualize the true risk these assets pose based on real-world exploitation rather than just theoretical risk.
  • Understand third-party and supply chain risks – NodeZero can be run continuously, both internally and externally, providing an immediate understanding of third-party and supply chain risks.
  • Save time and resources – Penetration tests can be set up within minutes and executed as often as needed. NodeZero quickly identifies exploitable internal and external attack vectors and ineffective security controls. No extensive tuning, training, or certifications are required, and results are prioritized with proof, so time and resources can be spent fixing only what matters.
  • Continuous security assessments – NodeZero is every organization’s purple team partner, orchestrating hundreds of attack tools and techniques across an entire environment to chain attack paths and demonstrate real risk and impact. This isn’t an annual compliance checkbox or a limited snapshot in time. Autonomous penetration tests with NodeZero can be automated and run as often as needed to ensure that blue and red teams can focus and complement each other’s efforts.

Read more about NodeZero’s external pentesting capabilities here.

Volvo Cars and Epic Games Team Up On In Car Tech

Posted in Commentary with tags , on June 1, 2022 by itnerd

Volvo Cars is bringing photorealistic visualisation technology into its next generation of electric cars through a new collaboration with Epic Games. The companies are teaming up to bring Epic’s Unreal Engine game engine into upcoming Volvo cars, providing unparalleled high-quality graphics inside the cabin.

Epic Games is a leading interactive entertainment and software company probably best known for Fortnite. But Epic Games also develops Unreal Engine, widely considered to be the most advanced real-time 3D creation tool used in various industries beyond games, and which will now be used by Volvo Cars for developing digital interfaces inside its cars and rendering real-time graphics in the car.

Volvo Cars is the first European carmaker to use the Unreal Engine for development of the Human Machine Interface (HMI). More specifically, it will initially focus on the Driver Information Module (DIM), one of the displays inside the cabin that provide the driver with relevant information and infotainment features.

In the next generation of Volvo cars, customers will encounter impressive, high-quality graphics on those displays. Much sharper renderings, richer colours and brand new 3D animations are only the first steps as Volvo Cars developers continue to push the graphic envelope.

By coupling the Unreal Engine with the high performance computing power of the third generation Snapdragon Cockpit Platforms, the next generation of Volvo cars will set a new standard in graphics and infotainment system performance.

As a result, Volvo Cars’ next generation infotainment system will be more than twice as fast as its predecessor, while graphics generation and processing inside the cabin will be up to ten times faster.

The first car to contain the new graphics is the new, all-electric flagship model that Volvo Cars will reveal later this year. That model is the first of a new generation of all-electric Volvo cars as it aims to only sell pure electric cars by 2030.

Further into the future, the company sees additional opportunities for Unreal Engine to advance other areas of technology within new Volvo cars, as Volvo Cars developers continue to explore new applications for this and other software-driven technology platforms while always keeping safety front of mind.

Volvo Cars has an ambition to develop half of all the software inside its cars in-house by mid-decade and is recruiting extensively within software development. By joining the company, coding talent has numerous opportunities to work on exciting and groundbreaking new in-car applications and platforms.

The NSO Group’s Cash Crunch Is Making It Far More Dangerous To All Of Us

Posted in Commentary on June 1, 2022 by itnerd

The NSO Group which is best known for their Pegasus spyware for iOS is in deep trouble thanks to being blacklisted by the US and being sued by Apple among other issues. And that may make it far more dangerous than it already is. I say that because of this Financial Times story which walks through their challenges to meet payroll last November, which lead to their CEO deciding to go down an even darker path than the one that they are already on:

Faced with an imminent cash crunch so severe that Israel’s NSO Group, manufacturer of the cyberweapon Pegasus, could miss its November 2021 payroll, Shalev Hulio had a startling suggestion.

The foul-mouthed CEO told a team representing the company’s majority owners in New York that month: why not start selling again to risky clients?

By “risky” he means selling to countries that don’t have great human rights records. Though, given their past history where they have been caught selling to countries that don’t have great human rights records, this likely means that anyone and everyone can buy Pegasus and they won’t bother hiding it. That way The NSO Group has cash coming in as current they don’t have cash coming in.

Unsurprisingly, those who backed the company reacted with alarm, and this made their CEO come up with a plan b:

In recent months, Hulio has come up with a new plan dubbed the “phoenix plan” by company insiders. The idea is to split NSO’s greatest assets from its greatest liabilities — this meant separating the code behind Pegasus and company engineers who are highly paid graduates of Israel’s elite military intelligence units, from the clients that have drawn the ire of the US and human rights groups.

Hulio and a group of creditors hope that by spinning out a new entity that houses the code and engineers, it can sidestep the commerce department’s blacklist, especially if a new owner were a top US defence contractor.

I’m not sure if any US defence contractor would want to have anything to do with these guys. But I won’t rule it out as I am sure that there are many in the US who would want to use this tech. But it illustrates that Pegasus who I considered to be dangerous already is about to get more dangerous because they are desperate. And that’s bad news for all of us.

Preventing Cybersecurity Incidents Impeded By Inadequate Warnings Of Detected Security Threats: Deepwatch Report

Posted in Commentary with tags on June 1, 2022 by itnerd

From small to medium businesses to large corporate enterprises, organizations must be prepared to respond to disruptive cyber incidents at any given moment. In relation to that, Deepwatch has released a research report examining how equipped organizations can detect such threats and whether they can respond quickly enough to mitigate threats from accomplishing actual harm.

The conclusions of this report unpack the barriers to delivering and enabling quick, decisive, effective responses to detect security threats. Deepwatch analyzed security teams and threat activity across an expanding attack surface to examine these issues. The research explores and answers questions including:

  • Would more accurate alerting increase organizational confidence in implementing automated response actions?
  • Are the majority or minority of security teams across organizations endeavoring to reduce response duration?
  • How do security teams intend to shorten the time to prevent, contain threats, and address related issues today?

You can read the report here: https://deepwatch.com/state-of-the-modern-soc/ 

New Research Indicates That Telegram’s Blogging Platform Exploited in Hijacked Emails Revealing $3M Crypto Scams

Posted in Commentary with tags on June 1, 2022 by itnerd

From the end of 2019 through May 2022, INKY detected 1,429 malicious emails via Telegraph, an API launched by Telegram in 2016 that has been described as an anonymous blogging platform to go along with its popular messaging app. 

Recently, there’s been a massive uptick in the volume of these attacks: 1,288 of these emails were sent in 2022 alone. The payloads included cryptocurrency scams using techniques including brand impersonation, credential harvesting, hijacked accounts, and free website abuse to target Microsoft 365 users. 

The bitcoin address associated with this scam had received several transactions totalling almost three million dollars and the leger at blockchain.com showed that the scam worked several times.

You can view the report here.