Archive for November, 2023

« Older Entries
Newer Entries »

Ooma Telo – A Quick But Overdue Follow Up

Posted in Products with tags on November 21, 2023 by itnerd

Back in January I wrote a review about the Ooma Telo VoIP phone system. At the time I promised that I would follow up. And that took longer than I expected because to be frank, nothing much has gone wrong except for one thing that I will cover in a moment. The call quality remains excellent and she’s has had no problems. In short it’s been rock solid and she’s had no complaints.

The only thing that has gone wrong was that the client forgot to update her credit card with Ooma and that broke her phone service for a few days. On top of that Ooma’s emails warning her of this went to her spam folder. But one phone call to Ooma’s support on a Saturday afternoon sorted all of that out. I will also note that the wait time was under a minute and the problem was resolved in under 30 minutes as resolving the issue required a power cycle of the Telo device which takes 15 to 20 minutes to do.

The bottom line is that the Ooma Telo is a reliable product that I would recommend without hesitation. Their support is great, and I honestly can’t find anything negative to say. If you are looking to use a VoIP phone system to give you an affordable home phone line, the Ooma Telo is worth your time to take a look at.

Leave a comment »

Mujjo’s Black Friday Sale Starts Tomorrow

Posted in Commentary with tags on November 21, 2023 by itnerd

Here are some highlights of the sale:

Check it out at Mujjo.com.

Leave a comment »

Black Mental Health Canada Urges Collective Action to Tackle The Concerning Mental Health Of Black Canadians

Posted in Commentary with tags on November 21, 2023 by itnerd

Black Mental Health Canada (BMHC), a community-based non-profit organization that addresses the mental health needs of Black Canadians, is calling for professionals, industry leaders, agencies and influencers to join a gala event on December 9 in Toronto to help raise awareness of the distinctive mental health needs of Black Canadians and five programs designed to close the gaps.

According to a survey of Black Canadians, 60 per cent said they would be more willing to use mental health services if the mental health professional were Black. BMHC’s objective is to provide easier access to culturally appropriate mental health assistance for individuals and families within the Black community, and to enhance their overall well being. Its mandate is to dismantle barriers which include the cost of mental health support, limited access to culturally sensitive care for Black individuals, a lack of comprehensive statistics and research to accurately depict the state of Black Canadians, and a pervasive mistrust of systems designed to support those in need. BMHC strives to establish a safe, inclusive environment where individuals from diverse Black backgrounds can seek and receive support for their mental health needs.

Mental Health Disparities in Black Canadian Communities
The Mental Health Commission of Canada highlighted alarming findings from the 2020 Statistics Canada Survey on mental health disparities during COVID-19. Among the key statistics:

  • 27.9% of Black visible-minority respondents reported fair/poor self-rated mental health, exceeding the rate among White respondents at 22.9%; 
  • 32% of Black visible-minority respondents experienced symptoms consistent with moderate/severe generalized anxiety disorder, compared to 24.2% of their White counterparts;
  • 37.5% of Black visible-minority respondents reported COVID-19-related financial insecurity, surpassing the rate among White respondents at 22.1%. 

BMHC Programs to Close Existing Gaps
Recognizing that contributors to psychological and emotional stress differ among communities, BMHC has strategically designed programs to address distinct needs and close existing gaps. The gala event on December 9 calls for immediate attention, volunteers, mentors and financial support for these initiatives: 

  1. LIFEMAP (Life Integration for Empowering Males After Probation/Parole) supports young offenders step-by-step after release. It helps youth set goals and provides coaching and support to help them navigate the challenges they face during reintegration;
  2. HEROES (Health Education and Resources for Overcoming Emotional and Mental Health Struggles) addresses the urgent necessity for emotional and mental health education in schools, especially in under-served communities;
  3. Yes to Assess provides assessments to children in need who lack the means to access traditional assessment channels; 
  4. BREATHE (Black Response and Empathy Alternative to Harmful Enforcement) operates as a dedicated helpline for community incidents involving mental health crises, eliminating the need to involve the police. Instead, trained Black mental health professionals promptly respond to de-escalate situations effectively; and,
  5. Self Care through Hair is a unique program that leverages barbers as the first line of support, identifying vulnerable individuals and initiating referrals for consultation and further assistance.

In 2023 alone, BMHC has conducted training sessions for over 1,000 healthcare professionals across Canada; developed customized training programs for public servants; provided free, life-changing public counseling groups for men and women throughout the country; disseminated educational and accurate information on mental health through social media; and established partnerships with agencies and organizations to support the Black community. 

BMHC also makes it easy for Canadians to find mental health practitioners that support Black families: https://blackmentalhealth.ca/practitioner/ 

Collective Efforts Needed to Make Progress
The theme of the December 9 event is Ubuntu, which reflects the essential approach required to genuinely challenge the status quo and disrupt conventional practices concerning mental health and its treatment. Ubuntu, which means “I am because we are,” underscores the understanding that no singular entity can shoulder the responsibility of addressing mental health alone. It requires a unified effort to dismantle existing bottlenecks.

The gala event will serve as a platform to share success stories and narratives that ended tragically due to systemic and community failures. Some of the featured speakers include: 

  • Author Lynn Cane, sharing the poignant story of her journey through the loss of her son to suicide;
  • Speaker and Advocate Stacey Buchanan, reflecting on her personal experiences with mental health;
  • Strategist and policy analyst Ngozi Iroanyah, providing insightful commentary on mental health issues affecting Black seniors;
  • Social Worker Duane Wiafe, sharing his experiences in corrections and emphasizing the impact of implementing culturally sensitive programming;
  • Filmmaker Moses Kigana, discussing his personal journey with mental health and the significance of promoting mental health;
  • Poet Roen Higgins, empowering individuals through art and spoken word;
  • Lawyer and Founder of The Sentencing Project Emily Lam, exploring the intersection of mental health and the law;
  • Executive director at Black Physicians’ Association of Ontario (BPAO) and former manager of Black Youth Success Chenai Kadungure, highlighting the importance of strategic programming for youth. 

In addition to attending the gala event, BMHC encourages every agency, professional, leader and influencer capable of contributing not only to do so financially but also to be part of the solution through offering their time, resources, mentorship, leadership and guidance. The gala aims to highlight the collective power of the community, emphasizing the belief that each individual’s contribution, regardless of size, plays a pivotal role.

This event will take place at the Holiday Inn Toronto International Airport (970 Dixon Road, Toronto) on December 9 at 6 p.m. While it is primarily an invitation-only event, some seating will be designated for the general public who would like to participate in the discussion. For more information, visit https://blackmentalhealth.ca/gala23/.   

For more information on volunteering or working with BMHC, contact us at info@blackmentalheath.ca

Leave a comment »

Atlas VPN Releases A Native App For Apple TV

Posted in Commentary with tags on November 21, 2023 by itnerd

Atlas VPN, has just introduced a dedicated VPN app for Apple TV

Image

The development follows Apple’s rollout of tvOS 17 this September, which introduced VPN support, making Atlas VPN one of the pioneering providers to release a native app for the smart TV platform.

With the dedicated app, users can easily install and set up Atlas VPN on their Apple TVs in a few simple steps, eliminating the need for the manual VPN router setup that is often necessary with many other VPN services.

The Atlas VPN Apple TV service comes with solid encryption and features advanced protection SafeSwap servers unique to the VPN provider. SafeSwap allows users to have many rotating IP addresses without having to switch between different VPN servers. 

Apart from robust security features, the service is also equipped with video-optimized servers and 10Gbps servers designed to provide lightning-fast speeds, even during peak usage. 

The Atlas VPN app for Apple TV is already available on the Apple TV App Store. To get the app, users can search for “Atlas VPN” and follow a quick setup process.

Apple TV is the newest addition to Atlas VPN’s list of supported platforms, joining Android TV, Amazon Fire TV, Windows, macOS, Android, iOS, and Linux.

Leave a comment »

A New Canada Post #Scam Is Making The Rounds

Posted in Commentary with tags on November 21, 2023 by itnerd

A reader of this blog tipped me off to this Canada Post scam that seems to be making the rounds. It starts with a text message:

Now the threat actor is hoping that your critical thinking won’t kick in because we’re in that time of year where everybody is having stuff shipped to them. Thus you will be more likely to click on the URL in the message instead of clicking on “Report Junk”. Thus let’s dive in by clicking on the URL which for the record you should never, ever do:

Now this is a very good replication of the Canada Post website. Except for the fact that the URL is not https://www.canadapost-postescanada.ca. But the threat actors are hoping that you won’t notice that. There’s also no tracking number listed. That’s a #fail as well as any sort of package that Canada Post or any courier handles would have a tracking number. Now if you click on “Reschedule Delivery”, here’s what you get (click to enlarge):

And here’s where it begins to become clear what the threat actors are up to. First they want to snag your personal info. And I know that because Canada Post would have no reason to ask you for your date of birth. When I entered fake info, I encountered logic that made you fill out certain items that reinforced the fact that the threat actors want your personal info. Likely to do some form of identity theft. But they’re not done yet.

The threat actors want your credit card info as well. Likely to use it to buy a ton of stuff on someone else’s dime. But also to reinforce any attempt to steal your identity. I say that because a lot of places want your birthdate and your credit card along with a home address to run a quick credit check on you. So this threat actor could in theory use this info to take out anything from a cell phone to a loan. That’s pretty crafty.

Now if you’re wondering how Canada Post would contact you, here’s a quick primer. Legitimate Canada Post email notifications will only come from the email addresses below and only if you’ve opted into receiving tracking notifications or communications from Canada Post:

  • donotreply-nepasrepondre@notifications.canadapost-postescanada.ca
  • donotreply-nepasrepondre@communications.canadapost-postescanada.ca
  • bounce-renvoi@communications.canadapost-postescanada.ca
  • bounce-renvoi@notifications.canadapost-postescanada.ca

They will never send you a text message. Thus if you get something that isn’t from one of the email addresses above, and you haven’t signed up for tracking notifications, it’s likely a scam. Legitimate Canada Post SMS tracking or mail notifications and marketing communications will only show the sender as 272727 or 55555, and you will only get them if you have signed up to receive those notifications. Thus if you haven’t opted into getting these texts, it’s a scam.

The holiday season is a prime time for scammers to operate. Thus you need to make sure that you check any email or text twice to make sure that you don’t fall victim to a scam.

1 Comment »

Beware Of The Application Generation Says New Cisco AppDynamics Report

Posted in Commentary with tags on November 21, 2023 by itnerd

A new report from Cisco AppDynamics shows that, while the use of digital services and applications reached new heights during the pandemic, today, consumer demand for applications continues to increase. However, there has been a shift in consumer expectations, with users looking for ever more intuitive and personalized digital experiences. 

  • New Expectations59 per cent of Canadians claim their expectations for digital experiences are far higher now than they were two years ago – citing slow screen loading, applications crashing and poor connectivity among the most frustrating problems. 
  • Application Clutter70 per cent of users are keen to get rid of applications they don’t use enough or value anymore. 
  • No Second Chances54 per cent of consumers feel disrespected by brands whose applications don’t meet their expectations and 63 per cent say to be less forgiving of brands when problems occur.  
  • Digital Disruption (literally): An alarming 83 per cent report they have experienced performance issues when using applications over the past 12 months.   

The report also unveiled a new cohort of application user – “The Application Generation.” This group, aged 18-34, use 41 different applications and digital services each month (compared to 30 for those aged 35 and above) and are far more discerning about the quality of applications – 70 per cent claim to be more mindful about the applications they install on their devices. 

You can read the full report here.

Leave a comment »

Idaho National Laboratory Pwned…. And Data On Employees Has Leaked

Posted in Commentary with tags on November 20, 2023 by itnerd

The Idaho National Laboratory got pwned over the weekend. Here’s what happened next:

Idaho National Laboratory experienced a massive data breach on Sunday night, leading to the leak of employee addresses, Social Security numbers, bank account information and much more.

INL media spokesperson Lori McNamara tells EastIdahoNews.com the breach is being investigated and federal law enforcement are involved.

“Earlier this morning, Idaho National Laboratory determined that it was the target of a cybersecurity data breach, affecting the servers supporting its Oracle HCM system, which supports its Human Resources applications. INL has taken immediate action to protect employee data,” says McNamara. “INL has been in touch with federal law enforcement agencies, including the FBI and the Department of Homeland Security’s Cyber Security and Infrastructure Security Agency to investigate the extent of data impacted in this incident.”

According to INL, more information will be shared as the situation progresses.

Slight problem though, they didn’t protect employee or any other data:

EastIdahoNews.com was able to download and view the hacked information. We have been able to confirm the authenticity of the leaked information from several employees. The information impacts thousands of local workers. 

A politically-motivated hacking group has claimed responsibility for the data breach on various social media platforms. EastIdahoNews.com is not naming the group, due to the nature of the sensitive information, which is now publicly available. 

As of 11 a.m., INL officials could not the confirm the identity of the hackers.

Lovely. John Gunn, CEO, Token has this comment:

90% of data breaches start with a successful phishing attack, yet most organizations are using 20-year old legacy multifactor authentication (MFA) technology as their primary means of securing access. So many headlines and so many breached companies. and all from the same vulnerability – people falling victim to sophisticated phishing attacks and it will only get worse as cybercriminals expand their use of AI.

This attack based on what we know is pretty bad. And I suspect that as more details emerge, the scope of how bad this is will become clear.

UPDATE: I did say that as more details emerged, the scope of how bad this is will become clear. Here’s some additional details. In a Telegram post on Sunday, hacking group SiegedSec claimed to be behind this hack.

The group claims to have accessed servers supporting its Oracle human resources applications, gaining access to detailed information of current and former employees.

Another data point, INL operates under the Department of Energy and scientists work on national security programs, including protecting critical infrastructure like the U.S. power grid. INL is also the premier lab for nuclear energy focusing on energy security, reliability and cybersecurity.

Corey Brunkow, Dir of Eng Operations, Horizon3.ai had this comment based on the above:

   “Oracle Human Capital Management is an application under the Oracle Fusion Cloud SaaS suite which is listed on the FedRAMP Marketplace with an agency authorized Authority to Operate (ATO). This SaaS has been provided authorization to operate by at least 5 separate Authorizing Agencies after going through an extensive and expensive FedRAMP process. The fact that this service was breached and could lead to the breach of the at least 10 other agencies that have provided an ATO or reused the ATO for this product leads me to conclude that the US Government’s over-reliance on exhaustive check-list based compliance and security theater through documentation is not a fail-safe against the myriad of negative outcomes in cybersecurity. Compliance programs like FedRAMP authorization is only one portion of a complete cybersecurity posture, and the current rate of threat generation and activity is much faster than any human auditor can keep pace with.

   “The negative outcome here beyond the initial breach of data is a clear national security concern due to the sensitive nature of the work and capable people that do the work at our national labs. With the data revealed through this hack, the Department of Energy should prepare for individual or organizational blackmail campaigns, individual threats, and possibly the departure of critical and highly skilled workforce members. The SiegedSec hacktivist group, now armed with detailed information about employees could pose a significant risk to the likelihood of insider threat problems due to the stress and situation that the newly breached employees now face with their personal sensitive data exposed to a hacktivist group that has previously targeted NATO entities and other government services.”

Leave a comment »

Cybersecurity Isn’t Front And Center In The Open AI Soap Opera

Posted in Commentary with tags on November 20, 2023 by itnerd

The Open AI saga is frankly a bit crazy. And it might be hard to keep track of what is going on. To that end, I’d like to point you towards this explainer by The Guardian which I think that should clear things up. At least for now. But there’s an angle of this that isn’t being covered by many which is cybersecurity. That’s where Damir J. Brescic, CISO, Inversion6 comes in to offer his opinion:

The recent development at OpenAI, particularly the departure of Sam Altman as CEO, could have significant implication for the broader AI industry. It’s more than clear that Altman and the board at OpenAI do not see eye-to-eye and that the shift in leadership, with a focus on increasing transparency and collaboration in AI research, will have a significant impact on the future of OpenAI.

I recall the story of Steve Jobs being removed from Apple, back in the day, due to a similar spat with the Apple board on the direction of the company. We all saw how that turned out – they did so well without someone steering their ship, that they had to beg Jobs to return. In his case, Jobs started another company and knew Apple was desperate that he forced them to buy it just to get him back…..man, you have to love capitalism!!!!

From the cybersecurity perspective, as AI systems become more integrated into our daily lives, it is essential that they are designed with cybersecurity in mind. This means that OpenAI and the broader AI community must prioritize the development of secure AI systems that are designed to protect user data and prevent cyber-attacks.

Overall, I find it interesting that Microsoft has made it known that they are interested in hiring Sam Altman to run a new advanced artificial intelligence research team.  This could change the landscape of AI as we know it.

Only time will tell, or when the Cylons take over….

I honestly have to wonder how this will turn out. And if we’ll all be working for our new AI powered overlords. Only time will tell.

Leave a comment »

Australian Government Announces $18M For SMB Cyber Security Support 

Posted in Commentary with tags on November 20, 2023 by itnerd

According to a joint announcement by Minister for Cyber Security Clare O’Neil and Minister for Small Business Julie Collins, the Australian government is pledging an $18.2 million investment to help SMBs improve their cybersecurity resilience and response as part of the 2023-2030 Australian Cyber Security Strategy.
 
$7.2 million will be put towards establishing a voluntary cyber health-check program for SMBs to check their cyber security maturity and gain access to educational tools and materials they need to upskill. Also, high risk SMBs will have access to “a more sophisticated, third-party assessment to provide additional security across national supply chains.”
 
The remaining $11 million will go towards the Small Business Cyber Resilience Service which will provide one-on-one assistance to help small businesses navigate their cyber challenges, including walking them through the steps to recover from a cyber-attack.  

“Uplifting the cyber security of our small businesses is integral to a cyber secure and resilient nation, and this dedicated support will make a huge difference in their preparedness and resilience,” O’Neil said in a statement.

According to the Australian Small Business and Family Enterprise Ombudsman, there are more than 2.5 million small businesses in Australia, making it 97% of all businesses.

George McGregor, VP, Approov Mobile Security:

   “This is an important initiative – small businesses are especially vulnerable to cyber-attacks and don’t have the resources to invest heavily in skills and technology to defend their business. They also depend heavily on services and APIs offered by larger companies and without adequate protections can inadvertently provide a path for attackers to target those services too. We need to see more of these initiatives by governments to make implementing best in class security practices easy for SMBs.”

Anything that helps SMBs to protect themselves from cyberattacks is a good thing. SMB’s get the fact that they need to be protected, but they might need some help to get them across the finish line so to speak.

Leave a comment »

Canadian Government Warns Of Data Breach Impacting 25 Years Of Public Service Employee Data

Posted in Commentary with tags , on November 20, 2023 by itnerd

In a press release on Friday, the Canadian government warned current and former public service employees and members of the Royal Canadian Mounted Police and Canadian Armed Forces that their personal and financial information may have been accessed in a data breach involving two relocation support companies.

The breach occurred on October 19th and affects federal government data that was held by Brookfield Global Relocation Services and SIRVA Worldwide Relocation & Moving Services. Data may include any personal and financial information provided to the companies from as early as 1999.

“Given the significant volume of data being assessed, we cannot yet identify specific individuals impacted,” said the release.

“The Government of Canada is not waiting for the outcomes of this analysis and is taking a proactive, precautionary approach to support those potentially affected.

Jason Keirstead, VP Collective Threat Defense, Cyware had this comment:

   “Breaches that involve third-party subcontractors are increasingly one of the most challenging issues to manage on an organization’s risk register. One way an organization can reduce their own risk is by leveraging their capabilities to help protect their suppliers – for example by sharing both threat intelligence and defense information downstream with their supply chain.”

Given that Canada has very robust laws when it comes to this sort of thing, I fully expect that a robust investigation will take place. And I will be looking to see what the Canadian Government does to stop this sort thing from happening in the future based on said investigation.

Leave a comment »

« Older Entries
Newer Entries »