Archive for January 15, 2024

Flashpoint Details The Evolution Of Information-Stealing Malware

Posted in Commentary with tags on January 15, 2024 by itnerd

Information-stealing malware, known as ‘stealers,’ have evolved significantly from their origins as banking trojans. Today, these stealthy programs have become a tool of choice for cybercriminals, due to their lightweight nature and ability to scrape a wide range of sensitive data.

This topic is covered in a new blog post from Flashpoint. The blog covers:

  • The stealers’ evolution, their journey from the ZeuS trojan to today’s sophisticated versions.
  • How the simplicity, source code availability, and low costs that drive their use.
  • How their methods from initial infection to data exfiltration work.
  • How cybercriminals exploit stolen data, including selling credentials and unauthorized account access.

You can read this blog post here: https://flashpoint.io/blog/evolution-stealer-malware/

Leave a comment »

Cradlepoint Introduces New 5G Router For Retail Pop-Up Sites And Small Offices

Posted in Commentary with tags on January 15, 2024 by itnerd

 Cradlepoint, the global leader in cloud-delivered LTE and 5G wireless network edge solutions, today announced the release of the E100 5G Enterprise Router. Specifically designed to support retail and small office applications — including POS, video surveillance, inventory applications, and IT — the E100 5G combines the performance of 5G with modern security through Cradlepoint NetCloud Exchange. Integrated SD-WAN and zero trust deliver leading edge 5G SASE capabilities and enable IT teams to provision and manage networks and security at scale with fewer staff. 

With retail vacancy rates in Canada at historically low levels, retailers are turning to creative pop ups and experiential stores, often smaller in size, to meet consumer demands for interactive experiences. With this, IT teams need to sustain creative business models while supporting applications and security policies consistently even in small spaces where higher performance, lower latency and minimized downtime is imperative. 

The E100 5G Enterprise Router meets this demand in the retail and small office markets by enabling reliable connectivity and protecting the network and users accessing web applications, from external threats. IT teams can gain further confidence in deploying communications, IoT and point of sale (POS) devices in small and temporary sites just as they would in flagship locations. 

Key capabilities of the E100 5G Enterprise Router include: 

  • Connect-and-go zero trust architecture: Secures the WAN by enabling enterprises to replace complex VPNs with a more secure zero trust network
  • Additional high availability: Integrated and easy to configure failover for hybrid WAN or dual cellular locations provides IT teams with the confidence needed to be assured of connectivity during unpredictable conditions
  • Latest 5G standard to match the latest capabilities from carriers: Access high performance 5G and future proof network connectivity with an integrated 5G modem
  • Scalability across locations: Supports thousands of small offices and temporary sites, allowing global management with limited-to-no incremental staff

For more information on the E100 5G Enterprise Router, please visit here

Cradlepoint will also be onsite at NRF 2024: Retail’s Big Show in New York from January 14-16, 2024. Please stop by booth #5675.

Leave a comment »

Apple Is Apparently Planning To Get Around The Apple Watch Sales Ban By Disabling The Pulse Oximetry Features

Posted in Commentary on January 15, 2024 by itnerd

9to5Mac is reporting that Apple by all reports is going to get around the ban on Apple Watch sales by taking the extreme approach. They’re going to disable the pulse oximetry features:

The U.S. Customs agency has handed down its decision on whether Apple’s proposed redesign of the Apple Watch Series 9 and Apple Watch Ultra 2 is enough to circumvent infringing on two Masimo patents related to the blood oxygen sensor. 

In a filing on Monday with the Federal Circuit, attorneys for Masimo say that “U.S. Customs and Border Protection decided that Apple’s redesign falls outside the scope of” the ITC ruling. Apple’s redesign, however, is to remove the pulse oximetry features from newly sold devices.

We’re waiting on more details from Apple on this situation. In the interim, what this means is that Apple can keep selling the Apple Watch Series 9 and Apple Watch Ultra 2, but those devices will no longer “contain pulse oximetry features.” This applies only in the United States. 

I have to admit that if this is accurate, this is surprising. The reason being is that it was rumoured that Apple was trying to find a way around the Masimo patents. But I am guessing that effort failed and now the only option is to yank the feature from unsold Apple Watches. Which means that this doesn’t affect existing users. So if you are in the US and you were thinking of an Apple Watch, now might be a good time to get one.

The thing that surprises me is that Apple for whatever reason is willing to die on this hill. I don’t get why they have taken this stance. But they have. Masimo is a company with a roughly $6.12 billion market cap. Apple could pay them $3 billion and sign some cross licensing agreements as part of the deal along with dismissing any legal action the two parties have against each other and I suspect that Masimo would take that deal without hesitation. So you have to wonder why Apple isn’t going that route? The cynic in me says that if you accept that Apple “Sherlocked” Masimo to get this feature into the Apple Watch, then Apple may be afraid that every other company that they’ve “Sherlocked” over the years will come out of the woodwork looking for their pay day. But that’s just speculation on my part. Though I suspect that it has an air of truth to it.

Let’s see what the next twist in this saga is as it’s going to get real very quickly for Apple.

2 Comments »

If You Can’t Install KB5034441 On Your Windows 10 Computer, You’re Not Alone

Posted in Commentary with tags on January 15, 2024 by itnerd

This past “Patch Tuesday”, Microsoft released KB5034441 which has a fix for CVE-2024-20666, a vulnerability that allowed for BitLocker encryption bypass. Needless to say, this is serious and you should install this ASAP to address this issue.

However, shortly after this KB was released, reports started to appear that users were unable to install this KB. Investigation by numerous people and Microsoft determined that the issue was due to the recovery partition that is created when you install Windows 10 not being big enough. This happens because the WinRE (Windows recovery environment) image file deployed as part of the KB5034441 security update is too large for the recovery partition. Thus the fix is to resize the partition.

Here’s why you don’t want to go this route unless you are really brave.

Now you can do this manually using these detailed and very complex instructions that are way beyond the pay grade of the average user. Never mind an IT professional. And you can really screw up your PC if you do something wrong. Or you can use the a PowerShell script to help you automate updating the WinRE partition. But if you read through the instructions, it requires some prerequisites to be present for this to work. And frankly, it’s also meant for IT departments and not home users. And it too has the potential to screw up your PC. So that’s not a real option as well.

The thing is that I have encountered this issue with home and business users alike. Including on one of my own Windows 10 computers. So given how widespread this issue is, as in have a look at this Reddit post that illustrates how widespread this, a real solution from Microsoft needs to be released to address this. And that solution needs to be something that doesn’t include the gymnastics that Microsoft is recommending. In other words, it has to be a packaged fix that literally an exercise of clicking “next”, “next”, “next”, “done”. Because by the time you have to run PowerShell scripts or do things that 99% of users should have no business doing, it’s not a solution that is workable. And keep in mind that this is in relation to a security issue that Microsoft is trying to fix. Which means that threat actors are likely coming up with exploits to take advantage of this as there’s a whole lot of people out there who have the potential to get pwned the longer that this goes without being fixed. Hopefully Microsoft knows all of this and is working to address this properly and quickly.

Over to you Microsoft.

1 Comment »