Archive for December 21, 2023

Pre-Christmas delivery Scam Sites Up 34% In December Alone

Posted in Commentary with tags , on December 21, 2023 by itnerd

Scammers are taking advantage of shopper’s last minute delivery panic with a surge in fake parcel delivery websites. Group-IB is reporting a 34% increase in such sites in just the first 10 days of December, over November.  In one campaign alone, CERT-GIB detected 1,539 phishing websites impersonating postal operators and delivery companies, since the beginning of November. The campaign affects delivery services in 53 countries.

In a typical attack, scammers send SMS messages to victims, often disguised as “urgent” or “failed” delivery notifications. The messages mimic well-known postal services, prompting recipients to visit scam websites and leave their personal and payment details. These sites will use official names and logos, using typosquatted URLs to add legitimacy.

To avoid detection by researchers and law enforcement, the fake sites are only live for a few days and restrict access geolocation, device and operating system.

Emily Phelps, Director, Cyware had this comment:

   “Unfortunately, opportunistic cybercriminals use timeless tactics to target unsuspecting consumers in the digital age – exploiting human behavior. During the holidays, we often see surging scams centered around common activities like online shopping and gift giving, creating a sense of urgency. So, if you receive a text or email that strikes panic, take a pause to consider if the message looks suspicious or legit. Haste makes waste and taking a moment to be sure it’s from a valid source can make you more secure.”

If you want an example of what one of these scams looks like, I did a breakdown on such a scam here. Please take a look at it so that you’re not caught off guard by one.

Leave a comment »

Analysis Of The Canadian Economy In 2023 According To helloDarwin’s Data

Posted in Commentary with tags on December 21, 2023 by itnerd

helloDarwin, the innovative platform connecting businesses and suppliers, unveils the major trends shaping the industry in 2023. With a thorough analysis of data gathered from its 13,000 projects since its inception in 2017, helloDarwin provides an insightful overview of the  developments that will mark this year.

Companies tighten their belts

A telling trend: while the volume of exchanges between customers-demanders and suppliers-bidders is clearly up, by 24.69%, dollar investments are lower.

Sectors in demand among Canadian companies: digital transformation

Growth in sectors or expertise most in demand  

+ 71.49% of requests for transactional website projects

+ 60.80% of requests for digital marketing projects

+ 25.25% of requests for hiring external consultants 

+ 24.56% requests for external human resources expertise

Decline in certain sectors

– 69.70% fewer requests for print marketing services 

– 28.26% fewer requests for video production services 

– 15.79% fewer requests for graphic design services

The digital marketing, IT, software management, marketing strategy and website creation sectors were all on the rise in 2023 compared to 2022. In 2023, the acceleration of digital transformation was particularly noticeable, reflecting companies’ growing awareness of the need to adapt to the demands of the post-COVID market. 

Increased use of consultants

In an uncertain economic climate, companies are finding it difficult to recruit talent internally. As a result, there has been a marked increase in the demand for consultants.

Boom in subsidies and external funding

The use of grants is growing exponentially, with a 49% increase in the number of projects financed partly or wholly by external funding. Programs such as the Canadian Digital Adoption Program (CDAP) and ESSOR offer crucial opportunities for companies seeking digital transformation. Jeff Carrier says: “Grants are not simply funding, but a strategic opportunity for companies to realize their full potential.”

Outsourcing specific tasks

An emerging trend reveals that companies are now outsourcing specific tasks in the form of “boutique outsourcing”. This approach, in collaboration with in-house resources, enables targeted mandates to be fulfilled efficiently.

Increased competition and aggressive acquisition strategies

helloDarwin notes increased competition on its platform in 2023, with the average number of applicants per project up 38.49% on 2022.

Another new feature for 2023 is that major marketing, advertising and communications agencies and clients across Canada are now interested in helloDarwin’s services in large numbers.

Highlights in brief

  • 24.69% growth in the number of projects submitted in 2023 compared with 2022. 
  • 32% decline in dollar investment per customer-supplier transaction in 2023.
  • Average number of applicants per project increased by 38.49%. 
  • 6000 suppliers are active on the helloDarwin platform.

Leave a comment »

Beeper’s CEO Confirms Their Workaround Plans…. And He Also Tries To Make Beeper Good Guy

Posted in Commentary with tags on December 21, 2023 by itnerd

Earlier today I posted a story about MacRumors finding that Beeper was going to use jailbroken iPhones to keep their iMessage on Android service alive. I can now say that this Reddit thread confirms these plans. In that thread are two links. This one confirms the plans that MacRumors discovered and adds a lot more detail. And it also reveals that you can use a Linux computer to get your iMessage on Android fix as well.

Then there’s this link. I encourage you to read it as it has a lot of talking points from Beeper CEO Eric Migicovsky to make them look like they’re the good guy in this fight. And you’re free to draw your own conclusions on that. But here’s my conclusion on this.

Everything that they argue in that link is complete BS.

Beeper does not have the right to hack or reverse engineer they way into iMessage just because Android users don’t have the same messaging experience as iPhone users. I don’t care if Apple is 1% of the market or 100% of the market in the US. That’s in my mind is not something that they can simply do. And to spin it as they’re making things more secure for Android users or opening things up for Android users or somehow they’re making the world a better place is a false economy. Apple on the other hand has every right to do whatever they need to do to shut Beeper down because iMessage is Apple’s sandbox and they get to decide who plays in it. Which at the moment is nobody that isn’t Apple. In fact, and I rarely say this, I don’t understand how Apple with their army of iLawyers haven’t sued Beeper out of existence. Their cat and mouse game with Beeper isn’t a long term solution to this problem. Apple who has been known to lower the boom on companies for less should just lower the boom on Beeper and be done with this.

And I have a message for any Android user who is considering using Beeper’s workaround. You simply deserve better than what Beeper is offering if you really want iMessage on your Android device. Maybe that means Apple is “encouraged” to open iMessage up. Or “encouraged” to embrace other standards such as RCS. Or both Apple and Google are “encouraged” to come up with a universal standard of some sort to make the blue bubble/green bubble thing moot. Whatever that looks like, it would be far better than what Beeper has brought to the table. And that’s what Android (and iOS) users should be advocating for. Strongly. The fact is that if Android users have to hop though this many hoops to get iMessage on Android, it would consume a lot less time and effort on their part to just buy an iPhone if they really want to be a blue bubble person. Beeper isn’t putting forth a solution here. What they’re putting forth is a panacea that will eventually get taken out, destroyed, and burned in a bonfire by Apple. Which in turn will put Android users back to square one in terms of having the iMessage experience. Meaning it’s simply not worth investing their time, effort, and potentially money in chasing a pipe dream.

1 Comment »

New JavaScript Malware Aims To Steal Your Banking Data Says IBM

Posted in Commentary with tags on December 21, 2023 by itnerd

A new malware campaign that emerged in March 2023 used JavaScript web injections to try to steal the banking data of over 50,000 users of 40 banks in North America, South America, Europe, and Japan.

IBM’s security team discovered the threat and reports the campaign had been under preparation since at least December 2022, when the malicious domains were purchased. Though not specified, the initial infection is likely through malvertizing, phishing, etc.

The FBI discovered that the JS script targets a specific page structure common across multiple banks. When the page contains a certain keyword and a login button with a specific ID, new malicious content is injected to intercept user credentials and one-time passwords (OTPs).

“The retrieved script is intentionally obfuscated and returned as a single line of code, which includes both the encoded script string and a small decoding script.

“In the past, we observed malware that directly injected the code into the compromised web page. However, in this campaign, the malicious script is an external resource hosted on the attacker’s server. It is retrieved by injecting a script tag into the head element of the page’s HTML document, with the src attribute set to the malicious domain.”

The malicious script masquerades as legitimate JavaScript CDNs (cdnjs[.]com and unpkg[.]com) to avoid detection and includes checks for specific security tools before executing.

Emily Phelps, Director, Cyware has this comment:

Cyber threats are continuously evolving to bypass detection mechanisms. This evolution accentuates the critical importance of proactive threat intelligence and trusted intelligence sharing, especially in sectors like finance which are frequently targeted due to their access to valuable data. Relying on tactics that exploit human behavior – such as phishing and malvertising – along with the development of technologies that circumvent traditional safeguards, security teams need real-time, context-rich threat intelligence to outpace threat actors.

Ted Miracco, CEO, Approov Mobile Security follows with this:

   “This attack highlights that the financial services sector is extremely vulnerable to fraud, especially when it is simply relying on user authentication and one time passwords (OTPs). Credential theft is the focus of attackers, and this JS attack demonstrates how vulnerable consumers are even with multi-factor authentication (MFA). 

   “Banks need additional security layers especially with mobile banking apps and can implement measures like app tampering detection, mobile app attestation, and runtime application self-protection (RASP) techniques to prevent attacks on APIs. These measures help prevent unauthorized modifications to the app that could introduce malicious code and may also prevent fraud from credentials that were stolen using web-based techniques like this.”

David Ratner, CEO, HYAS Infosec adds this comment:

   “Criminals will continue to find new and innovative ways to steal data and money.  However, the infrastructure needed to conduct and carry out their attacks must be procured and setup in advance.  Focusing on the adversary infrastructure layer is one of the best ways to drive resiliency and protection when the attack vector and technique will constantly change.”

Hopefully the fact that this malware is now getting attention will mean that it will be less effective for whomever is behind this. But as always, there will be a new threat that will emerge that will threaten users out there. Thus it would make sense to be on guard for anything and everything that could possibly be a threat.

Leave a comment »

Tesla Pulls The Disney+ App From Their Vehicles Because Elon Musk Got His Feelings Hurt

Posted in Commentary with tags on December 21, 2023 by itnerd

A reader pointed me towards what seems to be a really dumb move by Elon Musk. Apparently Tesla has removed the Disney+ App from Tesla vehicles in retaliation for Disney not advertising on Twitter. Which in part led to Elon’s very outrageous recent rant that was full of f-bombs and specifically called out Disney CEO Bob Iger. Though I will say that there is some uncertainty around this move. Let me walk through it with you:

Over the weekend, numerous Tesla owners began to report that Disney’s streaming app, Disney+, was suspiciously missing from their vehicles. 

Okay. But like anything that involves Elon, it isn’t that simple:

Other Tesla owners found that the app had also been removed from their vehicle. While others have reported that the Disney+ app is still there.

So what’s going on here? Is it gone or not? This might provide some insight:

According to a report from online electric vehicle news outlet Electrek, a source tells them that Tesla informed Disney that it was removing the Disney+ app last week. Tesla then altered its decision and said it would only remove the app from Tesla vehicles that have never used the Disney+ app before.

Along with this:

According to Electrek, Tesla did not provide Disney with a specific reason for the removal of the Disney+ app, but the message sent by the company was “read between the lines.”

So if I had to guess, Tesla is yanking the Disney+ app from a subset of vehicles to send a message to Disney that not advertising on Twitter is unacceptable to Elon. That really sounds like Elon got his feelings hurt and as a result is lashing out like an upset five year old in a toy store who is mad that mommy and daddy won’t buy him the toy that they want. Honestly, I don’t see this move having a material impact on Disney. But I do see it as adding to the financial crisis of Twitter as it will reinforce why no company should advertise on the platform. Along with creating negative press for Tesla that it simply did not have to create. And finally making Elon Musk look worse than he already does. None of which is good for Elon, Twitter, and Tesla. The question becomes, when stuff like this becomes fatal for all of the above. Especially Twitter who is bleeding cash at the moment.

Leave a comment »

New Recorded Future Cyber Threat Analysis Annual Payment Fraud Intelligence Research Report 2023

Posted in Commentary with tags on December 21, 2023 by itnerd

Recorded Future has published its Annual Payment Fraud Intelligence Report: 2023, a cyber threat analysis that looks at payment fraud trends over the past year by Insikt Group, the company’s threat research division, comprising analysts and security researchers. 

The report analyzes events and fraud trends, exploring the payment fraud threat landscape from 2023 to reveal key findings and for 2024, offering anticipations, expectations, and predictions that the coming year will see continued payment fraud underground and growth in sophisticated hybrid cyber-fraud threats. 

You can read the report here.

Leave a comment »

Beeper Is Apparently Turning To Jailbroken iPhones To Restore iMessage On Android Functionality…. WTF?

Posted in Commentary with tags on December 21, 2023 by itnerd

From the “this is sketchy AF” department comes this report from MacRumors that Beeper is so desperate to get Beeper Mini working again, that they are turning to using jailbroken iPhones to do it:

The developers of Beeper Mini, the iMessage for Android app, are back with another attempt to keep Apple’s blue bubbles onside, and this time they will ask users to generate their iMessage registration data with the help of jailbroken iPhones, MacRumors has learned.

And:

In its latest effort to keep the service afloat, Beeper will suggest that users get hold of an old iPhone to get iMessage working on their Android phone. Users will then be asked to install a free Beeper tool to generate an iMessage registration code that will reinstate the ability to register phone numbers on the service. The catch is that the iPhone must first be jailbroken, and it must be plugged into power, at home, and connected to Wi-Fi for periodic registration re-requests.

If users don’t have access to an old iPhone for jailbreaking in order to complete the registration process, that’s okay – Beeper will rent them one for a small monthly fee. The developers say this service will be available in the new year, if there is enough interest. The plan was leaked ahead of time when a Beeper blog post was published then swiftly removed, but not before a snapshot was generated by the Internet Archive’s Wayback Machine, as spotted by MacRumors contributor Aaron Perris.

The fact that Beeper has to resort to increasingly sketchy methods to get and keep their service working only serves to underline the fact that the company is on the wrong side of this issue. On top of that, you have to wonder how many Android users are going to be willing to hop through these hoops to get that blue bubble experience.

At this point, if Android users really want the blue bubble experience this badly, then they should just buy an iPhone and be done with it. To me it seems far easier than this nonsense.

1 Comment »

Here’s Some Predictions From Appdome, Nuspire,

Posted in Commentary with tags , on December 21, 2023 by itnerd

Chris Roeckl, CPO, Appdome

Geo Compliance will become critical as regulators will take a more active role

In 2024, regulators will take a more active role in the mobile security landscape.

In Asia for example, the shared responsibility framework by the Monetary Authority of Singapore and the Infocomm Media Development Authority holds banks, fintechs and telcos to a higher standard to prevent mobile fraud. Hong Kong Monetary Authority (HKMA) also adopted a stronger stance against scams by mandating that banks implement several new measures including enhanced monitoring for suspicious transactions and additional customer authentication. Similarly in the Philippines, the Bangko Sentral ng Pilipinas (BSP) released Circular 1140 aimed at protecting consumers from fraudulent schemes and establishing greater confidence in utilizing digital payment methods.

The differing regulations and frameworks across the world create a complicated compliance process. As a result, geo-compliance will become critical for app makers who are looking to comply with the rules and regulations in force in every geography where their mobile apps are in use. Geo-Compliance has three elements to it (1) easily create different security models for different countries (2) easily demonstrate to the regulators that the security in the mobile app complies with the country and industry specific regulations and (3) actively prevent the use of a mobile app in certain geographies.

App makers will need to look for comprehensive mobile app defense solutions that can protect their consumers and mobile business against all different kinds of cyber threats, mobile fraud, and on-demand malware, both today and tomorrow.

Mike Pedrick, VP of Cybersecurity Consulting, Nuspire:

Business Disruption: Generative AI Outsmarting Users

In 2023, two cases captured national headlines regarding the use of generative AI to make work easier.  One case involved a lawyer who asked ChatGPT to compile a list of court decisions that might help win a run-of-the-mill personal injury case – not an unreasonable ask at first blush. However, despite the generative AI tool returning comprehensive cases that showed a clear and direct association with the relevant case – so much so that the attorney submitted them as fact – they were utterly fictitious.  

In what is an entertaining echo, the former lead defense attorney for musician Pras Michel used generative AI to build his closing argument. The result? The argument “made frivolous arguments, misapprehended the required elements, conflated the schemes and ignored critical weaknesses in the government’s case.”

The bottom line seems to be that despite the wild popularity of generative AI, it still is not a suitable replacement for human attorneys.

I predict that we’ll hear of other, similar instances of generative AI being used carelessly in 2024 and, most likely, several careers ending in the process.

Leave a comment »