Archive for April 24, 2024

A New Outbound Calling #Scam Using Rogers Name Is Making The Rounds

Posted in Commentary with tags , on April 24, 2024 by itnerd

I’ve noted an increase in phone calls coming to my cell phone and my home phone lately. Normally I either don’t answer or punt the calls to voice mail as I suspected that these calls are scam calls. Besides, anyone who wanted to talk to me would leave a voice mail for me. But what happens almost 100% of the time is that the caller doesn’t leave a message. That suggests to me that this view of these being scam calls is likely accurate. But recently, I decided to answer the call to see what the deal was.

The call I got was from a “John Wilson” calling on behalf of Rogers. I put the name in quotes because I guarantee that it was not this caller’s real name. I say that because that’s a very Anglo-Saxon name. But the person on the other end had a pretty easy to detect South Asian accent. That’s always a red flag. Now to be fair, Canadian telcos have been known to use offshore call centres for business generation. And a lot of times those offshore call centres are located in South Asia. But I texted a contact within Rogers who was in a position to know if they have currently contracted out any business generation activities like this and they almost immediately texted back saying no.

So what “Mr. Wilson” was presenting to me was a deal that would cut the price of my “services” by $20-$30 a month. What was interesting was that he never said what “services” that I had which he could save me money on. He then asked me if I was interested in this deal. That’s when I had some fun with him and asked him point blank if he knew who I was and what Rogers services that I had. I did this because Rogers and their contractors from my experience already know who you are and what services you have with them. Thus if they can’t answer those question, it’s likely a scam. Now while this isn’t a 100% bulletproof test as evidenced by this example, it’s good enough that I rely on it. “Mr. Wilson” not only was unable to answer those questions, but he clearly got flustered as I knocked him off his script. Thus confirming that this is a scam.

I told him to have a nice day and hung up on him. But this suggests to me that there’s a threat actor or actors out there that are doing an aggressive outbound scam call campaign trying to leverage the fact that Canadians pay too much money for their telco services. And I say aggressive because I get three to five calls a day from numbers that are from the 647 area code. Now those numbers are highly likely to be spoofed. And the reason why they do that is to make you more likely to answer the call. The thing is, Rogers and their contractors show up on caller ID as Rogers. That’s not to say that a threat actor couldn’t spoof that as well. But Rogers wouldn’t use random 647 area code numbers to call from.

What’s the end game? I am not sure as I didn’t play along long enough to find out. Perhaps it’s meant to grab your credit card details or other financial details so that they can steal money from you? Perhaps if they call again, I’ll play along longer to try and find out. Then I’ll post an update to let you know. But I wanted to get this out there so that you’re aware that this scam is going on, and that you need to protect yourself by being vigilant.

Leave a comment »

Ferrari And HP Announce A Title Partnership 

Posted in Commentary with tags on April 24, 2024 by itnerd

Today, Ferrari and HP Inc. announced a historic, multi-year title partnership. Connecting two of the world’s most iconic companies, the partnership features a shared commitment to advance sustainable innovation and accelerate purposeful technology across the Scuderia Ferrari Formula 1 team, the Scuderia Ferrari Esports team, and the Scuderia Ferrari Driver Academy.

In addition, the HP logo will make its debut on the Maranello F1 cars ahead of Miami Grand Prix scheduled for May 3-5, when the team will start competing as Scuderia Ferrari HP. The Scuderia Ferrari Esports team and the Scuderia Ferrari car driven by Maya Weug in the all-female F1 Academy series launched in 2023, will also race using the new moniker.

Uniting heritage and purpose for bigger impact

HP and Ferrari are committed to accelerate sustainable innovation whether through technology or sport. The companies will also work together to expand educational initiatives within their teams and communities and create a lasting impact for generations to come.

Powering the teams through technology

As part of the partnership, the integration of HP’s high-performance products and services, including adaptive PCs and devices, conferencing technology, and printing capabilities, will enable Scuderia Ferrari HP and the other racing teams of the Prancing Horse to turbo charge training precision and optimize strategic decision-making, on and off the track.

Debut at Miami Grand Prix

Ahead of the Miami Grand Prix, representatives from both organizations will be present for the reveal of the Scuderia Ferrari HP livery, which will debut in a unique edition specifically designed for Miami. Ferrari CEO, Benedetto Vigna, Scuderia Ferrari HP’s Team Principal Fred Vasseur, the team’s drivers Charles Leclerc and Carlos Sainz, and HP CEO, Enrique Lores will be in attendance.

Leave a comment »

Service Teams Bet On AI, Data To Drive Revenue: Salesforce

Posted in Commentary with tags on April 24, 2024 by itnerd

85% of Canadian service professionals say they are facing a significant increase in customer expectations. To meet those demands, organizations are increasing their investment in AI and data integration and using this moment to tap into the emergence of “service as a revenue driver”, according to the latest State of Service report from Salesforce. 

Released this week, the sixth edition of its State of Service report reveals the latest trends in customer service based on a global survey of over 5,500 service professionals, including Canada. 

Key highlights of the report include:

  • 83% of service organizations in Canada plan to increase AI investments this year
  • 92% of Canadian service professionals at organizations with AI say the technology saves them time and reduces costs
  • The top 3 service use cases for AI in Canada are Customer-facing intelligent assistants, Agent-facing intelligent assistants, and Intelligent offers and recommendations 
  • 80% of organizations in Canada expect service to contribute more revenue this year
  • 79% of service organizations in Canada expect more budget this year
  • 85% of Canadian service professionals say customers are more demanding, and 81% of agents say customers expect a personal touch more than they used to
  • Meanwhile, Service agents in Canada spend an average of just 43% of their time helping customers
  • 91% of service professionals say better access to data from other teams would improve the support they provide to their customers
  • 85% of service organizations are increasing investment in data integration next year

 Full details can be found here.

Leave a comment »

Bill Banning TikTok Goes Into Effect… Your Turn TikTok

Posted in Commentary with tags on April 24, 2024 by itnerd

The House passed this bill, then the Senate, and now President Joe Biden has signed the bill that among other things forces ByteDance to sell TikTok or face a ban. That means that the threat of TikTok being banned in the US has just gotten real for TikTok. Yes, they said that they’re going to fight this bill. But to be honest, the damage has already been done. There have been so many smaller scale bans in various places such as this one, this one or this one that at this point, nobody trusts TikTok. And I am not sure if TikTok can overcome this. That in my mind means that ByteDance which is TikTok’s parent company selling the social media platform might be the only way out.

Who would want to buy TikTok has to be the next question? This article will help with the likely suitors for the social media platform. But if I had billions of dollars lying around, I am not sure that I would buy TikTok. With everything that has gone on, it doesn’t seem to be a good investment that I would make money on. But I as always am free to be corrected on that.

The bottom line is that stuff has just gotten real for TikTok, and it’s over to them and their corporate masters at ByteDance to see how they deal with this.

Game on.

2 Comments »

Cradlepoint 5G-Optimized NetCloud SASE Secures Agile Enterprises

Posted in Commentary with tags on April 24, 2024 by itnerd

 Cradlepoint, part of Ericsson, the global leader in cloud-delivered LTE and 5G wireless network and security solutions, today launched its single vendor Secure Access Service Edge (SASE) solution, NetCloud SASE. Designed to serve agile enterprises, NetCloud SASE integrates cellular-centric SD-WAN and security into a fully unified solution. The cloud-delivered platform enables lean IT teams to provision true zero-trust networks in as little as six minutes.

IDC forecasts the global 5G and 4G/LTE Enterprise Wireless WAN market will reach US$5.5 billion in revenue by 2027. While this adoption allows organizations to extend their reach and move services closer to customers, an influx of connected devices increases the attack surface. This is driving the need for simplified, scalable, and specialized SASE solutions that extend beyond fixed sites to secure dynamic environments, such as shifting locations, roaming vehicles, multiplying IoT devices and employees connecting from anywhere.

NetCloud SASE’s unique design elements include:

  • Cellular Optimization: Delivers Wireless WAN optimizations that preserve bandwidth, improve performance, and deliver a 5G standalone slicing-ready solution. SD-WAN with intelligent bonding provides a zero loss WAN for mission-critical communications from vehicles and sites.
  • Unparalleled Simplicity: While many SASE vendors have focused on unifying management across multiple disjointed products, Cradlepoint NetCloud SASE is based on a clean, single pass architecture that delivers one platform, one policy engine and a consistent provisioning experience across all services. 
  • Zero Trust Built in Rather Than Bolted On: Combines security with the network creation process to construct a zero-trust foundation that is deny-all by default. The solution also obscures all IP addresses and blocks east-west traffic, minimizing the attack surface and preventing lateral movement, as the network grows and scales. 
  • Powerful Isolation Technology to Block Zero-day Exploits: Offers a zero-trust approach to web and email security by leveraging Remote Browser Isolation to completely airgap users from malicious web activity. Without impacting the browsing experience, the solution protects organizations against phishing attacks (even when a user clicks on the link), retains intellectual property from potential leaks and disarms embedded malware in attachments.
  • Robust Security for Unmanaged Devices: Replacing the common practice of providing clientless browser-based access for unmanaged devices, NetCloud SASE uses isolation-based security to airgap corporate applications from unmanaged devices – mitigating the risk of malware infection.

Availability

The early access version of NetCloud SASE is available immediately. General availability will follow in late Q2 2024. To learn more about Cradlepoint security capabilities, please visit their NetCloud SASE site

Leave a comment »

Amplifier Security Emerges From Stealth

Posted in Commentary with tags on April 24, 2024 by itnerd

Security teams rely on an ever-growing stack of security tools to keep their organization safe. Yet, coverage gaps and alerts across these tools do not get proper and timely attention because of the difficulty engaging company employees busy with their daily work to fix them. Today, Amplifier Security has launched from stealth with a $3.3m investment and the industry’s first AI-powered human-in-the-loop automation and security copilot that connects the dots between an organization’s existing security stack and their people. 

The pre-seed funding round was led by Cota Capital with participation from Westwave Capital and Shift Left Ventures, and included angel investments from industry luminaries and founders of Slack, MobileIron, Centrify, PeopleNet, SkyFlow and Mercury. 

Enforcing security controls through automation gets pushback from users whose work is disrupted, for example, when a security patch update forces a system reboot during a critical workstream. Triaging security tool alerts means closing the loop with the end user to determine true versus false positives before taking disruptive actions – a truly burdensome process for everyone. Security teams do their best to navigate this complex situation — but it often leads to a strained relationship with the workforce. The Amplifier Security solution extends the value and effectiveness of existing security tools by empowering the entire company to work together towards a much faster response time that dramatically increases the security health and culture of an organization. 

Amplifier provides an engagement layer between existing security tools and the workforce through Ampy – a trusted copilot that acts as an AI security buddy who helps employees understand the risk they are creating for the organization and solves their security issues while balancing their productivity. Building on the experiences people are used to, for example with credit card companies verifying suspicious transactions, Ampy engages with employees, guiding them through security protocols based on real-time insights. This approach not only speeds up response times but also significantly boosts an organization’s security posture by involving employees directly in the security process. Amplifier enhances the compliance of existing deployed tools like identity security, MFA, endpoint security, vulnerability scanning and management, SaaS and cloud security, SIEM and security training; and makes adaptive human protection a reality for organizations. 

Amplifier Security was founded by Shreyas Sadalgi, CEO and Thomas Donnelly, CTO and President, who both have two decades of experience in enterprise security, IT and automation. Donnelly is a three-time CISO and CIO with over a decade of experience leveraging human-centric approaches and technology that transformed security in organizations. He firmly believes that in today’s dynamic and decentralized workplaces, CISOs need to completely rethink how their teams operate by allowing users to self heal their own security issues. Rather than security operating in the background and interrupting employee productivity at inopportune times, Amplifier delivers an incredible user experience that drives everyone in the workforce to participate in their own security.

Amplifier has been engaged with security teams at over 15 companies as its marquee design partners; many who have been using its product in private betas and seeing daily value — hours saved every week toiling in spreadsheets, quick identification of tooling gaps in their environments, and the ability to self-heal common security issues.

Companies interested in amplifying their security can sign up here. The Amplifier team will also be on site at the 2024 RSA Conference in San Francisco to meet for a live demo.

Leave a comment »

Red Canary Report Highlights Need For Channel To Defend Customers Against ‘Unprecedented’ Spike In Cloud Account Compromises

Posted in Commentary with tags on April 24, 2024 by itnerd

Red Canary recently unveiled its sixth annual Threat Detection Report, examining the trends, threats, and adversary techniques impacting organizations – a useful guide for channel partners supporting customers with their security strategies in the year ahead. The report tracks MITRE ATT&CK® techniques that adversaries abuse most frequently throughout the year, with two new and notable entries soaring to the top 10 in 2023: Email Forwarding Rule and Cloud Accounts.

Red Canary’s latest report provides in-depth analysis of nearly 60,000 threats detected with more than 216 petabytes of telemetry collected from customers’ endpoints, networks, cloud infrastructure, identities, and SaaS applications in 2023. The research shows that while the threat landscape continues to shift and evolve, attackers’ motivations do not. The classic tools and techniques adversaries deploy remain consistent–with some notable exceptions.

Key findings include:

  • Cloud Accounts was the fourth most prevalent MITRE ATT&CK technique Red Canary detected in 2023, rising from 46th in 2022, increasing 16x in detection volume and affecting three times as many customers in 2023 than in 2022.
  • Detections for malicious email forwarding rules rose by nearly 600 percent, as adversaries compromised email accounts, redirected sensitive communications to archive folders and other places users are unlikely to look, and attempted to modify payroll or wire transfer destinations, rerouting money into the criminal’s account.
  • Half of the threats in top 10 leveraged malvertising and/or SEO poisoning, occasionally leading to more serious payloads like ransomware precursors.
  • Half of the top threats are ransomware precursors that could lead to a ransomware infection if left unchecked,with ransomware continuing to have a major impact on businesses.
  • Despite a wave of new software vulnerabilities, humans remained the primary vulnerability that adversaries took advantage of in 2023, compromising identities to access cloud service APIs, execute payroll fraud with email forwarding rules, launch ransomware attacks, and more.
  • Adversaries use the same 10-20 ATT&CK techniques against organizations, regardless of the victim’s sector or industry – yet notable exceptions occur where attackers target certain systems and workflows that are common in specific industries. 

Red Canary noted several broader trends impacting the threat landscape that cybersecurity solution providers, managed security service providers (MSSPs), and incident response partners will need to help customers navigate and respond to. These include the emergence of generative AI, the continued prominence of remote monitoring and management (RMM) tool abuse, the prevalence of web-based payload delivery like SEO poisoning and malvertising, the increasing use of multi-factor authentication (MFA) evasion techniques and the dominance of brazen but highly effective social engineering schemes such as help desk phishing. These trends should be of particular concern for channel partners that deliver or rely on these solutions to support their customers.

Recommended actions:

  • Validate customers’ defenses. Look at the top threats and techniques and ask: ‘am I confident in my ability to defend my customers against each of these?’ Red Canary’s open source test library Atomic Red Team is free and easy to adopt.
  • Patching vulnerabilities is key. It remains tried and true as one of the best ways to insulate customers from risk.
  • Become a cloud expert. Ensure your customers’ permissions and configurations are properly set up, and that they have clear visibility into how everyone in their organization is using cloud infrastructure. The difference between suspicious and legitimate activity is nuanced in the cloud and requires a deep understanding of what is normal in each customer’s environment.
  • Apply to be a Red Canary Partner. Whether you provide technology products, security solutions, or cyber insurance and risk services, the Red Canary Partner Connect program ensures that you can help customers to navigate the threats they face and grow profitably.

About the Threat Detection Report

The full report is intended as a reference library for security practitioners to improve their ability to prevent, mitigate, detect, and emulate cyber threats. It offers detailed guidance on data sources that log relevant evidence of adversary behaviors, tools that collect from those data sources, how security teams can use this visibility to develop detection coverage, and much more deeply actionable information.

The Threat Detection Report sets itself apart from other annual reports by offering unique data and insights, accompanied by recommended actions derived from a combination of expansive visibility and expert, human-led investigation and confirmation of threats.

Each of the nearly 60,000 threats Red Canary detected in 2023 were not prevented by the customers’ other expansive security controls. They are the product of a breadth and depth that Red Canary leverages to detect the threats that would otherwise go undetected.

Leave a comment »

Aropha Raises $1M in Seed Funding to Revolutionize Biodegradable Material Testing with AI and Lab Automation

Posted in Commentary with tags on April 24, 2024 by itnerd

Aropha, a leading laboratory focused on advancing biodegradable material discovery and testing through lab automation and AI predictive modeling, today announced that it has raised $1 million in a Series Seed funding round. The round was led by Comeback Capital, with participation from Lightbank and Right Side Capital Management (RSCM).

Aropha works directly with companies to provide rapid biodegradation testing and implement AI screening into their product development processes. The funding will be used to expand Aropha’s current laboratory operations, increase industry awareness, and fund the development of its biodegradation prediction model, ArophaAI.

With over 145,000 tonnes of microplastics used in the EU each year and new legislation requiring 100% of single-use packaging to be recyclable or compostable by 2032 in California, the demand for cost-effective and efficient biodegradation testing is rapidly increasing. Aropha is well-positioned to significantly impact the testing industry, as even one of the most common, short biodegradation studies may cost over $10,000 according to the EPA with some complex, lab-based simulation tests reaching over $300,000.

To date, Aropha has helped more than 80 customers with their biodegradation testing through both in-lab and in-silico testing. Year-over-year booked revenue at the end of Q4 saw 190% growth. The company also recently published a free version of its predictive model, ArophaAI-2.

Aropha plans to continue expanding its current testing facility, invest heavily in its predictive model development, and strengthen relationships with long-term partners and appropriate accreditation bodies.

Leave a comment »

Senate Passes Bill To Ban TikTok

Posted in Commentary with tags on April 24, 2024 by itnerd

Last night, the Senate passed a bill that among other things, forces TikTok owner ByteDance to either sell the company or be banned in the US:

The bill, which President Joe Biden is expected to sign into law, stemmed from concerns among lawmakers about potential data access and surveillance by China through the app. It had already passed the House of Representatives over the weekend and the president has alreayd indicated that he will sign it into law when it lands on his desk.

“For years we have allowed the Chinese Communist Party to control one of the most popular apps in America that was dangerously shortsighted,” Senator Marco Rubio, the top Republican on the Intelligence Committee, said following the bill’s passage.

“A new law is going to require its Chinese owner to sell the app. This is a good move for America.”

Now, ByteDance has nine months to sell the company, with the possibility of a three-month extension if a sale is under way.

For the 170 million American users of the app, a ban would not automatically remove TikTok from their cellphones. 

Instead, the app would be unavailable on Apple and Google’s app stores and so users won’t be able to download it and TikTok won’t be able to send updates or fixes. 

TikTok has told its employees that it will fight attempts to ban the app in the US.

Now that this appears to be the start of the endgame in this fight, one has to wonder where this goes next. I am certain that other countries are watching this because they would be looking to do something similar to TikTok. Which is bad news for TikTok of course. Which is why I fully expect them to fight hard all the way to the Supreme Court.

As an aside, I personally don’t think this bill goes far enough. What good is a ban if the app is still on people’s phones because they would still be using the app, and the risks that were outlined above are still there? For this ban to be truly effective, Apple and Google should be required to not only remove the app from their app stores, but force it off people’s phones as well. I guess Congress didn’t want to go there as that would be a dangerous precedent as they would be telling people what apps they can and can’t have on their phones. Even though they’re basically doing that right now by banning TikTok.

Leave a comment »