Archive for January 19, 2024

New Samsung Galaxy Tab A9+ Announced

Posted in Commentary with tags on January 19, 2024 by itnerd

Samsung Electronics has recently announced the launch of the new Samsung Galaxy Tab A9+, which will provide users with the exceptional Samsung tablet experience at a great value. The Galaxy Tab A9+ combines immersive video and audio with hyper-fast connectivity to support everyday entertainment and productivity needs in a portable package. As a member of the Galaxy connected ecosystem, this new device will offer a continuous experience across multiple Galaxy devices.  

With the Galaxy Tab A9+, Samsung is making it easier than ever for all to enjoy great entertainment and productive multitasking. Below are a few of the product highlights: 

  • Engineered For Viewing Pleasure: The Galaxy Tab A9+ offers the largest screen of any Galaxy A series tablet yet, with an 11-inch display to immerse users in their favourite movies, shows, or games. 
  • Awesome Performance: With the largest memory and storage available on the Galaxy Tab A series to date, there is plenty of room to store and save documents, sources of inspiration, and more. 
  • Samsung Kids: With a simple set up process, parents and caregivers can monitor and control children’s digital activities, access settings, create child profiles, set playtime and monitor the content that children are consuming. 

The Samsung Galaxy Tab A9+ will be available for purchase at samsung.com, Samsung Experience Stores, and at major carrier and retail partner locations across Canada, starting at $329.99 for 64GB.

For more information about the Samsung Galaxy Tab A9+, please visit the Samsung website.  

Leave a comment »

Bell Kills The Source Brand And Teams Up With Best Buy To Create Best Buy Express Stores

Posted in Commentary with tags , on January 19, 2024 by itnerd

Years ago, Bell bought what was left of the Circuit City retail brand, renamed them The Source and used them as another retail arm to exclusively push Bell products and services among other things. But that changed with this press release where Bell has announced that The Source branding will be no more, and that the telco is teaming up with Best Buy to create Best Buy Express retail stores:

Best Buy Canada and Bell Canada (TSX: BCE) (NYSE: BCE) have entered into a strategic partnership to operate 165 consumer electronics retail stores in Canada. The Source, a wholly owned subsidiary of Bell, will be rebranded as Best Buy Express and offer the latest in consumer electronics from Best Buy along with exclusive telecommunications services from Bell.

This innovative partnership will make the most of the respective strengths of Best Buy and Bell to deliver an exceptional shopping experience for Canadians. Best Buy and Bell will invest in an updated store experience, as well as an expanded product assortment, customer experience and training. Customers will benefit from Best Buy’s expertise in consumer electronics to find the latest products from the world’s leading brands, its global buying power and industry-leading supply chain. In addition, customers will find Bell, Virgin Plus and Lucky Mobile mobility, Internet, TV and home phone services, all backed by knowledgeable sales and support they have come to expect from Best Buy and Bell.

Best Buy will expand its presence in malls and in smaller and mid-sized communities across the country, leveraging 165 The Source locations that will augment Best Buy’s presence throughout Canada. Best Buy Express’ small-store format will give customers an easy-to-navigate, welcoming experience, enabling customers to experience the products in person and talk with a sales associate before purchasing. As today’s customers increasingly want to shop in ways that are convenient for them, whether in store or online, the e-commerce power of bestbuy.ca will offer customers a wider selection of consumer electronics with the option for full delivery or pick up of online orders in Best Buy or Best Buy Express stores.

Best Buy Express is expected to open in locations across Canada starting in the second half of 2024.

So Best Buy get to be in places across the country. And Bell gets another retail channel where they are the only player in the game. I say that because Bell has a strategic partnership with Staples which gets them similar levels of access. I can see how this is a win for Bell and Best Buy. At least on paper. Let’s see how this plays out once these rebranded stores start to appear.

1 Comment »

Phishing Emerges As Top Threat for Security Professionals Says Fortra

Posted in Commentary with tags on January 19, 2024 by itnerd

Fortra has published the findings from its inaugural 2024 Fortra State of Cybersecurity Survey. The research uncovers the challenges security professionals have faced over the past year, as well as what they plan to focus on next as they continue to embrace digital transformation, new hybrid infrastructure, and tackle a challenging security landscape. 

Hybrid Environments Lead to Disparate Challenges and Priorities  

The survey found that most organizations anticipate phishing (81%), malware and ransomware (76%), and accidental data loss (63%) will be the top security risks over the next six months, followed by social engineering (55%) and third-party risks (52%).  

To address these threats, security professionals’ top five cybersecurity initiatives for this year are: limiting outsider threats (such as phishing and malware) (74%), finding and closing security gaps (73%), improving security culture (66%), securing the cloud (63%), and compliance (62%). 

64% of respondents in Fortra’s survey reported having a hybrid environment, while 19% were cloud-first, and 12% were cloud-only. The 6% who said they had no plans to move to cloud cited security concerns as the reason to not make the jump (77%). 

Skill Shortages and the Increasing Role of Managed Security Services 

The research also explored the hurdles hindering the execution of security strategies, with budget limitations (54%), the constantly changing nature of threats (45%), and lack of security skills (45%) topping the list. In addition, the survey revealed that while everyone is seeking to implement principles of zero trust, a quarter said they aren’t planning to due to insufficient resources. 

Many organizations are aware that upskilling needs to occur to strengthen their security position, with 67% saying they are focusing on improving the skills of their staff. Organizations are also leaning into managed security services to offload some of the weight. The most popular areas to offload being: email security and anti-phishing (58%), vulnerability management (52%), data protection (51%), and compliance (40%). 

Report Methodology/Respondent Profile 

The 2024 Fortra State of Cybersecurity Survey canvassed opinions from over 400 security professionals within 40 different industries across the U.S., Europe, Canada, Asia, the Middle East, Latin America, the Caribbean, Australia, and New Zealand. It provides an essential industry temperature check at a criticaljuncture in organizations’ digital transformation journeys, whereby leaders are planning security for their new hybrid infrastructure that meets the productivity needs of distributed workforces. 

Find out more about the shifting cybersecurity landscape by reading Fortra’s full report here

Leave a comment »

UK Builds Public-Private ‘Cyber League’ To Combat Emerging Cyber Threats

Posted in Commentary with tags on January 19, 2024 by itnerd

The UK’s National Cyber Security Centre (NCSC) has announced plans to convene public and private experts in a new Cyber League in an effort to combat cyber threats facing the UK.

Members of Cyber League will be a diverse group of industry experts, working with NCSC analysts and each other. The group will take part in a range of engagements, analytic workshops and discussion groups with the intention to improve visibility and tracking of existing and emerging threats.

“We continue to operate in a world of greater competition, instability, and contention than we have in over 30 years; a time before which cyber was material.

“As such we need to go beyond the excellent work already in place […] and prepare for when the big cyber event hits organizations, the UK, and the globe. Our adversaries, criminal and otherwise, are more aggressive and technically able than ever before, and show no sign of slowing down,” Ollie Whitehouse, new NCSC CTO warned earlier this week.

The initiative will complement the NCSC’s Industry i100 program, where third-party cyber experts are seconded to work at the agency on a part-time basis. 

Jason Keirstead, VP of Collective Threat Defense, Cyware:

   “It is extremely encouraging to see this announcement from the NCSC. As we have seen with the JCDC program in the United States, there are tangible benefits whenever the public and private sectors increase their collective defense efforts. Cybersecurity is a whole-of-nation problem and cannot be solved by industry and government working alone, we must continue to engage as frequently and as widely as practical.”

This almost sounds like UK has pulled a team of superheroes together to fight cybercrime. Jokes aside, this is a good idea. And more countries should do something similar.

Leave a comment »

HaveIBeenPwned.com Adds 71M Email Addresses From 1 Billion Lines Of Stolen Credentials 

Posted in Commentary with tags on January 19, 2024 by itnerd

Today, Troy Hunt, the creator of Have I Been Pwned, announced he added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to its data breach notification service.
 
The Naz.API is a dataset allegedly containing over 1 billion lines of stolen credentials compiled from credential stuffing lists and from information-stealing malware logs. Each line of data consists of a login URL, its login name, and an associated password stolen from a person’s device.
 
According to Hunt, the Naz.API dataset consists of:
 

  • 319 files totalling 104GB
  • 70,840,771 unique email addresses
  • 427,308 individual HIBP subscribers impacted
  • 65.03% of addresses already in HIBP (based on a 1k random sample set)

 
“That last number was the real kicker; when a third of the email addresses have never been seen before, that’s statistically significant. This isn’t just the usual collection of repurposed lists wrapped up with a brand-new bow on it and passed off as the next big thing; it’s a significant volume of new data,” Hunt said.

Ted Miracco, CEO, Approov Mobile Security had this to say:

   “While user authentication serves as a critical gatekeeper for accessing sensitive data, the Naz.API dataset containing over a billion lines of stolen credentials highlights that it’s essential to recognize its limitations in the face of these threats.

   “Credential stuffing attacks, where stolen credentials are used to gain unauthorized access to multiple accounts, remain a prevalent threat. Additionally, automated bots leverage stolen credentials to manipulate login processes. To address these vulnerabilities, two advanced security measures stand out as effective solutions: mobile app attestation and token-based API security. Token-based API security provides robust protection for API access by only granting authorized users a unique token and prevents unauthorized access attempts, even if attackers possess stolen credentials. This method has proven to be a formidable defense against automated bots and malicious actors attempting to exploit API vulnerabilities.

   “Mobile app attestation ensures the integrity of mobile applications, making it significantly harder for attackers to utilize bots or brute force ATO attacks. This approach verifies that the mobile app is running in a secure and untampered environment, adding an extra layer of security to user authentication.”

Brad Hong, Customer Success Lead, Horizon3.ai follows with this:

   “Incidents like this continue to verify that from an attacker’s perspective, hackers rarely need to hack in; they simply log in.

   “Why would they want to hack me? The age-old question of the layman. With recent advances in AI/ML driven combinatorics, lists like these serve as more than just loot and is the crown jewel of OSINT. For attackers, it’s always going to be about planting the first flag, regardless of how unimportant that person might seemingly be in the organization. And who knows? They just might share the same affinity for sports, pets or seasons as the CEO.

   “With few giving their companies the courtesy of using a password unique to only their corporate devices, high volumes of statistical password reuse throughout an organization, rampant misconfigurations leading to excessively privileged credentials, and post-exploitation of locally stored credential databases to capture legitimate creds potentially leading to privesc, as the # of breaches go up, attackers are given more and more datasets to avoid having to take on the time intensive work of algorithmic hash cracking, and instead simply stuffing what seems to be an endless list of real-world credentials to get in with.

   “By recycling the processes above, without invoking a single GPU for a hash cracker, attackers can easily be set up to capture hashes from an entire organization and achieve domain admin through legitimate passwords and abuse of built-in capabilities. What’s significant about the percentage of new users added to the master list is that it introduces a whole lot of new entryways to new organizations in the form of humans. And it can all start from one person who used the same password on their AD as they did on Uber.”

I’d recommend everyone pay a visit to https://haveibeenpwned.com and pop in their email address or addresses to see if they are part of this dataset. That way you can take action to protect yourself from whatever the threat actors behind this dataset plan on unleashing on the world.

Leave a comment »

Microsoft Provides Info On The “Mint Sandstorm” Phishing Campaign

Posted in Commentary with tags on January 19, 2024 by itnerd

Microsoft Research has put out a report on the Mint Sandstorm phishing campaign targeting high profile individuals at universities and research orgs:

Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States. In this campaign, Mint Sandstorm used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files. In a handful of cases, Microsoft observed new post-intrusion tradecraft including the use of a new, custom backdoor called MediaPl.

Operators associated with this subgroup of Mint Sandstorm are patient and highly skilled social engineers whose tradecraft lacks many of the hallmarks that allow users to quickly identify phishing emails. In some instances of this campaign, this subgroup also used legitimate but compromised accounts to send phishing lures. Additionally, Mint Sandstorm continues to improve and modify the tooling used in targets’ environments, activity that might help the group persist in a compromised environment and better evade detection.

Shawn Loveland, COO, Resecurity had this comment:

Bespoke phishing attacks can be highly effective as they are difficult for victims to distinguish as malicious. If the phishing campaign has reasonable operational security (OpSec), it is difficult for security products and services to prevent the delivery of the lure. The next-generation AI-powered phishing campaigns will make bespoke phishing attacks low-cost, automated, and common. After the lure has been delivered and acted upon by the victim, threat actors motivated by geopolitics and money-making endeavors commonly use similar TTPs in their attack, as described by Microsoft.

The motivations behind the actions of threat actors based in Iran can vary between geopolitical and financial gain. The specific motivation behind their actions depends on the group and actors involved. For instance, some threat actors may be driven by geopolitical issues during the day but use the same or similar TTPs at night for personal financial gain. According to a report from Microsoft, this group is only motivated by geopolitics for the specific TTPs described in the report.

Individuals and organizations are vulnerable to various threat actors, with motivations such as personal gain, fame, revenge, challenge, and even geopolitics. It is worth noting that security products and processes can take months to detect and mitigate a new campaign, exposing companies to potential attacks. Therefore, companies must establish a robust CTI practice to detect and mitigate these TTPs before they become targeted.

Microsoft has a lot of advice that you should read and heed if you want to successfully defend against this. Because it’s clearly done by highly skilled threat actors who are willing to go to great lengths to get what they want.

Leave a comment »

Guest Post: Explore Why These 3 Canadian Hotspots are Obsessed with Cyber Security

Posted in Commentary with tags on January 19, 2024 by itnerd

“What is at stake in the digital world translates extremely quickly into the physical world.” This statement is made by Josh Gordon, a technology expert at Geonode, who believes deeply in the necessity of robust cybersecurity measures. In this atmosphere, three Canadian cities, Toronto, Vancouver, and Ottawa, are developing into significant cybersecurity hubs. They are answering the call to protect the digital frontier, driven by unique factors and attributes.

Toronto: Investing in Cybersecurity

Toronto tops the list for its unwavering focus on cybersecurity, backed up by sizeable investments. Gordon said, “The tech scene in Toronto is bursting at the seams. As the country’s financial hub, it faces unique cybersecurity threats requiring robust defences.

Why is Toronto obsessed with cybersecurity?

  • Tech Leadership

Toronto has a thriving tech scene marked by innovation and growth. With many companies processing large volumes of sensitive data, robust cybersecurity measures become essential.

  • Financial Hub

As Canada’s financial capital, Toronto is a prime target for cyber threats. The need for top-tier cybersecurity is a priority to ensure the safety and stability of the country’s financial systems.

  • Educational Institutions

The presence of world-class universities and colleges in Toronto driving research in cybersecurity contributes to a climate of awareness and innovation in this field.

Vancouver: Growth in Cybersecurity

Vancouver, known for its stunning scenery and excellent quality of life, has also emerged as a hotbed for technology innovation and cybersecurity. “It’s all about growth in Vancouver,” asserts Gordon. “The city has recognized the importance of cybersecurity in facilitating its booming tech industry.”

Why is Vancouver obsessed with cybersecurity?

  • Tech Industries

The city is teeming with diverse tech industries that demand a secure digital environment. This makes cybersecurity more than a necessity; it’s an obsession.

  • Talent Pool

With many universities and tech institutes, Vancouver has a rich talent pool skilled in the latest cybersecurity practices.

  • Government Support

The British Columbia government’s support for tech and innovation has strengthened the cybersecurity sector.

Ottawa: Security Central for Cybersecurity

Ottawa, the nation’s capital, has inherited an obsession with cybersecurity based on its governmental role. “The presence of national security establishments naturally highlights the need for cyber defence,” Gordon notes.

Why is Ottawa obsessed with cybersecurity?

  • National Security

Being the federal capital, Ottawa is responsible for safeguarding national data, underscoring the importance of cybersecurity.

  • Tech Firms

Many of Canada’s tech firms are based in Ottawa, creating greater reliance on secure digital systems.

  • Research & Development

The city boasts strong R&D capabilities, particularly cybersecurity and national defence.

As we draw our focus to a close, we learn that the need for cybersecurity unites these three cities, albeit driven by unique factors. Each municipality must continue its investment and commitment to cybersecurity to stay ahead in safeguarding our digital world. But where do we go from here, and how does this landscape change and evolve? That question is an anthem, a call to arms, for each of us to address, answer and act upon. As we embrace the digital age, it becomes increasingly clear that cybersecurity is not just an obsession for these three Canadian cities but a necessity for us all, wherever we may be.

Leave a comment »