Archive for December 12, 2023

Over Half Of Canadian Professionals Have Passed AI-Generated Work As Their Own: Salesforce

Posted in Commentary with tags on December 12, 2023 by itnerd

Salesforce recently released the next iteration of its Generative AI Snapshot Research Series, The Promises and Pitfalls of AI at Work, surveying 14,000 global workers, including 1,020 in Canada, revealing that despite the promises generative AI holds, a lack of defined policies around its use may be putting Canadian businesses at risk.  

Key highlights from the research:

AI tools are penetrating the workplace without oversight 

  • Over a quarter (25%) of Canadian professionals are currently using generative AI at work, and over half (58%) of these professionals are using AI without the approval of employers. 

Users are engaging in ethically questionable activities with AI due to ambiguous or non-existent workplace policies

  • Over half of Canadians (54%) have passed off AI-generated content as their own, and another third (31%) would consider inflating AI skills to land a role. 
  • However, the onus isn’t entirely on employees — just under a quarter of Canadian professionals (24%) have never completed or received training on how to safely and ethically use AI at work. 
  • Certain industries lag behind more than others — for example, 83% of Canadian employees in the professional or business services industry claim their company lacks clear policies.
  • In fact, over half (54%) Canadian professionals say their employer has little to no defined AI-use policies in the workplace.

Some Canadian data highlights are below, and more thorough Canadian and global insights at this link.

Leave a comment »

Guest Post: Crypto Scam Losses Doubled In 2023 Compared To Last Year

Posted in Commentary with tags on December 12, 2023 by itnerd

Scammers have become more sophisticated, and many crypto investors still lack understanding about securely storing and transferring digital assets.

According to the data analyzed by the Atlas VPN team, blockchain scam losses reached $610 million through the first three quarters of 2023. Throughout the whole of 2022, scammers got just half the amount of $300 million from blockchain projects.

Crypto scam activity in 2023 started slowly, with just $9 million stolen across 9 scams in the first quarter. It was just a small fraction of the $51 million stolen through 20 crypto scams in the first quarter of 2022.

In the second quarter of 2023, scammers made off with $239 million in losses across 28 scams. That is three times as much as the $80 million stolen in Q2 2022. The third quarter of 2023 recorded staggering losses of $360 million, eclipsing total losses for all of 2022.

Cybersecurity writer at Atlas VPN, Vilius Kardelis, shares his thoughts on crypto scams:

“Lack of consumer confidence and security around crypto remains a major roadblock to wider participation. Lawmakers need to take responsibility to better prevent frauds like elaborate fake investment schemes. More consumer education is equally essential so potential cryptocurrency buyers or traders understand where threats exist.”

Top scams of the year

Many of the biggest crypto scams in 2023 involved fake investment programs that promised people big returns.

The JPEX scam stole over $190 million of investors’ money. The alleged fraud surrounding the Hong Kong cryptocurrency exchange platform has erupted as one of the largest crypto scams worldwide in 2023.

South Korean company, “Blockchain for Dog Nose Wrinkles” scammed people out of $127 million. The business marketed a blockchain app to identify dogs through their nasal folds, promising up to 150% returns in 100 days, however it was a typical Ponzi scheme.

Legal authorities in India have successfully busted a $120 million cryptocurrency Ponzi scheme The Solar Techno Alliance. Fraudulent investment scheme called CoinDeal cost $45 million to investors all around the world. Founders of Fintoch, another Ponzi project, were able to steal over $31 million of user funds.

To read the full article, head over to: https://atlasvpn.com/blog/crypto-scam-losses-doubled-in-2023-compared-to-last-year

crypto-scam-losses-doubled-in-2023-compared-to-last-year

Leave a comment »

Non-Profit Organizations and Donors Exposed in Management Platform Data Breach

Posted in Commentary with tags on December 12, 2023 by itnerd

Nearly 1 million records belonging to DonorView, a fundraising and donor management company were exposed according to Cybersecurity researcher Jeremiah Fowler, putting non-profit organizations and donors at risk of being targets of many online threats.

The key findings are the following:

  • 948,029 records totalling 465.27 GB.
  • Many documents that revealed PII such as donor names, addresses, phone numbers, emails, and more.

If you want to know more about Jeremiah’s findings, you will find all the details here: https://www.vpnmentor.com/news/report-donorview-breach/

If you want to know more about Jeremiah’s findings, you will find all the details here: https://www.vpnmentor.com/news/report-donorview-breach/

It is important to share this report to raise awareness about the dangers of leaving such data open to the public, but also to notify people who may have been affected. In this specific case, the data exposed could be used by ill intentioned hackers to attempt phishing scams, identity theft, fraudulent donation requests and more.

Leave a comment »

Action1 Expands into Europe

Posted in Commentary with tags on December 12, 2023 by itnerd

Action1 Corporation, a provider of the #1 risk-based patch management platform designed for distributed enterprise networks, today announced its expansion into the European market. This move follows a significant year-over-year growth in North America from 2022 to 2023. As a part of its expansion, Action1 established a data center in Germany, Frankfurt.

In light of the growing challenge for European companies to proactively address vulnerabilities and thwart ransomware threats, Action1’s entrance into the European market is timely. Statista reports that organizations take up to 290 days to patch vulnerabilities, leaving a window of opportunity for cyberattacks. The European Council has identified ransomwareas a significant EU cyber threat, with 60% of affected organizations considering ransom payments.

Action1 is set to introduce its modern cloud-native platform to European organizations, enabling them to effectively identify, prioritize, remediate vulnerabilities, and improve their security posture.

Key Highlights:

  • Local Presence. The company is establishing a presence in the UK, France, and the DACH region, aiming to be closer to its European clients and their needs.
  • European Data Center. In line with Action1’s commitment to data privacy, the company has established a facility in Frankfurt, Germany, to help ensure that customers handling sensitive data meet the stringent GDPR standards and ensure data residency and sovereignty.
  • Enhanced Support. European customers will benefit from personalized support, available 24/7 in their time zones.

Action1 is the #1 risk-based patch management platform for distributed networks trusted by thousands of global enterprises. Action1 helps to discover, prioritize, and remediate vulnerabilities in a single solution to prevent security breaches and ransomware attacks. It automates patching of third-party software and operating systems, ensuring continuous patch compliance and remediation of security vulnerabilities.

The company was founded by cybersecurity veterans Alex Vovk and Mike Walters, who previously founded Netwrix, which TA Associates acquired.

Learn more at www.action1.com.

Leave a comment »

2024 Predictions on AI, Cybersecurity, and Email Authentication from Valimail’s Leaders

Posted in Commentary with tags on December 12, 2023 by itnerd

In 2024, we can expect to see a dramatic escalation in AI-fueled disinformation and sophisticated cyber threats, especially during the U.S. election year!

With disinformation spreading more rapidly due to advanced AI tools, email authentication will become critical to safeguard against false narratives. The election season will likely see intensified information attacks, highlighting the need for stringent verification of digital communications. As cyber threats grow more sophisticated with AI advancements, robust authentication will emerge as a key defense necessary to discern real interactions from AI-generated deceptions. This evolving cyber landscape underscores the urgency of adapting security strategies to outpace these emerging challenges.

Valimail’s Alexander Garcia-Tobar, CEO and Co-Founder, and Seth Blank, Chief Technology Officer (CTO), had this to say:  

Alexander Garcia-Tobar, CEO and Co-Founder, Valimail

A Rise in Disinformation Influenced by Global Events and AI: 

“In 2024, there will be an acceleration in disinformation, exacerbated by ongoing global conflicts and the growing availability of AI tools that will create and/or spread false narratives more rapidly and convincingly. This trend will be viewed against a backdrop of declining public trust in institutions, a phenomenon intensified by the US election year. With email being the primary communication tool used, validating sender authentication will become increasingly more important.”

Election Year Vulnerabilities and State Actor Threats: 

“2024 brings a national election, which will bring a heightened risk of targeted information attacks, especially given explicit warnings from foreign state actors about their intentions to disrupt or influence the electoral process through information warfare. With email and social networks as primary attack vectors, there will be an increased need to know the authenticity of the sender/originator of the communication.”

A Rise in the Importance of Email Authentication and Transparency in Digital Communication

“Email authentication will play a crucial role in maintaining the integrity of digital communications, especially as disinformation becomes more prevalent. Ensuring the authenticity of the sender will gain acceptance as a vital first step in building trust and accountability online. This will include the need for transparency in content creation, where the source or authorship of information must be verifiable, reducing the potential for impersonation and misinformation.”

Seth Blank, Chief Technology Officer (CTO), Valimail

Increased sophistication and pervasiveness of cyber threats with AI: 

“There will be a significant rise in the sophistication of cyber threats, primarily due to the advancement and widespread use of AI and generative AI. This will lead to an increase in the challenges in determining the authenticity of communications as AI technologies become more capable of imitating real human interactions. The potential for more realistic phishing attacks and the spread of disinformation, leveraging AI’s ability to mimic different personas convincingly, will be a part of this. It’s important to underscore that AI can be used not only for beneficial purposes but also maliciously, making it increasingly difficult to discern genuine communications from fraudulent ones. As email has been abused by generative content for decades, the ecosystem should look at email’s existing protections as a way to protect itself from the new threats of generative AI.”

Authentication Will Be the Key Defense Strategy: 

“Authentication will become the first line of defense against sophisticated cyber threats. And any communication lacking proper authentication will be treated with suspicion. This approach will become an accepted crucial measure in filtering out potential threats and reducing the risk of falling prey to AI-generated frauds or disinformation campaigns. Emphasis will be put on the need for more robust and sophisticated authentication mechanisms to keep pace with the evolving nature of cyber threats.”

A Shift in Threat Landscape Due to Improved Email Security: 

“With advancements in email security, particularly through stringent authentication requirements, there will be a shift in the threat landscape. As email becomes more secure and less susceptible to attacks, attackers will pivot to other, less secure communication channels, such as SMS, phone calls, and IOT communications. This shift will reflect the adaptive nature of cyber-criminals, who continually seek out the weakest points in the security infrastructure, and highlight the ongoing challenge of maintaining a comprehensive security posture that evolves in response to the changing tactics of cyber attackers.”

Leave a comment »

Elizabeth Warren Jumps Into The Apple Vs. Beeper Mini Fight

Posted in Commentary with tags on December 12, 2023 by itnerd

The Apple versus Beeper Mini fight has attracted the attention of Capitol Hill. But first, some background to get you up to speed:

And this back and forth between Apple and Beeper Mini has now gotten the attention of US Senator Elizabeth Warren who is known for taking stands on anti-trust issues:

iMessage is a closed platform because Apple deems it to be so. That much is true. But Beeper Mini has literally broken into that platform. They didn’t ask Apple if they could do this. Likely because Apple would have said no. So she can’t be surprised that Apple took a dim view of what Beeper Mini did and are trying to take them out as a result. For Apple, this is a security issue first and foremost. Any suggestion that this is a competition or antitrust issue is a #fail.

The fact is Warren is on the wrong side of this issue. If I were her, I’d reconsider her position.

1 Comment »