Archive for October 6, 2023

Why Does Zoom For Mac Want Access To Data From Other Apps?

Posted in Commentary with tags on October 6, 2023 by itnerd

I updated to macOS Sonoma recently and so far so good. Except for this pop up that would appear when I am using Zoom:

From an Apple perspective, I know what is happening. In macOS Sonoma, Apple made a bunch of changes to make sure that apps aren’t accessing things they shouldn’t, of doing things that they shouldn’t. This is one of those changes. In short, Zoom is trying to access something that the operating system thinks it should not have access to. And as a result it is prompting you to allow it or not. This also implies that Zoom has been doing this for a while and macOS Sonoma has caught them out.

If you want to go into the weeds on these changes in macOS, this article is worth reading. Specifically the section called “Security and Privacy | Application Data Protection”.

In my case, I have said “Don’t Allow” every single time that this prompt has appeared. As far as I can tell, there has been no noticeable effect in terms of how Zoom operates. My perception is that Zoom is just asking because it wants the data for its own purposes and not to provide me with any useful functionality. But I don’t know that for sure as Zoom hasn’t said anything that I can find online in terms of what it wants access to and more importantly why. Until Zoom does say something substantive, I will continue to click on “Don’t Allow”. And if you get this prompt, you should click “Don’t Allow” as well.

Given Zoom’s rather questionable history with security and privacy, it would be in their interest to say something about this sooner rather than later. Otherwise, this will be treated with the suspicion that Zoom is up to something shady. I would like to think that Zoom doesn’t want to be seen that way. Thus they will comment on this in detail quickly.

Over to you Zoom.

Leave a comment »

Arietis Health Is The Latest To Admit That They Were Pwned As Part Of The MOVEit Campaign

Posted in Commentary with tags on October 6, 2023 by itnerd

Arietis Health, a revenue cycle management vendor, notified the patients of 55 healthcare practices in 20 states that their health and personal information has been potentially compromised as part of the global MOVEit attack campaign.

Arietis said it uses MOVEit file transfer software in the billing services it provides to NorthStar Anesthesia, which manages the affected medical practices, and specializes in anesthesia, pain management and related healthcare services.

On July 26, Arietis’ investigation into the incident determined that hackers had unauthorized access to Arietis Health’s MOVEit server, and Arietis said it notified NorthStar about the incident on Aug. 3 and began notifying the affected practices’ patients on Sept. 29.

That stolen information includes patient:

  • Names  
  • DOBs
  • Driver’s license  
  • Addresses  
  • SSNs
  • Medical record numbers  
  • Patient account numbers
  • Health insurance information
  • Diagnosis and treatment information  
  • Clinical and prescription information  
  • Provider information

In a statement, Arietis said that while it also uses MOVEit for file transfers with other clients, the hack only affected NorthStar. The company has not disclosed the exact number of patients effected.

Ted Miracco, CEO, Approov Mobile Security had this to say:

“This is a reminder that even when organizations take steps to patch known vulnerabilities, they are still at risk of being attacked by cybercriminals who exploit zero-day vulnerabilities. Cybercriminals, especially state-sponsored groups, are constantly developing new ways to exploit zero-day vulnerabilities, and it can take time for software vendors to develop and release patches. Healthcare organizations especially need to take additional steps to protect themselves from zero-day attacks, such as implementing multi-layered security controls and conducting regular pen testing assessments.”


Paul Valente, CEO, VISO Trust follows with this:

“The days of turning a blind-eye on third-party risk are behind us. It’s imperative that CISOs take decisive steps to manage this risk. Drawing from years of experience as a CISO, it’s evident that the MOVEit campaign breach underscores the necessity for modern enterprises to invest in a comprehensive, strategic, and automated third-party risk management program. In an interconnected digital world, overlooking third-party risk is not an option. Organizations must be proactive in addressing this critical facet of cybersecurity to safeguard data, protect their reputation, and meet regulatory obligations.”

Given that Arietis Health uses MOVEit with other clients, I have to wonder how long before they announce that those clients have been pwned as well. Place your bets on that front.

Leave a comment »

Mujjo Announces New Colours For Their MagSafe Wallet

Posted in Commentary with tags on October 6, 2023 by itnerd

Mujjo is excited to introduce brand-new colours for their best-selling MagSafe Wallet. Now in Burgundy, Dark Tan and Steel Blue — as well as Light Tan, Monaco Blue and Black — to match all of the colour options available for our brand-new iPhone 15 cases. 

Here are just few highlights: 
+  Easy-access three-card wallet. And access cards from the top, base, or back.
+  Compatible with iPhones that have MagSafe (12,13,14, 15) as well as MagSafe compatible cases.
+  Vegetable-tanned Ecco leather ages beautifully, rated Gold for environmental standards.
+ Lined with luxurious Japanese microfibre with a satin-like finish.
+  Easy to attach, with silicone stripes for slip resistance.
+ €44.00 / £44.00 / $44.00

The cases are available on mujjo.com now.

Leave a comment »

Air Canada’s Name Is Being Used In A Refund Scam

Posted in Commentary on October 6, 2023 by itnerd

I got sent a copy of this email from a reader who was pretty sure that this was a scam:

Just looking at the email, it screams that this is a scam. First of all the English is pretty bad (Example: “To keep your tickets for the use of the services, we invite you to contact us on the number displayed for confirmation of your flights”). But the second thing that says that this is a scam is this:

This was clearly not sent by Air Canada as Air Canada’s email domain is aircanada.ca. Instead it was sent by an online email marketing service called Maileon. I have reached out to Maileon to let them know that their services are being used in a scam. If I hear back from them, I will post an update. What tipped me off to this was the fact that there was an “Unsubscribe from newsletter” option that actually worked.

I then proceeded to call the scammer, which by the way you should never do, to get more intel on what this is about. The first thing that happened was that I was prompted by a phone switch to press a number to get connected to an agent. That number was different every time I called. Then I was connected to a scammer who asked me for a confirmation number. As you can see from the email above, there is no confirmation number. So I was not able to go much further. But I could clearly hear other people in the background saying things like “open your Edge browser and go to this website”. That screams refund scam as this is the sort of thing that these scammers will do to steal from you.

Now, besides reporting this to Maileon, I’ll be reporting this to Air Canada. And speaking of Air Canada, they have some handy tips that you should read in regards to scams in general and scams that use their name. They’re totally worth taking a few minutes to read. Hopefully that will help you to stay safe out there.

1 Comment »