Archive for June 1, 2023

« Older Entries

Mária Trnková named Chief Marketing Officer Of ESET

Posted in Commentary with tags on June 1, 2023 by itnerd

 ESET, a global leader in cybersecurity, is proud to announce the establishment of its new Marketing, Communication, and Digital Business division, appointing Mária Trnková as Chief Marketing Officer. This strategic move, effective June 1, 2023, reflects ESET’s commitment to innovation, enhancing partner and customer experiences, and strengthening its brand presence in the market.

Mária Trnková, previously Vice President for the Consumer and IoT Segment at ESET, brings on board experience with the creation and implementation of an effective data-driven strategy. Mária started her career at ESET in the autumn of 2016. Her journey began as the EMEA Territory Marketing Manager, where she collaborated closely with regional teams to shape effective marketing strategies. During her six-year tenure, Mária showcased exceptional leadership skills, progressively taking on more responsibility and driving impactful results. When she stepped into the position of Segment VP in October 2019, she moved into a role with interfaces across the entire organization. She also worked closely with the company´s management to ensure Consumer and IoT segment strategy definition and effective implementation.

In her new role as Chief Marketing Officer, Mária will spearhead the newly formed Marketing, Communication, and Digital Business division. This strategic division will enhance ESET’s marketing support across segments, fortify its brand position, and foster innovation through closer collaboration with technology and Environmental, Social, and Governance (ESG) teams. The key enabler for successful marketing implementation will be close cooperation with regional and local branches, ensuring delivery of the utmost value to customers.

Leave a comment »

Spyboy promotes “Terminator” Antivirus Killer

Posted in Commentary with tags on June 1, 2023 by itnerd

Yesterday, CrowdStrike posted that bad actor Spyboy is promoting a $3000, all-in-one tool called “Terminator” that can allegedly bypass 24 antivirus, XDR, and EDR platform, including Windows Defender, on devices running Windows 7 and later, but in reality it’s just a fancy Bring Your Own Vulnerable Driver (BYOVD) attack.  

To use Terminator, one must have administrative privileges on the targeted systems and have tricked the user into accepting a User Account Controls pop-up that will be displayed when running the tool. 

However, researchers discovered that Terminator just drops the legitimate, signed Zemana anti-malware kernel driver into the C:\Windows\System32\ folder, and then loads it to use its kernel-level privileges to kill off the user-mode processes of AV and EDR software running on the device. 

​Currently, according to a VirusTotal scan this driver is only being detected by a single anti-malware scanning engine as a vulnerable driver. 

Roy Akerman, Co-Founder & CEO, Rezonate has this comment:

   “This claim made by Spyboy created anticipation and anxiety among cyber defense teams for the past week, as tampering with security controls may leave organizations vulnerable and unaware assuming protection is in place and active. Organizations who use an EDR solution that only has usermode agent need to take further actions to avoid any exploitation and elimination of that agent. If kernel mode agent is available, a check to make sure configuration is properly listed is a priority.”

If this claim is true, this is going to make a lot of lives miserable. Hopefully the fact that CrowdStrike got this info out there quickly will help to mitigate this threat.

Leave a comment »

Horizon3.ai and Autonomos.ai Partner Up

Posted in Commentary with tags , on June 1, 2023 by itnerd

Autonomos.ai has joined forces with Horizon3.ai, a U.S.-based cybersecurity firm, as a fully licensed and Certified Partner to introduce advanced cybersecurity services to the African continent. This partnership aims to provide enterprises, governments, and NGOs with a comprehensive and proactive defense against cyber threats.

Autonomos.ai is on a mission to empower organizations by assisting them in assessing their network infrastructures to find, fix, and verify that attack vectors are remediated before malicious actors can exploit them. Horizon3.ai’s flagship product, NodeZero™, is an AI-driven penetration testing solution that revolutionizes the cybersecurity landscape. Using NodeZero, Autonomos.ai delivers the most advanced and continuous exploitable vulnerability detection solution available, ensuring a safe and seamless experience for users in their production environments without the need for persistent or credentialed agents.

NodeZero enables enterprises to view their systems through the eyes of an attacker, identifying ineffective security controls and prioritizing the resolution of critical issues. The solution goes beyond compliance checkboxes, offering effective security measures to enhance overall cyber resilience.

About Autonomos.ai

Our mission is to provide continuous and proactive protection for our clients’ data and assets. We firmly believe in a proactive approach to cybersecurity; shifting from reactive measures to actively identifying and addressing attack vectors before criminals can exploit them allows us to be far ahead of the curve in providing effective cybersecurity.

Being a licensed partner of Horizon3.ai, Autonomos.ai provides their clients with continuous proactive cybersecurity-as-a-service, delivering constant and unlimited evaluation of their systems to immediately identify ineffective or exploitable security controls. These services measurably reduce risk of breach and other negative outcomes from targeted cyber-attacks.

About Horizon3.ai

Horizon3.ai was founded in 2019 by former industry and U.S. National Security veterans with the mission to help organizations to see their networks through the eyes of the attacker and proactively fix problems that truly matter, improve the effectiveness of their security initiatives, and ensure organizations are prepared to respond to real attacks.

Leave a comment »

Toyota Suffers Data Breach… This Is Not Good For Them

Posted in Commentary with tags , on June 1, 2023 by itnerd

Toyota who is one of the biggest carmakers on planet Earth, has admitted to a major data breach:

On May 12, Toyota Motor Corporation (TMC) announced “Apology and Notice Concerning Potential Data Leakage of of Customer Information Due to Misconfiguration of Cloud Environment (Japanese only)” Subsequently, we conducted an investigation for all cloud environments managed by TOYOTA Connected Corporation (TC). It was further discovered that a part of the data containing customer information had been potentially accessible externally. We would like to inform you of the incident that has been identified as of today.

As we believe that this incident also was caused by insufficient dissemination and enforcement of data handling rules, since our last announcement, we have implemented a system to monitor cloud configurations. Currently, the system is in operation to check the settings of all cloud environments and to monitor the settings on an ongoing basis. In addition, we will work closely again with TC to explain and thoroughly enforce the rules for data handling. We will also work to prevent a recurrence by thoroughly educating our employees once again. We sincerely apologize to our customers and all relevant parties for any concern and inconvenience this may have caused.

We have also investigated whether, with this incident, there was any secondary use or if third-party copies remain on the Internet, and no evidence of such has been found. At present, we have not confirmed any secondary damage. (Vehicle location, credit card information, etc., are not included in this incident)

This does not look good for Toyota. Ani Chaudhuri, CEO, Dasera had this to say:

The recent discovery of misconfigured cloud services within Toyota Motor Corp., leading to a significant data breach, is a stark reminder of the inherent risks of storing customer information on the cloud. The breach affected 260,000 Toyota car owners over seven years, exposing personal information such as their car’s internet services usage, location, entertainment preferences, and potentially other personal details.

This incident, occurring just two weeks after the exposure of data of 2.15 million customers due to another misconfigured cloud bucket, underscores the urgency and necessity for meticulous data governance and stringent cybersecurity protocols. The age of digitization carries both promise and peril, and it is incumbent upon organizations to secure their digital assets effectively and efficiently.

This unfortunate event raises important questions: Why was the misconfiguration not detected for such a long time? Could a proactive and automated monitoring system for data security have mitigated this incident? This illustrates the importance of diligent data governance practices, which include timely detection, alerts, and remediation of such vulnerabilities.

While it is crucial to leverage cloud technologies for business growth, it is equally critical to ensure the robustness of their security posture. It should be noted that handling sensitive customer data is not just a technical issue; it is a matter of trust. Every breach erodes that trust, and rebuilding it can be a Herculean task.

As we venture further into the digital age, companies need to view data security not as an afterthought, but as an integral part of their business strategy. Organizations must take a proactive approach, conducting regular audits, risk assessments, and training programs to safeguard their customer data. It is a daunting challenge, no doubt, but one that cannot be avoided in today’s interconnected world.

The Toyota breaches are a wake-up call to every organization handling sensitive data: Ensure your cloud configurations are secure, and protect your customers’ data as if it were your own.

This is a wake up call. Organizations can’t do a less than stellar job in terms making sure that data is protected. Because if they do, they will make headlines like this.

Leave a comment »

#PSA: If You Have An ASUS ZenWiFi XT8, Do NOT Upgrade To Firmware Version 3.0.0.4.388.23285

Posted in Commentary with tags on June 1, 2023 by itnerd

It seems that firmware version 3.0.0.4.388.23285 for the ASUS ZenWiFi XT8 is a must pass. I say that because when I tried to update to it the following happened:

  • My Wife’s work supplied SIP phone stopped working.
  • HomeKit broke in spectacular fashion
  • VPNs would not work
  • Surfing the web was difficult do to the slow speed.
  • It seem to have issue with Bell and the Advanced DMZ method of bypassing their hardware.

Clearly there’s an issue with this firmware as rolling back to 3.0.0.4.388.23012 allowed me to get things back online. Though I will admit that I had to do two factory resets to make that happen. This reminds me of the last time that I had to put out a PSA about ASUS firmware which was this instance a few months ago.

Until ASUS formally addresses this, your best bet is to stay on firmware 3.0.0.4.388.23012. If you have already upgraded to 3.0.0.4.388.23285, then your best bet is to do the following: 

  • Backup the configuration using these instructions
  • Download and install firmware 3.0.0.4.388.23012 using method 2 from these instructions
  • After updating do a factory reset of the router using these instructions
  • Using a computer and a web browser, connect to the router and using the advanced options, upload the backup of the configuration that you saved in the first step. 

The reason why I recommend going this route is that for whatever reason, ASUS routers do not cleanly update the firmware. And that leads to all sorts of weird issues that are hard to track down.

I truly wish ASUS could consistently come out with firmware updates that improve the user experience rather than frustrate users. But until that day comes, if it ever does, your best bet might be to pick a firmware that you know to be stable, and stick to it until there is clear evidence that any newer firmware won’t break your setup.

3 Comments »

Guest Post: People spend around 876 hours per year on social media

Posted in Commentary with tags on June 1, 2023 by itnerd

Ever found yourself endlessly scrolling through Instagram, refreshing your Twitter feed, or getting lost in the latest Facebook updates? 

According to the data presented by the Atlas VPN team, an average internet user now spends 144 minutes (2 hours and 24 minutes) on social media. 

This translates to an astonishing 876 hours or approximately 36.5 days per year. 

These figures are derived from data provided by DataReportal. The data is based on a survey with internet users aged 16 to 64 about their social media usage habits. 

Emerging markets exhibit longer social media use. Despite only 14.3% of Nigeria‘s population being active social media users, individuals in the country devote an average of 238 minutes (equivalent to 3 hours and 58 minutes) of their daily time to social media, surpassing users in other countries examined in the study. Internet users in Ghana are not far behind, with 235 minutes (3 hours and 55 minutes) of daily social media usage. 

Brazil occupies the third spot on the list. People there spend 224 minutes (3 hours and 44 minutes) on social media daily. However, the country ranks number one in the number of social media platforms used each month, with the country’s internet users actively engaging with 8.1 social networks monthly.

Meanwhile, people in the US spend 135 minutes (2 hours 15 minutes) connected to social media daily. 

In contrast, people in Japan allocate only 50 minutes of their daily time to social media — the least of all surveyed countries. Neighbors in South Korea are also not keen on spending time on social media, with 66 minutes (1 hour and 6 minutes) devoted to it on a daily basis. Both countries also rank in the bottom five based on the overall time spent on the internet. The internet usage trends in Japan and South Korea could be influenced by its aging population.

The primary purpose for most individuals using social media is to keep in touch with friends and family, with almost half (48.2%) considering it their main activity.

Another significant motive for social media usage is to fill spare time, with 36.8% of people indicating it as a reason. Meanwhile, 34.5% employ social media platforms to stay updated on news stories.

To read the full article, head over to: https://atlasvpn.com/blog/time-people-spend-on-social-media

Leave a comment »

Guest Post: Unlocking Talent Potential: How Digital Experience Drives Employers’ Recruitment Efforts

Posted in Commentary with tags on June 1, 2023 by itnerd

By Joe Byrne, CTO Advisor, Cisco AppDynamics

In today’s business landscape, the scarcity of top-tier talent has become a prominent barrier for organizations across different industries. This scarcity significantly hinders their ability to scale operations, launch new initiatives, and stay competitive. As a result, addressing this talent shortage has become an increasingly important priority for governments and business leaders alike.

In the race to secure a position within limited talent pools, organizations are actively striving to showcase an elevated level of employee experience to prospective hires including competitive benefits, well-being initiatives, flexible work arrangements, as well as ample training and career development opportunities. They also have to demonstrate how their organizational values and purpose align with an employee’s own drive and priorities.

However, it’s vital to recognize technology – particularly applications and digital services – now sit at the heart of the recruitment process.Global research by Cisco AppDynamics finds that the average person now uses a total of six applications or digital services when looking for or applying for a new job – and this increases to eight in the U.S. and nine in India.

Today’s job seekers use a wide range of different digital services – including jobs sites, social media, employer websites and employer review sites. With many individuals actively engaging with these services on a daily basis, HR leaders must prioritize optimizing their applications and digital offerings to effectively attract talent. This includes ensuring optimal performance of career pages on their websites, as well as emails and messaging services for candidates. Otherwise, they risk annoying and alienating potential hires.

Jobseekers Demand Seamless Digital Experiences: The Price of Poor Employer Engagement

With people now entirely reliant on digital services to find, research, and apply for new jobs, their expectations for these services have reached unprecedented heights. 97 per cent of jobseekers state it is important the applications they use to find and apply for jobs provide a fast and seamless experience, without any delays or disruption. Additionally, 64 per cent claim that if these applications fail to perform, it puts them off working for the potential employer.

For employers, this is a clear message. message – Iftheir recruitment-focused applications and digital services suffer from disruption or downtime, they are jeopardizing their chances of attracting almost two-thirds of potential new hires.

Individuals now seek an equivalent digital experience from their employer or prospective employer, mirroring the standards they encounter in other aspects of their lives. When searching for and applying for a new job, they anticipate a comparable level of experience to that of streaming movies and music, ordering groceries, or connecting with friends online. HR leaders need to recognize that people are no longer willing to accept second rate digital experiences just because applications and digital services are work-related. They also need to be aware that people’s reactions when they encounter poorly performing applications are now incredibly strong. 73 per cent of people admit that they would feel anxious and angry if the applications they were using to find and apply for a new job didn’t perform properly.

Maximizing application performance: Employers’ winning strategy in the war for talent

The message from job seekers to potential employers is clear – they simply won’t put up with disruption or downtime when using jobs-related digital services. In fact, more than half claim that employers have only one shot to impress them with their digital services. There are no second chances.

This is why it’s so essential for HR leaders to work with their IT departments to ensure that they are providing potential hires with fast and seamless experiences at every stage of the recruitment process.

Currently, many organizations are struggling to manage application availability and performance within multi-cloud and hybrid environments. Technologists don’t have the unified visibility they need to get a clear line of sight on applications running across on-premises and cloud native environments and this makes it extremely difficult for them to identify and troubleshoot issues before they impact end users – whether that be customers, current employees or potential new recruits.

To mitigate this risk, organizations need to implement an observability solution which spans across both cloud native and on-premises environments and allows technologists to monitor the health of key business transactions distributed across their entire technology landscape. With real-time insights from the business transaction’s telemetry data, technologists can swiftly understand the root cause of issues and expedite resolution, so that applications are operating at peak performance at all times.

Significantly, the research shows that employers that can deliver seamless digital experiences can take a big step towards becoming an employer of choice for candidates. 78 per cent of people claim that they would want to work for an employer that provides brilliant, seamless digital experiences throughout the recruitment process.

In the current competitive job market, where HR leaders are actively seeking any advantage over their competitors, prioritizing digital experiences throughout the recruitment process can be a potential game-changer. By prioritizing digital experiences throughout the recruitment process, employers have the opportunity to gain a significant edge and attract the top-talent necessary for their growth and success.  

Leave a comment »

MCNA Pwned In Ransomware Attack…. 9 Million Patients Affected

Posted in Commentary with tags on June 1, 2023 by itnerd

 There has been a ransomware attack on MCNA, exposing sensitive data for nearly 9 million dental patients. That makes this the largest health breach so far this year:

On March 6, 2023, MCNA became aware of certain activity in our computer system that happened without our permission. We quickly took steps to stop that activity. We began an investigation right away. A special team was hired to help us. We learned a criminal was able to see and take copies of some information in our computer system between February 26, 2023 and March 7, 2023.

What information may have been involved?

Here is the kind of information that was seen and taken:

  • Information used to contact you, like first and last name, address, date of birth, phone number, email
  • Social Security number
  • Driver’s license number/other government-issued ID number
  • Health insurance (plan information, insurance company, member number, Medicaid-Medicare ID numbers)
  • Care for teeth or braces (visits, dentist name, doctor name, past care, x-rays/photos, medicines, and treatment)
  • Bills and insurance claims

Some of this information was for a parent, guardian, or guarantor. A guarantor is the person who paid the bill. Information which was seen and taken was not the same for everyone.

That’s not good. Ani Chaudhuri, CEO, Dasera had this comment:

As the recent ransomware attack on Managed Care of North America (MCNA) shows, the protection of sensitive data, particularly in healthcare, cannot be overstated. A staggering 8.9 million dental patients were affected, with compromised data that included addresses, Social Security numbers, driver’s licenses, and insurance information. It’s a painful reminder that ransomware attacks continue to evolve and pose substantial threats to businesses and individuals alike.

The perpetrators, allegedly the Russia-based LockBit ransomware group, exploited vulnerabilities in MCNA’s systems, exfiltrating an estimated 700GB of data, and demanded a $10 million ransom. The attack has now resulted in the largest health data breach of 2023.

While MCNA’s decision to refuse the ransom demand and instead offer one year of free identity theft protection to the affected customers is laudable, this incident underscores the need for more robust and comprehensive data security measures. The protection of sensitive data should be a proactive endeavor, not a reactive one.

The stakes in cybersecurity have never been higher. These breaches not only result in substantial financial losses but, more importantly, they also have a significant human cost. With data breaches, it’s often the individuals – patients, consumers, and innocent bystanders – who suffer the most.

We must acknowledge the increasing sophistication of cybercriminals and adjust our strategies accordingly. Businesses, particularly in healthcare, need to double down on their efforts to secure their data and protect their customers. It’s not just about adopting advanced technology and tools, but also about fostering a culture of data security and responsibility.

Lastly, let’s remember that cybersecurity is not a destination but a journey that demands constant vigilance, adaptation, and innovation. It calls for an honest evaluation of our security postures and a renewed commitment to safeguarding our data. Let’s see it as a wake-up call, not just a headline. Data security isn’t just a technology issue; it’s a trust issue. And trust, once lost, is incredibly hard to regain.

The numbers in these attacks keep getting higher. And that’s not a good thing. Organizations of all sizes need to take robust action to stop this trend from getting worse.

1 Comment »

DogeRAT Malware Is Out And The Price Of Entry For Threat Actors Is Insanely Low

Posted in Commentary on June 1, 2023 by itnerd

Discovered by researchers at CloudSEK, a malware campaign called DogeRAT has been observed impersonating legit Android BFSI, e-commerce and entertainment apps. Relying on open source Android malware, DogeRAT operates using Java-based server-side code, enabling communication between the malware and the Telegram Bot. It then uses a web view to show a seemingly legitimate URL on the victims’ devices. Upon installation, the malware requires various permissions and then malicious activities commence such as making unauthorized payments, altering files and taking screenshots.

Mark Bermingham, VP, Cyware had this to say:

“Imagine the scale required to generate tangible profit from a $30 offering.  The fact that commercial malware offerings are available and that threat actors can profit from a widespread lack of cyber diligence offers sad perspective on the state of preparedness prevalent across the industry.  These attacks will be picked up and blocked by moderately diligent security. The goal should be to move more organizations over this line.  The tools exist.  Some vendors de-complicate security.  Endeavor to partner with these types of vendors and minimize a significant worry from your business operations.”

The price of cyber crime has dropped to the point that anyone can be a threat actor. That’s pretty scary and that means that we all should be taking the steps in the CloudSEK article to make sure that we don’t fall victim to this malware campaign.

Leave a comment »

Viral Nation_Secure Adds Copyright Audit Functionality To Help Companies Avoid The Growing Problem of Piracy Lawsuits

Posted in Commentary with tags on June 1, 2023 by itnerd

Viral Nation, a leading social media transformation and technology company, enhances its award-winning brand safety and reputation management solution, Viral Nation_Secure, with the addition of AI-powered copyright infringement detection for music and audio. This industry-first feature will enable users to identify instances of copyright infringement of owned music and audio files used in social media posts, safeguarding corporations from potentially costly lawsuits and damaged reputations.

With the rapid growth of the creator economy, copyright infringement has become a growing concern for corporate brands looking to leverage social media to connect with their audience and promote their services—entrusting brand ambassadors to deploy creative campaigns that engage target audiences while adhering to ever-changing copyright and licensing laws.

Inappropriate use of social media can significantly impact a company’s revenue, brand value, trust, goodwill, and ethical reputation. Studies have shown that companies facing reputation loss due to social media can experience a decline in value of 30%, while those that manage reputation crises effectively can gain 20% in value. In 2022, major music labels were awarded nearly $47 million over a piracy suit. Copyright owners have been resorting more frequently to legal action against the infringement of music, employing copyright law as their preferred method.

Leveraging a custom AI model, Viral Nation_Secure audits posts across all major social media platforms and media types. It enables marketing, communications, HR, legal and other teams to audit and monitor social media activity of brand advocates, sponsored influencers, executives and employees, ensuring their online behavior is consistent with the brand’s core values.

In addition to the added value of copyright infringement detection, key features and benefits of Viral Nation_Secure include:

  • Complete social audits for accurate, comprehensive data analysis utilizing augmented intelligence for complete content moderation.
     
  • Compliance management and live monitoring of social media posts, ensuring companies are always in line with the latest regulations.
     
  • Customizable social media background checks that enable companies to adjust their tolerance levels and flagging criteria for instances of profanity, intolerance, hate speech, violence, graphic or sexually suggestive content, illegal or regulated substances, specific industry regulations and more.
     
  • Fast and accurate reporting where brands can get customized, multilingual analysis of social data across major platforms, motivating brands to make decisions quickly in order to stay ahead of the competition.
     
  • AI-powered analysis to screen all social media text, images, transcribed video, tagged posts and comments—offering text categories, sentiment and emotion analysis in 13 different languages. 
  • Multi-cloud platform infrastructure with ISO/SOC compliance and multiple unique patents within the functionality of the Viral Nation_Secure solution. 

Viral Nation_Secure with copyright infringement detection is available now. Interested parties can schedule a demo or request more information here.

Additionally, the secure functionality of the audit and approval process is available in the recently launched Viral Nation_Empower solution — a complete enterprise solution that enhances and elevates employee advocacy and engagement programs across major social media platforms. It drives, improves and tracks employee engagement, alignment, satisfaction and trust with brand safety monitoring and collective engagement analytics, while also streamlining the customer’s buyer journey. With a direct integration to Viral Nation_Secure, companies get peace of mind that all employee posts adhere to brand and campaign guidelines and avoid copyright infringement, while monitoring overall sentiment online.

Leave a comment »

« Older Entries