Archive for April, 2024

« Older Entries

HP Expands Gaming Portfolio with new OMEN Laptop and expanded line-up from HyperX

Posted in Commentary with tags on April 30, 2024 by itnerd

Building on their gaming news at CES 2024, HP continues to expand and refine their gaming portfolio to meet the needs of all gamers, everywhere. The new OMEN 17 Gaming Laptop is engineered to meet the demands of gamers who prefer bigger screens and wear many hats – whether it be as a content creator or even a student – to deliver great performance and high-quality visuals. HP is also launching the HyperX Pulsefire Haste 2 Core Wireless Gaming Mouse and the HyperX Cloud MIX™ Buds 2 to deliver incredible performance and audio that doesn’t get in the way of your play.

The new OMEN 17 boasts:

  • Immersive visuals: With its large 17.3-inch optional QHD display, refresh rate of 48-240 Hz VRR, rapid 3 ms response time, and IPS display technology, this laptop delivers quick and responsive gameplay with crystal-clear detail. 
  • AI enabled: The first OMEN gaming laptop equipped with a dedicated Copilot key for quick launch also benefits from AI-drive OMEN camera & voice enhancer for superb audio/ video experience. Exclusive to HP, meetings or lecture notes never need to be an issue with Otter.ai record function for transcribing audio, and AI-generated notes. 
  • Cool and customizable: OMEN Tempest Cooling keeps laptop cool even during intense play with three-side venting and dual 12V fans. Personalize the device with RGB keyboard lighting via OMEN Gaming Hub’s Light Studio to express a unique style.
  • Performance-driven design: The robust large screen laptop includes up to AMD Ryzen™ 9 8945HS NPU delivering outstanding performance for demanding games and applications 3 and includes up to Nvidia GeForce RTX 4070 Laptop GPU enabling stunning visuals and smooth gameplay.
  • Expertly tuned audio by HyperX: Sound performance is custom tuned for clarity and spectral balance to ensure that subtle details are not overshadowed by louder sounds.

To truly give an immersive experience, HP not only needs a great laptop or desktop but they also need to offer premium gaming gear. HyperX’s newest accessories are designed for gaming , offering reliable performance and sound without distractions: 

  • HyperX Pulsefire Haste 2 Core Wireless Gaming Mouse: Powered by a single AAA battery, and weighing only 70 grams, this mouse can game via a highspeed 2.4 GHz connection for up to 100 hours or Bluetooth mode for an even longer battery life. With a HyperX Custom Core Sensor, its capable of up to 12,000 DPI and TTC Gold switches with a lifespan of up to 20 million clicks for gaming reliability when you need it most.
  • HyperX Cloud MIX ™ Buds 2: These earbuds are designed to elevate your gaming and audio experience anywhere, anytime. Its ultra-low latency dongle provides a lag-free connection for seamless gaming on multiple platforms. Its Bluetooth® 5.3 LE Audio technology offers enhanced audio quality, longer battery life, and a more stable wireless connection. The hybrid Active Noise Cancelling (ANC) feature blocks outside disruptions to remain focused on the game. 

Pricing and Availability 

  • The OMEN 17 Gaming Laptop is expected to be available on in May at HP.com for a starting price of $1,999.99.
  • HyperX Pulsefire Haste 2 Core Wireless Gaming Mouse will be offered in black or white for an MSRP of $84.99.
  • HyperX Cloud Mix™ Buds 2 is expected to be available this fall for an MSRP of $214.99.

Leave a comment »

Horizon3.ai Unveils Rapid Response Service for Cyber Resilience

Posted in Commentary with tags on April 30, 2024 by itnerd

Horizon3.ai, a pioneer in autonomous security solutions, today announced the launch of its Rapid Response service, now part of the NodeZero™ platform. This one-of-a-kind capability marks a significant advancement in autonomous penetration testing solutions by addressing a critical gap in measuring the real-world impact of exploitable vulnerabilities within the software many organizations have come to rely on. Now, organizations can gain a clear understanding of their ‘likelihood of exploitability’ for the most critical vulnerabilities being announced.

As organizations continue to contend with both zero-day and N-day vulnerabilities, the window of time between the public disclosure of a vulnerability and threat actors exploiting them in the wild is steadily shrinking. Knowing this predicament, organizations spend vast amounts of time, money, and resources patching the software they use after hearing of a vendor vulnerability announcement. Yet, how often are organizations expending considerable effort not knowing if a vulnerability is actually exploitable or not? The answer to that is, “quite often.”

So far in 2024, the U.S. National Vulnerability Database (NVD) has tracked 11,709 new vulnerabilities in publicly released software. A common challenge for organizations is determining whether any software they are using that is identified as vulnerable is actually exploitable within their specific environments, a judgment often contingent on how the software is deployed. Since organizations often lack a proven method to assess the ‘exploitability’ of software, they may find themselves updating software that does not require immediate patching. NodeZero addresses this issue with its Rapid Response service, which is specifically tailored to manage many of the most critical vulnerabilities more effectively. The following outlines the workings of the Rapid Response service.

As Horizon3.ai’s attack team conducts original research and uncovers new vulnerabilities, they also keep an eye on public vulnerability disclosures. They assess the exploitability of these vulnerabilities, considering factors such as the ease of exploitation, their severity, and the prevalence of the vulnerable software. Following their assessment, they develop proof of concept (POC) exploits, integrate them into NodeZero as new attack content, and notify customers about these emerging vulnerabilities. With NodeZero, customers can probe their systems using this new attack content to gain immediate insights into their level of exploitability. Furthermore, Horizon3.ai alerts customers if known vulnerable software is present in their production environments and warns them about NodeZero being able to exploit these weaknesses.

The Rapid Response service doesn’t just focus on vulnerabilities; it zeroes in on the exploitability of known issues in production environments. As part of this service, organizations receive proactive measures to keep abreast of cyberattacks. The vulnerabilities that flow through this program typically revolve around publicly accessible assets since they are the most likely targets for exploitation.

Recognizing the critical role of response time to emerging exploits in the wild, Horizon3.ai’s Rapid Response service is designed to provide organizations with a proactive defense mechanism to stay ahead of evolving cyberattacks as they’re discovered or trending in the wild. The fundamentals of this type of rapid response effort are concentrated on enabling organizations to preemptively mitigate nascent vulnerabilities before threat actors target them. 

By leveraging Horizon3.ai’s expertise in using ‘offense to inform defense,’ and leaning into NodeZero’s autonomous capabilities, customers can schedule and/or immediately launch NodeZero using a single exploit-check to gain early detection of exploitability from an attacker’s perspective. Once finished, NodeZero prioritizes the most critical and exploitable vulnerabilities that must be patched because they have been deemed completely exploitable by the NodeZero platform.

Horizon3.ai’s Rapid Response service is a groundbreaking step forward in the field of cybersecurity, offering organizations an unprecedented level of preparedness against cyber threats. With its cutting-edge technology and proactive strategy, Horizon3.ai is redefining the landscape of cyber defense, providing a critical service that ensures organizations are not only aware of their vulnerabilities but are also equipped to address exploitability with unmatched speed and efficiency. This service, seamlessly integrated into the NodeZero platform, solidifies Horizon3.ai’s position as a leader in autonomous security solutions, empowering organizations to fortify their defenses against the unpredictable nature of cyber threats.

Learn more about the Horizon3.ai Rapid Response service here

Leave a comment »

Nuspire’s Q1 2024 Threat Report Is Out

Posted in Commentary with tags on April 30, 2024 by itnerd

Nuspire today unveiled its Q1 2024 Cyber Threat Report. This latest report provides an in-depth examination of the changing dynamics in cyber threats, highlighting rises in ransomware, dark web commerce and exploit activities, alongside measures to safeguard against these threats.

The Q1 2024 report spotlights a 3.69% rise in ransomware activities from Q4 2023, punctuating the persistent threat ransomware groups pose. Additionally, dark web market activity saw a staggering 58.16% increase in listings, indicating significant growth in the trade of stolen data and illicit goods.

Exploitation events also experienced a sharp uptick, with a 52.61% increase in total activity from Q4. The report specifically points to the exploitation of the Hikvision Product SDK WebLanguage Tag Command Injection vulnerability (CVE-2021-36260) as a leading concern.

Additional findings from Nuspire’s newly-released cyber threat report:

  • Despite the U.S. Department of Justice’s disruption of LockBit’s operations on Feb. 20, 2024, the group’s extortion publications experienced only a temporary decline before rapidly recovering, resulting in a 1.74% increase in LockBit’s publications by the end of Q1 2024 compared to Q4 2023.
  • The manufacturing sector, crucial to supply chains and rich in intellectual property, faced a jump in ransomware attacks from LockBit and CL0P. The growth in attacks highlights the vulnerabilities this industry often faces resulting from complex IT/OT systems, underinvestment in cybersecurity and the sector’s historical prioritization of operational continuity over security measures.
  • The report also revealed a more than twentyfold increase in exploit attempts against the Hikvision Product SDK WebLanguage Tag Command Injection vulnerability (CVE-2021-36260) compared to Q4’s data. This vulnerability allows for remote device hijacking without user interaction on Hikvision security cameras.
  • Listings on dark web marketplaces featuring Lumma Stealer saw a significant increase, more than doubling from Q4 2023. Lumma Stealer emerged in 2023 and quickly became a leader in infostealing malware.

To access the Q1 2024 Cyber Threat Report and learn more about protecting your organization, visit Nuspire’s website.

Leave a comment »

EU President Doesn’t Rule Out Banning TikTok In The EU

Posted in Commentary with tags on April 30, 2024 by itnerd

Things seem to be going from bad to worse for TikTok. Fresh off of effectively being banned in the US, EU President Ursula von der Leyen has made it clear that a TikTok ban in the EU is on the table. Here’s what she said via Politico:

Commission President Ursula von der Leyen hinted that banning TikTok in the European Union is an option, during a debate this evening in Maastricht, featuring parties’ lead candidates for the bloc’s 2024 election.

“It is not excluded,” von der Leyen said, after the moderator referred to the United States, where TikTok faces a national ban unless it is sold by its owner, ByteDance. 

She immediately added that the Commission was “the very first institution worldwide to ban TikTok on our corporate phones. “

“We know exactly the danger of TikTok.”

One thing to keep in mind is that TikTok is already in the EU doghouse as it was caught trying to bribe users into watching more videos on the platform. And seeing as the EU are the type of people to find the biggest hammer available to swing at most problems that it has to deal with, it would not at all surprise me if sometime in the next year, TikTok is banned there too. TikTok can act like none of this matters, as they tried to do right after the US ban. But at some point they will have to reconsider their life choices if they want to still be relevant. Though I have to wonder when that will happen.

Leave a comment »

Fresh Phish From INKY Details A New Campaign Involving Weaponized RTF Attachments

Posted in Commentary with tags on April 30, 2024 by itnerd

INKY analysts have identified a new phishing scheme utilizing weaponized RTF attachments.

Attack Flow Overview:

  • Origin: Hijacked accounts & Japanese freemail accounts
  • Payload:  Malicious link in RTF attachments
  • Techniques: Personalized Phish, Brand Impersonation, Credential Harvesting, Cloud Service Abuse
  • Target: Spray and pray – multiple sectors were targeted

You can read the details here.

Leave a comment »

Legit Security Releases Industry’s First Software Compliance and Attestation Trust Center

Posted in Commentary with tags on April 30, 2024 by itnerd

Legit Security, the leading platform for enabling companies to manage their application security posture across the complete developer environment, today announced extended software compliance, audit, and attestation support with the release of the industry’s first software compliance and attestation trust center.

Legit enables customers to build a repeatable and scalable software security compliance program by automating manual processes and producing the required evidence to prove compliance. By leveraging multiple frameworks, including SLSA, PCI DSS, SOC2, and ISO 27001, Legit quickly assesses the state of a software security program to identify gaps that create risk.

In addition, Legit now supports new requirements for the CISA Secure Software Development Attestation Form. CISA offers an essential set of guidelines to ensure software is secure; attestation provides a means for vendors to confirm that software was developed with these standards in mind.

Legit’s compliance and attestation trust center features include:

  • Out-of-the-box controls and automated validation: Legit is pre-built with suggested controls for many key frameworks and standards to immediately provide a gap analysis that can be customized to an organization’s needs.
  • Customizations to enable precise compliance reporting: Legit’s product unit and custom query capabilities allow customers to define products, lines of businesses and apps, and specific controls and policies required for compliance; Legit automatically validates and alerts on any areas that are out of compliance.
  • Capture evidence and reduce exposure: Legit captures and enables users to export required data by using compliance frameworks to determine status when attesting to CISA or other security frameworks. 
  • Continuous compliance and faster remediation: Legit simplifies audits and attestations, enabling organizations to upload evidence supporting requirements, validate compliance status, and automate workflows and ownership.
  • New dashboard and reporting capabilities: Legit allows customers to seamlessly drill into multiple frameworks with expanded reporting capabilities to determine security gaps and demonstrate compliance status.

Legit’s software compliance and attestation capabilities are available now to new and existing customers. For more information, visit www.legitsecurity.com

Leave a comment »

Malicious USPS Phishing Sites Exceed The Traffic Of The Real Site

Posted in Commentary with tags on April 29, 2024 by itnerd

According to a recent blog post by Akamai Technologies, security researchers analyzing phishing campaigns targeting the United States Postal Service saw traffic to the fake domains similar to that of the legitimate site and during the holidays it “greatly exceeded legitimate traffic”.
 
Akamai started observing USPS-themed phishing last October after an employee received a suspicious text that redirected to a site containing malicious JavaScript code. During the 2023 holiday season, researchers observed a significant volume of DNS queries going to “combosquatting” domains that impersonated the USPS service.
 
The design of the fake pages appears as exact replicas of the actual USPS site even with realistic tracking pages with status updates. The total queries generated by these malicious websites between October 2023 and February 2024 is over 1,128,146, just short of the 1,181,235 queries recorded for the legitimate USPS site. Meanwhile, the traffic to malicious domains from November to December was higher compared to the legitimate one.
 
Akamai only focused this research on USPS, so the scale of these combosquatting campaigns could encompass other postal brands and likely be larger.

Dave Ratner, CEO, HYAS had this to say:

   “Attacks involving typosquatting, combosquatting, or look-alike domains are increasing in nature and can be highly effective as individuals often don’t inspect the domain name itself closely enough. This can be made more complicated and difficult to detect with the use of different character sets like punycode which can make the difference between the legitimate and fake domain very hard, if at all possible, to detect by visual inspection.  This is one of the reasons that Protective DNS solutions are so vital today, because they know the legitimate domains from the fake ones and can be the critical difference between a successful attack and a failed attempt.”

This is pretty insane. The fact that the real USPS site gets less traffic than fake ones shows that this is a huge problem that really needs to be addressed. I am not sure how one would address this, but it’s high time to figure it out.

Leave a comment »

Inflation drives up Canadian business cost by 34 per cent for 23/24 financial year: SAP Concur

Posted in Commentary with tags on April 29, 2024 by itnerd

Today SAP Concur announced the results of its review into the costs of business expenses for the 23/24 financial year, which showed a 34 per cent increase in the cost of the average expense transaction compared to pre-pandemic levels in 2019, likely driven by rising inflation.

This is more than four times the 8.1 per cent inflationary rate at the peak of Canadian inflation in June 2022. This demonstrates that Canada, in particular, has been hit harder than average by inflationary increases compared to the rest of the world. Using SAP Concur data from thousands of businesses across Canada, the company has been able to pinpoint some of the main areas where businesses face rising costs and paint a clearer picture on where inflation is damaging profits.

The biggest culprits for rising costs came from gas, car hire and ground transportation which rose 40 percent, 36 per cent and 35 per cent respectively. Similarly, the cost of entertainment also saw a large inflationary rise, coming in at a 35 per cent increase. But the cost of train transportation took the top spot as the biggest expense for businesses, amassing 85 per cent of the total expense amount.

Through SAP Concur’s analysis, it’s clear that businesses across the board are facing real increments in their additional costs. Most of which are often unseen or unaccounted for early on in the financial planning process. Chris Juneau, head of market strategy at SAP Concur said “For all businesses, the costs of operating in the current global market has become trickier with time and the 23/24 financial year was no exception. As the end of the year approaches, now is the time that finance managers and business leaders need to be analysing their outgoings, forecasting for the next financial year and re-evaluating policies to deliver a more robust year ahead.”

To ensure the smooth management of finances in 24/25, finance leaders need to take advantage of every spending moment to navigate times of change. Through the implementation of expense management systems, businesses need to look at ways in which they can better control expenditure. Whether that’s through greater monitoring of expense compliance, improving visibility or improving data driven decision making, finance leaders can take active steps to gain better control for the new financial year.

You can have a look at their write up on this topic here.

Leave a comment »

Open Systems named a Leader in Zero Trust Edge Service Providers

Posted in Commentary with tags on April 29, 2024 by itnerd

Open Systems, the leading provider of native, managed SASE solutions with a superior user experience, today announced it has been named a Leader in The Forrester Wave™: Zero Trust Edge Service Providers, Q2 2024. In the report, Forrester evaluated nine vendors in the ZTE services providers market based on 34 criteria. Open Systems received the highest possible scores in 16 criteria including service delivery platform, networking and security services, last-mile underlay, service delivery capability, vision, innovation, roadmap, partner ecosystem, and adoption.

The Forrester report said: “It sustains its momentum through an excellent vision of target customer profiles, strong commitment to R&D, and deep engineering expertise. Open Systems delivers an impressive NPS above 60, a highly adaptable set of white-labeled targeted partners, and flexible services pricing. Its capability to integrate partners or develop features in 10 weeks or less is unmatched.”

The Forrester Wave™ for ZTE service providers notes, “[Open Systems’] impressive capabilities leverage AI and automation to autoresolve incidents later reported as KPIs. The vendor provides best-in-class service delivery agility that integrates DevOps and CloudOps. Its innovative engineering-to-operations rotation and direct level 3 support are unique among its competition…” The report also noted, “reference customers reported high satisfaction with its technical expertise, engineering support and application understanding.”

Open Systems SASE Experience eliminates the complexity of secure global access and network management, while providing easy and comprehensive global support. It delivers all the benefits of SASE with an exceptional delivery experience – ideal for enterprises who don’t have the resources to do it all. SASE Experience frees customers from the operational overhead of appliance purchases, installation, and maintenance, to minimize staffing costs and provide a fast ROI.

Visit Open Systems at the RSA Conference on May 6-9 in San Francisco at booth 6567 in Moscone North Hall to learn more about Open Systems SASE Experience.

Leave a comment »

AI-driven cyber threats intensify as 50% of Canadian businesses cut IT budgets: CDW Canada

Posted in Commentary with tags on April 29, 2024 by itnerd

Today, CDW Canada launched its annual Canadian Cybersecurity Study, Cybersecurity in Focus 2024: Trends, Threats and Strategieswhich revealed that declining IT budgets coupled with a rise in cyberattackers leveraging AI increasing successful cyberattacks, putting Canadian organizations at increased risk. This year’s findings show a sharp 50 percent reduction in IT budgets since 2023, yet successful cyber incidents have surged by 26 per cent, highlighting a critical vulnerability gap.

The report delves into how these budget cuts are leading to “breach fatigue” among IT security teams. With fewer resources, teams are overextended, which not only reduces their effectiveness in managing threats but also impacts their ability to respond to incidents promptly and effectively. This scenario is creating an environment where organizations are more susceptible to cyberattacks.

To learn more about the state of cybersecurity for Canadian organizations, download the study here.

Leave a comment »

« Older Entries