Archive for October 11, 2023

New Milestone and Features for Fortra’s DLP Solution

Posted in Commentary with tags on October 11, 2023 by itnerd

Fortra announced today strong advances in its Digital Guardian product line. For more than 20 years, Digital Guardian has been helping organizations protect valuable data with its enterprise data loss prevention (DLP) – a solution which has fit perfectly into Fortra’s powerful cybersecurity portfolio and is the cornerstone of Fortra’s Data Protection business. Since its acquisition two years ago, the solution has grown to support more than 5.5 million global users and is now adding security at the file level with secure collaboration.

Bringing Together Comprehensive Data Protection 

The regulatory and threat landscape is evolving so organizations need to collaborate in a seamless and secure environment, knowing their critical data is protected. Fortra’s Digital Guardian offering now includes secure collaboration to help organizations take a zero-trust approach to file security, restricting actions to only authorized users and locking down documents to prevent data leaks. 

Protecting More Customers Around the World 

Fortra’s Digital Guardian supports 600 customers worldwide and is protecting more than 5.5 million users in industries like insurance, healthcare, manufacturing, government, and media and entertainment where securing data is a crucial business requirement.   

The solution is available as SaaS and is also offered as a managed service. Recognized as easy to deploy and achieving rapid results for customers, Fortra’s Digital Guardian scores highly on product review websites such as G2.  

Key Highlights

Other key highlights since the acquisition include:  

  • Fortra’s Digital Guardian was recognized as “Top Player” for DLP in the 2023 Radicati Market Quadrant 
  • Fortra’s Digital Guardian was named “Leader” in GigaOm Radar for DLP  
  • Fortra’s Digital Guardian won Cybersecurity Breakthrough Award for Data Leak Detection Solution of the Year
  • Fortra grew its partnership with Amazon Web Services, and now Fortra’s Digital Guardian has a public AWS Marketplace listing  
  • Fortra’s Digital Guardian produced a set of policies that enable organizations to monitor/restrict access to new online tools such as ChatGPT and the data that’s shared on them 
  • Recent updates to the Analytics and Reporting Cloud (ARC) reporting tool are designed to help threat hunters and incident responders identify, analyze, and remediate threats more effectively.  

Click here for more information about Fortra’s Digital Guardian.  

1 Comment »

Nikon Canada announces the NIKKOR Z 600mm f/6.3 VR S super-telephoto lens

Posted in Commentary with tags on October 11, 2023 by itnerd

Today Nikon Canada Inc. announced yet another premium super-telephoto lens, the NIKKOR Z 600mm F/6.3 VR S. This latest S-Line prime lens is the newest addition to Nikon’s extremely popular lineup of Phase Fresnel (PF) lenses that deliver big reach in a surprisingly small and lightweight package. 

Wildlife, aviation and motorsport shooters need spontaneous versatility, fast precise focus, and a lens that won’t compromise image quality. The NIKKOR Z 600mm F/6.3 VR S is an S-Line super-telephoto prime lens that is made to be easily handheld. Users can leave the monopod at home, since it is the lightest in its class, and offers superior optical performance and portability with a total length of only 11in (278mm) and weight of approximately 1,390g (3lbs). Furthermore, the lens is designed so that its centre of gravity is positioned closer to the body side, offering optimal balance. This also makes the NIKKOR Z 600mm an ideal lens for panning in situations that require lens control and stability, such as automotive racing, or fast-moving subjects like wild birds in flight.

The use of the PF lens element contributes to a significantly smaller overall size and weight, reducing the need for a tripod. With advanced AF and VR performance as well as S-Line superior rendering quality, the NIKKOR Z 600mm f/6.3 VR S gives users the confidence to get tack-sharp images of fast-moving subjects from a distance. 

Primary features of the NIKKOR Z 600mm F/6.3 VR S

  • Handheld shooting is made possible with a total length of approximately 11in (278mm) and weight of approximately 1,390g (3lbs), the lightest in its class.
  • Chromatic aberration is significantly reduced with the adoption of PF and ED glass elements. In addition, the adoption of an SR lens element controls short-wavelength light, the effects of which are difficult to correct, achieving highly precise chromatic aberration compensation.
  • Nikon’s original Nano Crystal Coat has been adopted to effectively reduce ghost and flare.
  • By using the Z TELECONVERTER TC-1.4× or Z TELECONVERTER TC-2.0× the telephoto range can be expanded to 840mm or 1200mm respectively, while taking advantage of the lens’s AF and VR performance to realize superior sharpness and clarity.
  • Equipped with Normal VR mode, which demonstrates superior 5.5-stop stabilization; as well as Sport VR mode, which stabilizes the viewfinder display with continuous shooting, making it easier to track rapidly moving subjects.
  • When paired with a compatible body, Synchro VR can be activated to achieve up to 6.0-stop stabilization by combining in-camera VR and lens VR.
  • Adoption of a stepping motor (STM) ensures fast and quiet autofocusing.
  • Superior dust- and drip-resistant performance is supported, and excellent anti-fouling performance is achieved through the adoption of fluorine coat.
  • Equipped with four lens Fn2 buttons and one lens Fn button that can be customized and assigned to a wide variety of functions.
  • Equipped with a memory recall functio5 that instantly recalls a focus position stored in advance by pressing the button to which the function has been assigned.  A design that takes video recording into consideration with quiet operation and stable exposure, as well as functions including focus-breathing suppression that effectively reduces shifting of the angle of view with focusing.

Price and Availability

The new NIKKOR Z 600mm F/6.3 VR S will be available in late October for a manufacturer’s suggested retail price (MSRP) of $6,499.95.  For more information about the latest Nikon products, including the vast collection of NIKKOR Z lenses and the entire line of Z series cameras, please visit  www.nikon.ca.

Leave a comment »

Appdome Announces New Attack Evaluation Tools in Digital Economy’s First Mobile XDR

Posted in Commentary with tags on October 11, 2023 by itnerd

Appdome, the mobile one-stop shop for mobile app defense, today released new threat evaluation tools inside ThreatScope™ Mobile XDR to deliver enhanced monitoring, investigation and threat evaluation for mobile apps and brands globally. Among the new tools is Threat-Inspect™, a powerful new ability to investigate, drill down, share and report on defenses, attacks and threats in the production environment. 

Appdome’s ThreatScope™ Mobile XDR gathers thousands of threat signals from mobile app security, hacking, fraud, malware, cheat, and bot attacks from inside deployed mobile apps, and translates that data into brand relevant views that cyber, fraud and business teams can use to evaluate and respond to mobile threats and attacks in real time. The new evaluation tools include: (1) Threat-Inspect, for deep threat inspection, (2) Threat-Views™, for creating savable monitoring perspectives by app, device, OS, attacks and other parameters, and (3) Threat-Snapshots for ease of reporting and collaboration. ThreatScope Mobile XDR is pre-integrated with Appdome’s Cyber Defense Automation platform for Android & iOS apps for instant response to any cyber or fraud attack. 

The new threat evaluation features in ThreatScope Mobile XDR provide mobile businesses and brands: 

Threat-Inspect™ allows cyber teams to pivot between “All” and “Unique” attacks as well as between attacks and “Impacted Devices,” to see the number of unique devices experiencing each attack. This new capability allows cyber responses to be tailored to the specific threat(s) in the production environment while also easing the remediation burden for mobile users and brands globally. 

A unique feature of Threat-Inspect is that it also can be used in conjunction with Appdome’s recently released Build-to-Test automated testing capability. Build2Test allows Appdome-protected mobile apps to be used inside automated mobile app testing suites, logging all security events for the developer to track and monitor. These logged security events are now visualized inside Threat-Inspect. 

Threat-Views™ allows security teams to zoom in and monitor specific aspects of the mobile app defense, attack and threat data shown on ThreatScope. Create and save any number of Threat-Views to monitor one or more mobile applications, OS, OS Version, attack vector, mobile app release, Fusion Set (defense model), geographic region or other parameter. Threat-Views enable persistent business level viewing and analysis, which is essential for demonstrating ROI and keeping the overall mobile business safe. 

ThreatScope Snapshots™ allow cyber teams to export and share real-time mobile app defense and attack snapshots from ThreatScope, Threat-Views or Threat-Inspect data. Use ThreatScope Snapshots to keep cyber, fraud, and business teams informed on progress in stopping security, fraud, malware, and other attacks, demonstrate compliance, or collaborate with other teams internally. 

Powering these features are new levels of metadata now available in ThreatScope. These include enhanced attack, threat and fraud metadata including geo-location, unique identifiers for threats and impacted installations as well as new options such as IP address and more. This metadata allows mobile brands to click to see all the in-production mobile apps and installations impacted by each attack or threat. Simply click on a specific attack or threat and choose the impact view needed by each business line. IP address and unique device data can now also be downloaded for offline analysis. 

Appdome’s Threat-Scope Mobile XDR is the only XDR solution offering consolidated, real-time, cyber security, fraud, malware, cheat and bot attack and threat intelligence from in-production Android & iOS apps. With ThreatScope Mobile XDR, mobile brands, developers, cyber and fraud teams can immediately respond with updated security models, build-by-build and release-by-release and prioritize protections that have a real impact on the mobile business and users. The entire ThreatScope Mobile XDR capability inside Android & iOS apps without any burden on mobile dev teams, including no code, no SDK and no servers to deploy and, most importantly, no separate agent installed on the mobile device. 

For more information about ThreatScope™ Mobile XDR visit: www.appdome.com 

Leave a comment »

TELUS Friendly Future Foundation launches new $50 million TELUS Student Bursary Fund

Posted in Commentary with tags on October 11, 2023 by itnerd

Today, TELUS Friendly Future Foundation announced the launch of Canada’s largest bursary fund: the TELUS Student Bursary, supporting students facing financial barriers impacting their ability to enroll or continue their education. Created through a $25 million endowment gift from TELUS, along with an additional $25 million commitment in fundraising from TELUS Friendly Future Foundation, TELUS Student Bursaries are awarded annually to youth between the ages of 17 and 29 who are accepted into, or attending, any undergraduate degree or diploma program at any Canadian college, university or polytechnic institute, enabling youth across the country to access higher education.

While education opens doors to a brighter future, unfortunately not all youth have the resources needed to attend college or university. Recent reports state that 75 per cent of students find it very hard to afford post-secondary education and nearly 1-in-3 students have considered withdrawing from their studies due to financial difficulty. The TELUS Student Bursary program offers bursaries valued at $5K for university students and $3K for college students, helping break down financial barriers and further empowering youth to thrive and reach their full potential. 

Aligning with the start of the 2023–2024 school year, TELUS Friendly Future Foundation awarded its first round of bursary recipients to more than 400 students across the country. Pulling from their own personal experiences, ranging from immigrating to Canada, to navigating the foster-care system and experiencing social injustice, these are the social impact leaders of tomorrow that will be driving climate action, advancing Reconciliation, advocating for human rights, and uplifting marginalized communities across the country and around the world.

By the end of 2023, TELUS Friendly Future Foundation will have provided $2 million worth of bursaries to students attending post-secondary institutions across Canada and through select post-secondary partners including University of Victoria, Northern Alberta Institute of Technology (NAIT), Humber College, McGill University and Indspire, a national Indigenous registered charity that invests in the education of First Nations, Inuit and Métis peoples. In addition to financial support for their education, the TELUS Student Bursary seeks to help alleviate some of the additional challenges facing students such as affordability and career opportunities. Bursary recipients have access to free mobility and internet plans through TELUS’ Mobility for Good and Internet for Good programs, as well as mentoring, networking and other career development opportunities throughout their schooling and post-graduation, helping enable their ongoing professional success. 

The next student bursary application window will open in spring, 2024. To learn more, visit friendlyfuture.com.

Leave a comment »

Flagstar Bank suffers third data breach collectively impacting millions

Posted in Commentary with tags on October 11, 2023 by itnerd

In data breach notification letters, Flagstar Bank warned over 800,000 US customers that their personal information may have been stolen after a breach at Fiserv, a third-party service provider it uses for payment processing and mobile banking services.

The attackers exploited the MOVEit Transfer product vulnerability to access Fiserv’s systems and, from there, stole Flagstar customer data the vendor held, including names and SSNs.

This latest breach is the third for Flagstar since March 2021, when its Accellion file transfer server was hacked in January of 2022. Hackers managed to steal customer and employee information, including names, addresses, phone numbers, tax records, and SSNs.

Also, in June 2022, Flagstar disclosed a second breach of its corporate network that impacted over 1.5 million customers with compromised data including names and SSNs.

Unfortunately, Fiserv has also previously exposed customer data due to other security lapses, and, as Fiserv serves hundreds of banks, it is believed that more victims of this incident will surface.

Paul Valente, CEO & Co-Founder, VISO TRUST had this to say:
 
  “Attackers will target the weakest link in the chain, and in financial services, third parties are the weakest link.

   “The interconnected nature of the financial industry means that breaches at third-party providers, like MOVEit and Fiserv, can have cascading effects, impacting not only a single institution but potentially an entire sector. That’s why collective efforts and strategic automation and nth party intelligence are crucial in enhancing overall cybersecurity resilience.

   “This breach at Flagstar Bank underscores the paramount importance of a proactive and vigilant approach to third-party risk management. Security teams must go beyond the basics, delving deep into their environment, staying vigilant, and having a clear plan in place to respond swiftly to third-party-related issues. Automation and AI are powerful allies in this endeavor, enhancing the ability to detect and mitigate risks effectively in today’s ever-evolving threat landscape. This combination of human expertise and technological innovation is key to protecting customer data and maintaining trust in the digital age.”

Craig Harber, Security Evangelist: Open Systems follows with this:

   “Third party suppliers are critical to the operation of most modern businesses. Their systems are interconnected to form a trust relationship to prevent supply chain attacks, data breaches, and reputation damage. Unfortunately, the resulting ecosystem has become a favorite attack path for attackers to gain access to larger companies that tend to have larger budgets and more resources to invest in cybersecurity. In the most recent breach reported by Flagstar Bank, we see an example of how the attacker exploited the MOVEit Transfer product vulnerability in Fiserv’s system to access Flagstar customer data held by Fiserv. The impact on Flagstone’s customers and its brand highlights the importance of implementing third-party risk management to help mitigate undue risks and costs associated with third-party cyber risks.”

Clearly this bank needs a closer look given the fact that this isn’t their first rodeo in terms of getting pwned. In fact, I hope those in places like Congress ask this bank a lot of tough questions. Because three of these incidents is completely unacceptable.

UPDATE: Ted Miracco, CEO, Approov Mobile Security had this to say:

   “The possibility that the first data breach at Flagstar Bank may have facilitated the two subsequent breaches is a concerning issue. Employee data taken in the initial breach could potentially have provided valuable information and access points for the hackers in either or both of the later breaches. This highlights an important lesson for financial companies and organizations in general – breaches cannot be easily remediated once the first breach occurs. 

   “Flagstaff might also benefit by implementing more stringent contractual obligations regarding data protection to minimize the risk of breaches through third-party arrangements. There is a clear pattern here, and hopefully steps will be taken this time to avoid another breach at Flagstaff and at their third-party suppliers.”

Leave a comment »