Archive for April 16, 2024

Scam Call Turns Deadly With An Uber Driver Being Killed

Posted in Commentary with tags on April 16, 2024 by itnerd

I have dealt with scammers for years. But this is the first time that I have heard of a scam leading to someone to being killed. I have for you a news report where a man in Ohio was being bombarded with scam calls, which lead to an Uber driver being shot and killed by said man. Here’s the video that describes what happened. And I will say that this is not for the faint of heart:

What this appears to be is a scam where instead of the scammers using electronic means to steal money from you, they somehow get you to withdraw cash and then have someone pick it up from you. That someone may be an intermediary who delivers it to someone else who sends the money to its final destination, or they may do that themselves. This is sometimes referred to as a “Hawala” which you can get more info here.

Now the police have arrested this man for shooting the Uber driver. But what I wish would also happen, but I don’t see it happening, is that the scumbags behind this scam get tracked down and arrested as well as they are just as guilty in this Uber driver’s death. I’ve said it before and I will say it again. Scammers are the lowest forms of life out there. They need to be treated like cockroaches and exterminated with extreme prejudice. And the fact that this happened illustrates why that needs to happen sooner rather than later.

Leave a comment »

Guest Post: New Tools Are Needed by Technologists to Thrive in an ‘Experience is Everything’ World 

Posted in Commentary with tags on April 16, 2024 by itnerd

By Gregg Ostrowski, CTO Advisor, Cisco Observability 
 

Digital experience is now positioned at the heart of almost every organization’s strategic priorities. Whether it’s driving employee engagement to address skills gaps and boost productivity, reaching new and diverse audiences, or deepening relationships (and expanding revenue streams) with existing customers, businesses must deliver exceptional digital experiences to be successful. We’ve reached the point where “experience is everything.”  

Globally, consumer demand for applications and digital services is on the rise, focused on innovative, personalized, and intuitive experiences. Brands failing to meet these expectations are being abandoned. Consequently, digital experiences have become a crucial battleground for businesses. Success here can attract customers, strengthen relationships, and boost sales, while failure results in losing customers, revenue, and reputation.  

Not surprisingly, experience is now a key focus in boardrooms around the world. Recent research from Cisco reveals that 75 per cent of senior global business leaders emphasize the increased importance of digital experience for C-level executives in their organizations over the past three years. Consequently, they are pushing their IT teams to ensure applications and digital services are available, secure and performing at an optimal level at all times. 

Visibility into application performance enables business leaders to identify opportunities and manage risk 

In 80 per cent of organizations, C-level executives routinely receive reports on the performance of business-critical applications, digital services and their business impact. Business leaders are now diving deeper into application performance data to gain a comprehensive understanding of the experiences customers and employees have with their brand.  

This trend is driven by two primary factors. First, leaders need insights into application performance to identify trends, highlight areas bringing substantial business value, and capitalize on these opportunities. Second, they aim to pinpoint potential availability, performance, and security issues that could significantly jeopardize digital experiences. They’re urgently looking to mitigate risk and avoid a revenue-impacting incident. 

For example, in the retail sector, business leaders now want to be able to scrutinize the performance of every stage of the user journey, from sign-up to check-out. They want to analyze the speed and efficiency of every phase of the workflow, identify what is working well and where improvements could be made. And crucially, they want to know where vulnerabilities exist within applications in order to manage risk. 

It’s a similar story in other industries. Leaders in financial services firms are placing a massive focus on digital experience monitoring to compete and win against emerging and disruptive digital-first competition, and within manufacturing, leaders are scrutinizing the performance of each process across their vast SAP landscapes. 

Threats to Digital Experience Arise from Escalating IT Complexity 

For IT teams tasked with developing, deploying, and sustaining applications, the stakes are higher than ever. They understand that even minor lapses in digital experiences could yield significant repercussions for their organizations.  

The reality though is that most IT teams simply don’t have the tools and insights they need to manage modern application environments in an effective and sustainable manner. And, as a result, they’re stuck in a never-ending cycle of firefighting, trying to identify and fix application performance issues ideally before the end user experience is impacted. 

Anybody working in or around an IT department will know how much more complex enterprise IT environments have become over recent years. The shift to cloud native technologies has left technologists trying to manage an increasingly fragmented and dynamic landscape, where everything is continually changing. Additionally, it has also exposed major visibility gaps across hybrid IT environments, where organizations are still deploying separate and siloed monitoring tools for on-premises and cloud native technologies. 

Observability is essential for technologists to deliver exceptional digital experiences 

To overcome this challenge, IT teams need to progress from traditional monitoring approaches and implement full-stack observability, to generate unified visibility across both cloud native and on-premises environments. With observability, IT teams can get real-time insights into IT availability and performance up and down the IT stack, from customer-facing applications right through to core infrastructure. And they can integrate security into the development lifecycle from day one, speeding up innovation and resulting in more robust applications. 

With full-stack observability, IT teams can provide business leaders with a comprehensive set of metrics and insights related to experience – from number of unique sessions, average revenue per session and average revenue per transaction, through to ‘revenue at risk’ from potential outages, and overall user experience (based on defined workflows). 

Ultimately, full-stack observability not only ensures seamless alignment with IT and broader business strategies, it also cultivates a common language between IT and business stakeholders, including C-level executives. This cohesion is essential for organizations looking to excel in a market where digital experience increasingly dictates commercial success. 

Leave a comment »

LinkedIn Reveals List Of Top Companies In Canada For 2024

Posted in Commentary with tags on April 16, 2024 by itnerd

As the Canadian job market evolves, LinkedIn unveils its 2024 Top Companies list, coinciding with shifting employment trends in the country. Recent data highlights a growing labor pool and rising unemployment rates, signaling a transition to an “employer’s market”.

LinkedIn’s Top Companies is an annual list driven by exclusive LinkedIn data, aimed at assisting professionals in discovering leading global organizations renowned for their commitment to growth, learning opportunities, workplace equity, and vibrant company culture.

Below is the list of the top 10 companies on LinkedIn’s Canadian edition list for 2024.

  1. AstraZeneca
  2. Specsavers
  3. RBC
  4. EQ Bank | Equitable Bank
  5. RSM
  6. Gallagher
  7. McKinsey & Company
  8. BHP
  9. HOOPP (Healthcare of Ontario Pension Plan)
  10. Brookfield Asset Management 

This list showcases a diverse range of industries, with banking and financial services taking the lead (RBC, EQ Bank | Equitable Bank, HOOPP). Following closely are accounting and consulting firms, such as RSM and McKinsey & Company. Additionally, pharmaceuticals (AstraZeneca), optometry and eyewear (Specsavers), mining (BHP), insurance (Gallagher), and asset management (Brookfield Asset Management) are also represented.

The full 2024 Top Companies in Canada list is linked here.

Methodology

The Top Companies methodology is based on eight key pillars shown to lead to career progression, including (1) ability to advance, (2) skills growth, (3) company stability, (4) external opportunity, (5) company affinity, (6) gender diversity, (7) educational background, (8) employee presence. The time frame for data analysis was January 1, 2023 through December 31, 2023, and only looked at company employees within the associated country. More details on the methodology pillars and eligibility criteria can be found in the appendix.

Leave a comment »

Elon Musk Is So Desperate For Cash That He Is Thinking Of Charging Twitter Users To Like, Bookmark & Respond To Tweets…. WTF?

Posted in Commentary with tags on April 16, 2024 by itnerd

Elon Musk does a lot of things that make me say WTF. But this one takes the prize for dumbest idea ever. A Twitter account called X Daily News noticed this:

Elon himself responded to this with the following:

It’s always about the bots with him. Bots are the problem that he claimed he could solve, but so far hasn’t been able to solve that problem. Because it’s not about the bots. It’s about the fact that he tanked Twitter by buying it and making a lot of dumb decisions that has cratered the user count along with the value of the platform and he needs something to cover up the fact that he’s not as smart as he thinks he is.. The fact is that this is another of those dumb decisions and the only thing it will do is drive actual humans away from Twitter which will make his problems with the platform worse than they already are.

Great move Elon. Keep doing what you’re doing and Twitter will be dead soon enough under your watch.

Leave a comment »

Pentera’s State of Pentesting Report: The Rate of Enterprise IT Change Demands Increased Security Testing

Posted in Commentary on April 16, 2024 by itnerd

 Pentera, the leader in automated security validation, today released the results of its third annual industry survey: The State of Pentesting 2024. The report provides a snapshot of how security leaders in enterprises across the globe have adopted security validation strategies across their organizations over the past year. 

Threat actors are continuing to successfully breach across the entire attack surface and the stakes are only getting higher: 93% of enterprises who admitted a breach reported unplanned downtime, data exposure, or financial loss as a result.

Enterprises are continuing to prioritize pentesting as part of their security tool kit, accounting for an average of $164,400, nearly 13% of their total IT security budgets. The main drivers and uses for pentesting programs continue to be validating security controls’ efficacy, understanding potential attack impact and prioritizing security investments. Over 50% of CISOs report that they share the results of pentest assessments with their leadership teams as well as their Boards of Directors, using these reports as a tool to communicate cybersecurity risk both within and outside their organizations. 

Other highlights from the report include: 

  • Security testing is struggling to keep pace with organizational IT change rates: 73% of enterprises report changes to their IT environments at least quarterly, however only 40% report pentesting at the same frequency. This underscores a serious frequency gap between the rate at which changes occur within the IT infrastructure and the rate of security validation testing, leaving organizations open to risk for extended periods of time.
  • Security teams are falling behind the rate of security issues: Over 60% of enterprises report a weekly minimum of 500 security events that require remediation. Becoming “patch perfect” is an unfeasible, if not impossible, target for organizations. What’s more, organizations are even more resource constrained than before. In 2023, only 21% of respondents reported a lack of internal resources for remediation as a barrier to pentesting, while this year the number has leaped to 36%.
  • More security technology does not guarantee security: Organizations are adopting a greater number of cybersecurity solutions to manage their risk. On average, enterprises already have 53 security solutions in use across their organization, however, despite large security stacks, 51% of enterprises reported a breach over the past 24 months

Pentera surveyed 450 CISOs, CIOs, and IT security leaders at enterprise companies with more than 1,000 employees across the Americas, EMEA, and APAC to compile this report. Click here to read the full report

Register for their upcoming webinar on April 30 with Matt Bromiley, SANS Instructor and Jay Mar-Tang, AVP, Field CISO at Pentera to learn more.

Leave a comment »

New Research Discovers 6 Tactics Cybercriminals Utilize in the Black Market to Obtain Zoom User Data

Posted in Commentary with tags on April 16, 2024 by itnerd

The COVID-19 pandemic led to a massive rise in the use of video conferencing platforms like Zoom. However, this surge in popularity also drew the attention of cybercriminals, who aimed to exploit the platform’s expanding user base for their malicious activities.

Abnormal Security has released its latest blog, looking at the methods used to obtain stolen Zoom accounts, the platforms where they are traded, and the motivations behind this illicit market. While cybercriminals use a variety of methods to obtain stolen Zoom accounts, phishing remains the predominant tactic. 

You can read the blog post here.

Leave a comment »

HYAS & ZainTECH Enter Strategic Cyber Security Partnership

Posted in Commentary with tags on April 16, 2024 by itnerd

ZainTECH, the integrated digital solutions provider of Zain Group, and HYAS Infosec, the adversary infrastructure platform provider that offers unparalleled visibility, protection, and security against all kinds of malware and attacks, have entered into a strategic partnership to bring HYAS’ award-winning and industry leading Protect solution to various countries across the Middle East.

ZainTECH already provides modern infrastructure solutions within its extensive portfolio of digital transformational solutions. This agreement comes at an opportune time given the criticality of Protective DNS solutions worldwide and the current cyber security initiatives across the entire Middle East region.

Together, ZainTECH and HYAS will deliver cyber resiliency across the Middle East, expanding zero-trust models past the network perimeter. Many Gulf organizations are forging their cybersecurity journeys, and the implementation of mature, cyber resiliency and zero-trust models are expected to grow rapidly in the coming years. ZainTECH’s clients will benefit immediately from the partnership with HYAS and the implementation of these capabilities, ensuring not just superior protection today but a long-term partnership capable of new levels of protection and resiliency across the entire business spectrum.

As part of a zero-trust strategy, HYAS Protect safeguards organizations regardless of how attackers change their techniques, tactics, vectors, and entry points, and has been independently proven by AV-TEST to be the most effective Protective DNS solution available today. HYAS Protect integrates seamlessly with various security components including EDR solutions such as Microsoft Defender for Endpoint (MDE) and others, and can be deployed within minutes. HYAS is closely aligned with Microsoft as a member of the Microsoft Intelligent Security Association and is backed by M12, Microsoft’s venture capital fund, as well as S3 Ventures, and other venture capital firms.

Leave a comment »