Archive for June 6, 2022

Social Media Ranks #1 As Parents’ Main Safety Concern: SafeHome.org

Posted in Commentary with tags on June 6, 2022 by itnerd

According to SafeHome.org’s Parenting In America Report – which examines safety concerns and parenting decisions – parents are more worried about their child’s digital safety rather than their physical safety. This is because of increased online safety risks which include: child predator encounters, cyberbullying and exposure to inappropriate content. 

Take a look at what concerns parents most: 

  1. Internet/Social Media (70%) 
  2. Safe sex (teens only) (62%) 
  3. Body autonomy (61%)
  4. Car safety (60%) 
  5. Bullying (59%)

Although there are different parenting styles, the average American parent simply wants to do what is best for their child’s physical and emotional well-being. But where do you start and how do you know what to do to protect your children? SafeHome.org shares the below tips: 

  • Set up parental controls: Use online security tools and features that will offer protection and control of your child’s online activities. 
  • Talk to your children about their online activity: Talk to your child about what you think is appropriate, and ask them what sites they visit or apps they use and look at them together. 
  • Protect their privacy: Make sure they are aware of the risk of personal information or images being made public once they post it. 
  • Keep track of online time and device visibility: Monitor your child’s screen time and make sure that their device is in a central area of the home.

For the complete ranking of parental concerns — and additional details about parenting in America in your state or city — please see the link below: 

Lockbit Ransomware Group Claims To Have Pwned Mandiant

Posted in Commentary on June 6, 2022 by itnerd

This could be interesting if this is true. The Lockbit ransomware group claims to have pwned the market leader in threat intelligence and expertise when it comes to cybersecurity, Mandiant. The news appeared via a Tweet:

Now I don’t know if this is true or not. But it will become clear in the coming days. And if it is true, it will be very embarrassing for Mandiant. And it will send shockwaves through companies that are in Mandiant space.

Chris Olson, CEO of The Media Trust had this to say:

“With Mandiant claiming “we do not have any evidence” to support LockBit’s claim, this is a developing story which we should take with a grain of salt. In the past, LockBit has posted names on its website only to drop them without explanation – it has also stolen data from organizations through a third-party vendor while falsely claiming to have breached its victims directly. Until more information emerges, the Mandiant story may go in either of those directions.

LockBit acts on a ransomware-as-a-service (RaaS) model, meaning the actors who may have initiated this breach cannot be directly identified. This could be a useful tactic for the enemies Mandiant has acquired since it first began operating at the frontlines of global cyberwarfare. In 2013, it implicated Chinese actors in cyber espionage – in 2020, it helped investigate Russian groups responsible for the SolarWinds hack. More recently, it has been tracking the Russia-based cybercriminal group ‘Evil Corp’, which has begun working with LockBit to evade U.S sanctions.

For now, we don’t know if LockBit’s claims are true. But if they are, they could have serious implications for cybersecurity research firms who are increasingly ending up in the crosshairs of global cyber actors.”

I would stay tuned to this space as this will become a real story in the next day or so. Or it may just go away. We’ll have to see which way this goes.

Neosec Introduces Threat Hunting Service For Detecting And Investigating API Abuse And Vulnerabilities

Posted in Commentary with tags on June 6, 2022 by itnerd

Neosec, the pioneer in discovering and identifying API threats using behavioral analytics, today announced the availability of ShadowHunt, an expert-staffed managed threat hunting service to augment its platform with human oversight from active threat hunters to identify the most clandestine and obfuscated API abuse. Borrowing from threat hunting capabilities in EDR and XDR, Neosec brings similar techniques to API security. ShadowHunt gives security teams peace of mind that API security experts are examining abnormal behavior on their API estate.

Combining the ShadowHunt service with the Neosec cloud-based platform enables organizations to manage the increasing risk to core business systems, assets and data from manipulation, theft or misuse. The service is ideal for companies where security teams are short-staffed or lack the expertise needed to identify threats in business API traffic, because APIs are increasingly used to connect important business systems to customers, suppliers, and partners.

Rather than focusing only on vulnerabilities within APIs, the Neosec platform addresses the problem by first automatically and continually identifying all APIs a company has in use, evaluating their risk posture and monitoring user behavioral anomalies that could involve data theft or other misuse. Most companies lack a complete API  inventory, let alone understand the nature of normal API usage. Few have the ability to monitor their APIs to mitigate loss or detect abuse of business processes, financial assets and data within their APIs. Now, the ShadowHunt service can augment use of the Neosec platform with a team of experts to respond to findings quickly, investigate potential threats and recommend immediate remediation and actions.

Besides the incidents and alerts provided by the dedicated expert team of threat hunters, the ShadowHunt service also includes a monthly report to summarize findings and investigations performed by the team, news of emerging API threats discovered by Neosec across many different companies and notable changes in the use and operation of APIs currently employed by a company. The service also includes full “Ask the Experts” access to the team of threat hunters.

The ShadowHunt service and the Neosec platform together provide an effective way to quickly incorporate full monitoring and investigation of anomalous business API usage without impacting existing security operations and team workload. The combination can add protection against vulnerability exploits and API business abuse quickly and transparently. 

For more information, you can view this datasheet: ShadowHunt Managed Threat Hunting

Linktree Transforms Its Brand To Evolve Beyond The ‘Link In Bio’ Category It Created

Posted in Commentary with tags on June 6, 2022 by itnerd

Linktree, the ‘link in bio’ category leader, is today announcing its new brand vision to cement the ownership of the link-in-bio category it originated and its position as the leading innovator in its progression. This announcement marks Linktree’s evolution from being seen as just a ‘link in bio’ tool to being a brand that encourages self-expression, discovery, connection and community. The new brand identity speaks to Linktree’s ambition of empowering 25m unique users across the globe to tell their stories better by celebrating the many facets of any one person’s digital universe – a platform where anyone can truly link, and transport visitors, to everything they are.

Designed in partnership with COLLINS – the independent strategy and design company responsible for the branding of Twitch, Spotify and Robinhood – the work includes a new visual identity system and brand language that puts creators at the forefront. There are four major components to the new brand including:

  • The animated silhouette treatment implies a window into the user’s digital universe – bringing creators to life by inviting an opportunity to explore the depths of the links further.
  • Linktree’s new custom typeface – Link Sans, a global-first typeface was designed to allow for optimal accessibility across languages, existing alongside other scripts with minimal interference, again prioritizing connectivity.
  • Linktree’s new colour palette is vibrant, expressive and is grounded by Linktree’s quintessential Canopy green.
  • Linktree’s new logo leverages the metaphor of a sheltering tree – providing stability and nourishment to its users so that they can set new goals, harness their power and grow what matters most.

With a maximalist visual language and colour palette, the new brand expression prioritizes global accessibility and deepening connection – something which is critical with 1.2bn monthly views of Linktrees worldwide.

The transformation follows the culmination of years of work in providing an unparalleled product offering for creators, as Linktree looks to create a space within its brand which is re-imagining the link-in-bio category. Following Linktree’s recent $110m USD raise, the business has focused on introducing new revenue streams and creating additional value for creators and brands, including the launch of the new Web3 platform features.

Linkree’s new brand champions the business transition from a ‘link-in-bio’ tool to a platform which fuels engagement and community across the digital universe. With a whole suite of new tools and features set to be released to the market over the coming months, Linktree’s brand transformation embodies new capabilities for anyone to ‘link everything they are’. This includes innovative new ways to share content, build deeper connections with audiences and monetize passions.

About Linktree

Linktree enables creators, brands, artists, publishers, agencies, and businesses of all sizes to curate an online ecosystem, engage with their audience and monetize their passion. Linktree is among the top 300 most popular website destinations globally, with 1.2 billion unique visitors a month.

In 2021 alone, Linktree enabled over 1 million artists to generate 90 million visits to streaming providers – twice as many artists and three times as many clicks as in the year prior. The platform is utilized by more than 24 million creators, artists, and brands globally including TikTok, Selena Gomez, Noah Beck, Bella Poarch, Red Bull, Shawn Mendes, the Los Angeles Clippers, Comedy Central, Dwayne ‘The Rock’ Johnson, and HBO.

About COLLINS

COLLINS is an independent strategy and brand experience design company in San Francisco and New York City. They’ve been named Design Company of the Year three years in a row by AdAge and include Twitch, Spotify, Disney, Nike and Sweetgreen among their clients.

COLLINS helps businesses at critical inflection points define, design and move into their future.

Musk Threatens To Walk Away From Twitter Deal And Appears To Be Engineering A Situation Where It Doesn’t Cost Him A Dime To Do So

Posted in Commentary with tags on June 6, 2022 by itnerd

You might recall that Elon Musk’s attempt to buy Twitter hit a snag of sorts when he questioned the amount of bots on the the platform. Which tied into suggestions that Musk was looking for an off ramp from the deal. Today we have more evidence that he might be looking for that off ramp. Yahoo Finance is reporting this:

In an SEC filing released Monday morning, Musk’s counsel said Twitter has not coughed up adequate data on the company’s users, committing a “clear material breach” of the company’s obligations as part of its merger agreement.

“Based on Twitter’s behavior to date, and the company’s latest correspondence in particular, Mr. Musk believes the company is actively resisting and thwarting his information rights (and the company’s corresponding obligations) under the merger agreement,” the letter reads. “This is a clear material breach of Twitter’s obligations under the merger agreement and Mr. Musk reserves all rights resulting therefrom, including his right not to consummate the transaction and his right to terminate the merger agreement.”

If he does terminate the agreement, that will cost him a billion dollars US. Which he likely doesn’t care about. But, if he is able to argue that there has been a material breach, he doesn’t have to pay a dime. Which suggests to me that he was never serious about buying Twitter, and that he’s trying to pull the plug on this and walk away from this without spending a dime. This truly isn’t a surprise to me. I fully expected this sort of chaos the second Musk suggested that he was going to buy Twitter. Which is why the company is better off without him and his sideshow. Though I will also admit that he might get his act together and get serious about this. We’ll have to see which side of the fence that this lands on.

Silverfort Named “Most Innovative Identity Protection”

Posted in Commentary with tags on June 6, 2022 by itnerd

Silverfort, provider of the world’s first Unified Identity Threat Protection platform, is proud to announce that they have won the following award from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine:

  • Most Innovative Identity Protection

As the identity threat landscape has evolved and shifted, Silverfort has increased innovation and maximized on partnerships to provide the first Unified Identity Threat Protection platform. Silverfort’s Identity Threat Detection and Response (ITDR) and Identity Threat Prevention (ITP) capabilities deliver a unique, unified layer to Identity and Access Management (IAM). While many security innovations seek to cover the entire threat landscape singularly, Silverfort continues to address the threat landscape in a holistic way by providing an additional layer of protection to a customer’s existing security infrastructure, without requiring modifications to a customer’s endpoints, servers or applications. 

More information can be found at www.silverfort.com 

BlackFog May Global Ransomware Report Shows How Much Of A Threat Ransomware Truly Is

Posted in Commentary with tags on June 6, 2022 by itnerd

BlackFog today released the May Global Ransomware Report. Key takeaways from this report include:

  1. They saw the largest number of ransomware attacks in May over the last 3 years which saw an 18% increase over 2021 and 24% over 2020.
  2. They continue to see an increase in the percentage of attacks using data exfiltration, which now comprises 86% of all attacks.
  3. Technology, Education and Government continue to be the most attacked sectors with increases of 24%, 62% and 43% respectively.

This shows that Ransomware is on the rise and enterprises need to do everything possible to protect themselves.

The full report is available here: https://privacy.blackfog.com/wp-content/uploads/2022/06/BlackFogRansomwareReport-May-2022.pdf