Archive for May 17, 2024

AI Increases True Positives On Vendor Risk 500%: VISO TRUST

Posted in Commentary with tags on May 17, 2024 by itnerd

VISO TRUST has issued its “2024 State of Third Party Risk Management: AI’s Impacts and Future Trends” which codifies that longstanding Third-Party Risk Management (TPRM) methods are increasingly inadequate in today’s digital business environment. 

The report leverages VISO TRUST Platform-derived data, which includes profiles of more than 2.4 million companies, and insight from CISOs, security, and TPRM professionals across various industries.

Among key findings on legacy TPRM: 

  • Inadequate responses: Approximately 75% of vendors responding to legacy questionnaire approaches requiring manual input either ignore or delay crucial risk assessments.
  • False positives: Conventional cyber risk ratings yield a 90% false positive rate, undermining their reliability.

AI-driven transformation of TPRM findings:

  • Efficiency gains: AI-assisted modern TPRM programs reduce vendor and partner assessment timelines from months to days.
  • Near-complete coverage: AI and automation achieve almost 100% coverage of third-party networks.
  • Significant increase in true positives: data analysis revealed a 500% rise in accurate risk identifications.
  • Faster assessments: Risk evaluation times have decreased from 60 to 90 days to just five to eight days.
  • Enhanced accuracy: AI-driven methods refine risk assessment precision.

Leave a comment »

Apple Has A Significant Bug In iOS 17.5

Posted in Commentary with tags on May 17, 2024 by itnerd

Apple is likely looking at this bug that appears to be widespread based on what I am seeing online. If you go to Privacy & Security –> Tracking, you’ll see this:

The allow apps to request to track is completely greyed out. You can’t change this option at all. Now the second paragraph says that this is due to the fact that my Apple ID is missing age information. Except that it isn’t. I checked that. So this is a bug.

Why should you care? If you want to control how apps track you across the Internet, then this setting is kind of important because when it’s turned on, it allows apps to request permission to do so. When it’s off, apps can’t track you at all. So in the state that this setting is currently in, you may actually be better off as it is ensuring that your app usage and the like remains private. But at the same time, I can see a scenario where this breaks some application because it can’t track your activities. Thus this needs to be fixed. And I assume that Apple will have to push out an iOS update to do that. Let’s hope that they do that soon as this bug along with a Photo’s bug where photos that were deleted have come back from the dead make it look like Apple’s QA team dropped the ball. Which of course isn’t a good look for Apple.

1 Comment »

GuidePoint GRIT Ransomware Report For April Is Out

Posted in Commentary with tags on May 17, 2024 by itnerd

GuidePoint Security has published its April 2024 GRIT (GuidePoint Research and Intelligence Team) Ransomware report.

Last month, research revealed one of the year’s biggest takeaways thus far: Play, a typically smaller ransomware group, has overtaken Alphv and LockBit for the top spot in April 2024. 

Additional key highlights include vertical trends as manufacturing remains the most impacted industry, with technology resurging as a frequent target, healthcare and retail/wholesale continue to be in the Top 5 most impacted industries, a notable change from previous years.

With regards to geographical distribution, the US remains the most targeted country, while attacks in the south worldwide are increasingly attributed to newer, developing groups.

Additionally, the report explores the operations of emerging ransomware groups and their innovative tactics, including using lower-quality malware and exploiting historical vulnerabilities. 

You can read the report at https://www.guidepointsecurity.com/blog/grit-ransomware-report-april-2024/

Leave a comment »

MediSecure Ransomware Attack Impacts Millions of Australians

Posted in Commentary with tags on May 17, 2024 by itnerd

Yesterday, MediSecure, an Australian, digital prescription company, announced that the medical data of its million customers is at risk after hackers accessed their systems and demanded a ransom from the company.

At this time, MediSecure’s website and phone lines are out of operation.

“MediSecure has identified a cyber security incident impacting the personal and health information of individuals. We have taken immediate steps to mitigate any potential impact on our systems. While we continue to gather more information, early indicators suggest the incident originated from one of our third-party vendors,” the company said in a statement posted to its landing page.

Exactly what was taken is unknown but between 2020 and 2023, doctors issued more than 122 million digital scripts across the platforms.

MediSecure, based in Melbourne, was one of two companies awarded contracts by the federal government to provide public e-script services until late last year, when the contract was granted exclusively to another company and MediSecure transferred all publicly- funded electronic prescriptions and data to eRx.

No data appears to have been released online from the MediSecure hack and the hackers have not been identified publicly.

Stephen Gates, Principal Security SME, Horizon3.ai had this to say:

   “Supply chain risks are becoming more prominent as attackers increasingly focus their efforts on smaller suppliers, who are often the weakest link. This fact poses a significant threat to the operational integrity and business continuity of buying and/or partnering organizations, making it a critical issue for CEOs, COOs, and CISOs to promptly address.

   “Today’s organizations must affirm that their cyber-attack surface is no longer just their own. It now encompasses all of their third-party suppliers and partners’ attack surfaces as well. Therefore, not only do upstream buyers need to continuously assess their own cyber risk, but they also need to encourage and even demand their suppliers are doing the same.”

Another day, another third party hack. Sigh. You have to wonder what it will take for organizations to learn that they need to make their suppliers demonstrate that they are as secure as possible. Because this nonsense can’t continue.

Leave a comment »