When I go out for a training ride on my new road bike, I try to carry as little as possible. Specifically, my house keys, my iPhone 14 Pro, and a couple of pieces of ID. Up until this point I was using this Ekster MagSafe wallet to carry my ID. But the problem is that it is leather, and leather and sweat are not a good combination. So I wanted another option that was more compatible with doing an activity that involved sweat. Thus after some hunting around, I found this:
This is the Spigen Rugged Armour Card Holder For MagSafe. It holds two cards and is made of a silicone like material.
You can get a better look at that material here with a pair of cards inserted into the card holder. The fact that it is made of silicone means that sweat will not be an issue. The company says that it holds two cards, and they are right as I attempted to sneak my VISA card into the card holder on top of two other cards and it wouldn’t fit. But that’s still fine as I only need to take my drivers license and health card with me when I ride. I’ll also mention that if you have other Spigen gear, the faux carbon fibre motif fits in with their cases and the like. That way you can be all “matchy matchy” as my wife would say.
On the back you’ll note that there are two pads on the bottom. They are made of some sort of material that is tacky. And that is what makes this card holder work. When put directly onto an iPhone or onto a MagSafe case like this one, it stays solidly on the back of the iPhone or case. That’s another win for me as I have always been concerned about a card holder like this coming off my phone and being lost someplace on a bike ride. In my opinion, that’s less likely to happen with this card holder.
The Spigen Rugged Armour Card Holder For MagSafe goes for $39 USD and I would really take a good look at it if you want a card holder that is guaranteed to stay on your phone no matter what, and is made of a material that is more durable than leather.
US Department Of Energy Part of Global Cyberattack Involving The MOVEit Vulnerability
Posted in Commentary with tags Hacked on June 17, 2023 by itnerdIf you thought I was done with news on the the MOVEit vulnerablity, here’s another one.
Several US federal government agencies have been affected by the global cyberattack involving the MOVEit vulnerability and officials expect several hundred companies will also become impacted. In a statement to CNN, Eric Goldstein, CISA’s executive assistant director for cybersecurity, said that CISA “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications.”
There were two Department of Energy victims: 1) Oak Ridge Associated Universities, a not-for-profit research center, and 2) Waste Isolation Pilot Plant – a contractor which disposes atomic energy waste.
CISA’s response comes as Progress Software said it had discovered a second bug in the code that the company was working to fix.
“We have communicated with customers on the steps they need to take to further secure their environments and we have also taken MOVEit Cloud offline as we urgently work to patch the issue,” Progress Software said in a statement.
The ransomware group had given victims until 6/14 to contact them about paying a ransom, after which they began listing victims on their extortion site. As of 6/15, the dark website did not list any US federal agencies, but instead the hackers wrote in all caps:
“If you are a government, city or police service do not worry, we erased all your data. You do not need to contact us. We have no interest to expose such information.”
Willy Leichter, PV of Marketing, Cyware leads off with this comment:
“This is another frightening example of the risks of attack through supply chains. Our best defenses can be bypassed if we’re relying on vulnerable software for critical tasks, such as transferring large data files. We must find ways to extend our security intelligence and best practices to suppliers to close this gaping hole.”
Roy Akerman, Co-Founder & CEO, Rezonate follows up with this:
“The MOVEit vulnerability was fast to turn from discovery to active exploitation in the field. Available proof of concepts of RCE exploitation increased the risk and organizations are called to take immediate action, in particular federal government agencies. Ransomware groups are known to adopt the latest infiltration techniques before patching is completed, especially when there are multiple patches that are rolling out as further details become available. We are closely monitoring for any further developments related to this SQL injection vulnerability that is actively exploited.”
That’s the last MOVEit story for today. But I am pretty sure there will be more in the days to come.
Leave a comment »