Archive for January 27, 2023

FBI Pwns Ransomware Gang… Yes You Read That Right

Posted in Commentary with tags on January 27, 2023 by itnerd

The FBI revealed yesterday that it had shut down the prolific ransomware gang called Hive. To do this, they hacked the hackers. Which I have to admit is a novel approach:

At a news conference, U.S. Attorney General Merrick Garland, FBI Director Christopher Wray, and Deputy U.S. Attorney General Lisa Monaco said government hackers broke into Hive’s network and put the gang under surveillance, surreptitiously stealing the digital keys the group used to unlock victim organizations’ data.

They were then able to alert victims in advance so they could take steps to protect their systems before Hive demanded the payments.

“Using lawful means, we hacked the hackers,” Monaco told reporters. “We turned the tables on Hive.”

News of the takedown first leaked on Thursday morning when Hive’s website was replaced with a flashing message that said: “The Federal Bureau of Investigation seized this site as part of coordinated law enforcement action taken against Hive Ransomware.”

That is impressive. But I should point something out. There were no arrests. So the gang is still out there, and they perhaps they may be rebuilding to launch new attacks. Or they could be scared and not surface again. We’ll have to see.

UPDATE: Brian Johnson, Chief Security Officer of Armorblox had this to say:

This action from the US agencies is definitely a step in the right direction. Specifically looking at attack vectors like ransomware and credential phishing across our 58,000+ tenants, we see a concentration into a few different threat actors at the top – including Hive – so taking them out will have a large impact on the number of attacks that organizations would see. 

At the same time, precisely because of regulatory and law enforcement actions, we are seeing threat actors moving away from ransomware and crypto based attacks to easier attack methods to compromise organizations and steal money or credentials. In the past two years, the two most common cyber insurance claims have been business email compromise and vendor fraud, not ransomware. The arrival of chatGPT is showing attackers the art of the possible when it comes to using language models to create more realistic and successful phishing and business compromise attacks, and in response organizations will need to do the same to defend themselves against the next wave of attacks.

Leave a comment »

How To Make Your Apple Watch Ultra More “Ultra” (Also Applies To Other Apple Watch Models)

Posted in Products with tags on January 27, 2023 by itnerd

When the Apple Watch Ultra first popped up, people naturally compared it to Garmin sports watches and pointed out the shortcomings that the Apple Watch Ultra had. These shortcomings were:

  • No offline maps for the Apple Watch Workout app
  • No recovery and training advice

Now to be fair, these were shortcomings that the Apple Watch have always had. But they were magnified because of how the Apple Watch Ultra was marketed. Which was directly against established sport watches that had these features baked into their offerings. The good news is that you can easily add these features to not only your Apple Watch Ultra, but any Apple Watch actually to make either more “Ultra”. Let’s start with recovery advice as that is important to the Apple Watch Ultra’s target market.

For recovery and training advice, I have been using an app called Athlytic for the last couple of years on both my iPhone and Apple Watch. I’m going to use their definition of what their app does a great job of encapsulating it:

Athlytic is an app that works with both the iPhone and the Apple Watch to leverage the data in Apple Health, giving you daily, personalized insights into and coaching about your health and daily training.

More specifically, Athlytic uses the health data, collected by your Apple Watch, to help you gauge three things for the current day: how ready your body is to perform, how much cardiovascular exertion you should aim to put on your body, and how much cumulative cardiovascular exertion you’ve put on your body.

Athlytic generates three primary metrics: a Recovery score, a Target Exertion Zone, and an Exertion score.

So in short, it helps me to figure out how hard I can or more accurately should push myself when I work out or take it easy. Which in case you are wondering, I do a workout every day either on the bike outdoors, on the bike indoors via the Zwift platform, cross country skiing in the winter, and some other stuff like hiking and walking.

Let me walk you through how I use it.

When I wake up in the morning and open Athlytic, the recovery screen is the first place I go to. I’ve really been doing some hard workouts lately on Zwift, and it shows that over the last week that my body really isn’t recovering form the efforts that I have put in over the last few days. So based on this, I should be doing less intense workouts to get my body to fully recover. Athlytic goes deep into the weeds to help you understand how these numbers are calculated which you can read here. But the main metric that works into this recovery score is HRV or heart rate variability which Athlytic defines as follows:

The next screen that I go to is the sleep screen to see how well (or not so well) I slept the previous night. On this night, I had decent sleep as it was north of 7.5 hours.

I also pay attention to my sleep debt, which is a way of illustrating if you are consistently getting 7.5 or more hours of sleep consistently, which in turn pays off in terms of better recovery scores. I also pay attention to my sleep time consistency. Which is another way of illustrating if my bedtime is the same every night which helps me get a better nights sleep. Both of these are in a very good place at the moment.

I also tag what happened the day before. For example, the day before I had two cups of coffee in the morning. I do this because Athlytic can start trending recovery relative to different things that happen. Thus I can see what positively or negatively affects my recovery.

Athlytic measures a number of metrics via your Apple Watch, and presents them in this summary page. If anything is out of line, you’ll get an alert, as having any of these out of line may be in indication of fatigue or sickness.

The final screen that I look at is the trends screen which has my exertion or how hard I worked out in blue, and the recovery in grey. This illustrates that earlier this week, I was working out way harder than I should have and I am now paying for it later in the week as the blue line was way above the grey line. I got that under control later in the week. But by then my body was clearly fatigued. Thus something that I need to focus on is bringing those lines closer together as I am going to get more fitness gains by not over training.

So with that out of the way, my wife and I planned to go cross country skiing and given this recovery level, we planned to do two laps of a loop that was just over 5K. I would do the second lap by myself at my typical pace which is way faster than what my wife can do. That’s where another app called WorkOutDoors comes in:

The Apple Watch Workout app is really inadequate. It doesn’t have anywhere the level of customization that any dedicated sports watch such as a Garmin watch has. It also doesn’t support the paring of sensors like power meters on bikes for example. And more importantly, it doesn’t support offline maps which a lot of endurance athletes rely upon. WorkOutDoors solves all of that and really leverages the big screen of the Apple Watch Ultra as seen here. I can use the iPhone app to create custom screens like this one to display the information that I need to see, as well as download routes in .gpx file format to allow me to follow a route. Including in situations where I do not have cellular service which is something that the baked in Workout app cannot do. I will admit that when you first look at this app to try and customize your screens, it can be intimidating. But I encourage you to experiment with different views and try them out to see if you like them or not as it really isn’t that intimidating. One big plus of WorkOutDoors is that I can have it upload directly to the sports social networking site Strava because if your workout is not posted to Strava, it didn’t happen as far as your friends are concerned. WorkOutDoors has mostly replaced the Workout app on my Apple Watch Ultra as it is simply far more usable and functional with the exception of one thing. WorkOutDoors really needs to leverage the always on display as it doesn’t offer “live” views even when the screen is dimmed. If they fixed that, this app would be perfect.

So, after my wife and I did our laps of the route that we planned, I can go back to Althyltic and see how hard I worked.

This is the second lap of the just over 5K route that I spoke of earlier where I was pushing myself a bit harder. Athlytic can display the heart rate of my cross country ski run and then go into the weeds about what this means.

In this case, it showed me that while I was working hard, but not insanely hard. Most of my heart rate was in zone four which is good for building my VO2 Max capacity. I also note that this workout was scored as a 4.01 in terms of effort. Combined with my first run which was much easier, I got an exertion score of 5.9 which was well within my exertion range of 4.5 to 6.5 that I was aiming for. It also shows how intense the workout was. Because you can do a workout and think “wow that was hard” and it actually wasn’t. In this case, it validates that I was working hard but not going over the top.

In fact, Athlytic says so as 76% of this lap was anaerobic. This is the sort of workout that will help my cycling when the road season starts up again.

For me, the combination of these apps allows me to really focus on how I train, how I recover, as well as seeing the real time metrics that I need to work out effectively. And both have resulted in a significant gain in fitness for yours truly. Thus I consider these apps to be a must if you’re serious about using the Apple Watch to up your fitness game. Athlytic is a subscription app which costs $30.99 CDN a year. WorkOutDoors however is a one time payment app which is $8.49 CDN. However both support Family Sharing so others in your family who want to up their fitness game can do so easily and for one fee for up to six people. If you want to make your Apple Watch more “Ultra” regardless of whether you have an Apple Watch Ultra or some other Apple Watch so that you can really improve your fitness, and make up for the lack of this functionality from Apple, you should have a serious look at both of these apps.

Leave a comment »

Guest Post: Efficiency and visibility with the benefit of SAP monitoring

Posted in Commentary on January 27, 2023 by itnerd

By Gregg Ostrowski, Executive CTO, Cisco AppDynamics

Today, SAP is a vital part of business operations, giving enterprise companies the ability to deliver goods and services to customers around the world. From frontend to backend, several business applications depend completely on SAP to run their most critical business operations.

As IT environments become more complex and dynamic, IT teams are finding it increasingly challenging to manage the availability and performance of both SAP and non-SAP applications. Partial visibility into SAP environments and their dependencies on third-party applications can become enormous obstacles to effective problem resolution and mean time to resolution (MTTR), leading to repeated outages and multiple revenue losses.

Organizations must therefore reevaluate how they approach monitoring their SAP environments, strengthening their monitoring strategies to optimize application availability and performance, and observing the status of key business transactions live and in real time.

SAP monitoring challenges

The majority of organizations still deploy a multitude of tools to monitor dependent systems, or they have a siloed tool monitoring SAP, completely independent from the rest of their IT stack. A fragmented approach like this means they cannot see the full end-to-end flow and correlate business performance with their SAP landscape.

This requires many companies to continue to manually correlate SAP performance data with business events on an ad hoc basis or do so after business problems occur. They waste a lot of time trying to troubleshoot problems by having to manually review all the records, which adds to the MTTR, as dynamic environments create a wave of additional data, and this approach will not scale.

In fact, even if companies have the option to measure performance and monitor it in this way, it will only allow them to cope with problems. They cannot prioritize the most important business operations because they cannot establish which are the most direct customer and business-facing issues. Therefore, IT teams are exposed to just putting out fires, wasting valuable time and resources to focus on strategic priorities.

The importance of visibility in the IT environment

Without question, businesses need a single source of truth about their SAP environments and how they are driving company-wide performance.

The above means that it is necessary to ensure they have deep, end-to-end visibility to get a comprehensive view of their entire IT landscape. With this information, technologists are available to see and understand upstream service dependencies – as well as user experience – within SAP.

IT teams need a solution that can understand exclusive advanced business application programming code issues at a microscopic level so that developers can easily pinpoint the root cause of application performance issues. This level of visibility creates more stability within the application environment, enhancing technologists’ ability to respond reliably to IT, business outcomes, and customer expectations.

It is important for organizations to move on from piecemeal and heavily manual methods of monitoring SAP and non-SAP apps. Trying to recreate issues is not always possible. This approach is too time-consuming and increases the risk of ongoing performance problems that can affect end users and corrupt the bottom line.

Technologists can make use of dynamic baseline capabilities to bypass having to manually update static thresholds as priorities change and environments grow. To avoid infinite alert storms, enterprises could leverage artificial intelligence (AI) and machine learning (ML) to proactively assess the status of transactions, as well as address issues that may arise.

Through this proactive functionality, organizations can adjust their resource investment based on scenarios specific to their business and potentially affecting performance, such as high traffic volumes due to holiday shopping or other seasonal events, month-end closing, and product launches, among other business activities.

This is especially relevant when organizations take advantage of cloud-native solutions. It provides real-time performance metrics, helping technologists report issues as they identify bottlenecks to focus on innovation processes that can drive organizational growth. 

Leave a comment »

Report: Commvault Leads the Industry in Kubernetes Data Protection for Third Consecutive Year

Posted in Commentary with tags on January 27, 2023 by itnerd

Commvault, a global enterprise leader in intelligent data services across on-premises, cloud, and SaaS environments, today announced that leading industry research firm GigaOm has named Commvault a “Leader” and “Outperformer” in the new GigaOm Radar for Kubernetes Data Protection for the third year running.

Commvault was evaluated along with 14 other vendors based on execution, roadmap and ability to innovate. According to GigaOm, Commvault is “doing very well by combining solutions for SaaS applications, on-premises (VM-based) infrastructure, containers, and databases efficiently.” Commvault provides Kubernetes data protection through its Commvault Complete™ Data Protection software and Metallic Data Management as a Service (DMaaS) solutions, giving customers the flexibility to choose their preferred storage vendor through their extensive ecosystem.

Kubernetes and containers have not (yet) replaced all cloud and traditional applications – they have integrated into the application landscape and need to be protected accordingly. Over the last year, Commvault has significantly advanced its protection for Kubernetes workloads by integrating, fully automated management, replication, migration, and security enhancements across its portfolio of Intelligent Data Services. According to the GigaOm Radar for Kubernetes Data Protection, Commvault provides effective protection for “hybrid applications that run across Kubernetes, VMs, and cloud services, consolidating backup operations on a single platform.”

To learn more about how Commvault and our Metallic SaaS portfolio ranked in the GigaOm Radar for Kubernetes Data Protection, view the report here.

Leave a comment »