Archive for August 26, 2024

Park N’ Fly Pwned And Customer Data Leaked

Posted in Commentary with tags on August 26, 2024 by itnerd

Bad news for those who use Park N’ Fly. CTV News is reporting that there’s been a data breach as a result of “unauthorized access”:

The company confirms a third party accessed its network through unauthorized remote VPN access between July 11 and July 13.

When the hack was detected the company said its information technology team and a cyber security partner launched an investigation to find out what information was accessed.

According to the company, the information compromised could include basic customer information such as names, email and mailing addresses as well as Aeroplan and CAA numbers.

Park’N Fly said it “can confirm with certainty” that payment information was not compromised as it does not store customer credit cards or passwords on its servers.

I can’t count the number of times that a company that has been pwned says that a limited amount of customer information has been accessed, only to find out later that way more customer information has been accessed. Thus I take anything that the company says with a grain of salt until they provide definitive proof that what they are saying is true. If you’re affected by this, you should have already received an email about this. And I would do the usual things like monitor your credit cards, maybe get credit monitoring, etc while you wait on the company to provide more and hopefully robust details about what happened.

UPDATE: Rogier Fischer, CEO, Hadrian had this comment:

“While Park’N Fly has taken steps to improve security post-incident, proactive measures such as regular security audits, stronger authentication for VPN access, and customer education on cybersecurity could help mitigate similar risks in the future,” said Rogier Fischer, CEO of Netherlands-based cybersecurity service Hadrian.

“The company may face legal obligations to report the breach under data protection laws, such as Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). Additionally, the incident could harm their reputation, affecting customer trust and future business if not handled transparently and effectively.”

Leave a comment »

Procore Contributes to the Calgary Construction Association Education Fund, Supporting Programs to Inspire Youth to Learn About the Skilled Trades

Posted in Commentary with tags on August 26, 2024 by itnerd

Procore today announced a donation to the Calgary Construction Association Education Fund to inspire youth to learn about the skilled trades. The donated funds will be used to support two initiatives, including elementary school programming that will bring skilled-trades curriculum to over 30,000 students in Calgary this fall, and the TELUS Spark Science Centre BLUPrint program. 

Calgary Construction Association, in partnership with Honour the Work, a not-for-profit organization, will deliver an innovative curriculum that will reach 850 classrooms across the Calgary Catholic School District and the Calgary Board of Education. Honour The Work was created by educators and supported by industry leaders to bridge the gap between classroom learning and real-world skilled trades careers. The program features STEAMS (Science, Technology, Engineering, Art, Mathematics and Skills) Kits, designed for students in grades 1-6. These kits offer hands-on activities that align with the curriculum and include lesson plans, digital resources, building materials, and diverse children’s books that highlight the value of skilled trades. First launched in Ontario with great success, the program is now set to pilot in Calgary schools. 

The association’s partnership with TELUS Spark Science Centre will create a series of exploration spaces called BLUprint (Build + Learn + YOU), one of the first youth programs to showcase the application of STEAM in real-world trades careers in a Canadian science centre. This new program consists of a space where youth can experience real tools, get hands-on learning related to carpentry, plumbing, and electrical trades, and understand the science connections. Youth can also learn about the trades through virtual reality.

In Procore’s most recent construction industry benchmark report How We Build Now: Technology and industry trends shaping Canadian construction, respondents consider hiring and retaining skilled labour as one of the top challenges they face over the next 12 months. Almost 30 per cent report they have been unable to take on more projects in the past three to six months due to labour shortage. Thirty-two (32) per cent fear that some of their most experienced people will retire within the next few years and take valuable knowledge with them. Twenty-seven (27) per cent agree there is too much competition in construction for talent. 

Advancing the industry through education
Procore is committed to advancing the construction industry through advocacy, education and technology. Procore.org, the company’s social impact arm, works with 15 Canadian universities and colleges to provide complimentary training, tools and certifications designed to get students up to speed quickly with the latest technology. In Alberta, Procore.org partners with Southern Alberta Institute of Technology (SAIT), Northern Alberta Institute of Technology (NAIT), University of Alberta and Red Deer Polytechnic. 

This year, Procore.org launched an Educators’ Training Centre for instructors with educational resources such as presentations, student exercises, sample project data, and a special video certification course for Canadian students.

Leave a comment »

Telegram CEO Arrested In France…. And That Gets Elon Musk’s Attention

Posted in Commentary with tags , on August 26, 2024 by itnerd

Over the weekend, news filtered out that the CEO and Founder of Telegram, Pavel Durov was arrested by French authorities after he landed at an airport outside of Paris. The reason for the arrest is that this is part of an investigation where it is alleged that Telegram failed to moderate content on the Telegram platform that may have facilitated criminal activity.

Telegram for its part had this to say:

“Telegram abides by EU laws, including the Digital Services Act — its moderation is within industry standards and constantly improving,” Telegram said in a statement on the arrest.

“Telegram’s CEO Pavel Durov has nothing to hide and travels frequently in Europe,” it said. “It is absurd to claim that a platform or its owner are responsible for abuse of that platform.”

That led Elon Musk to post this:

You can see why Durov’s arrest would be concerning to Elon. He’s under fire from the EU for not moderating content on Twitter. So if he angers the EU enough, he might be the next guy that they arrest at an airport. That must scare the daylights out of him as he’s likely someone who wouldn’t be able to survive 10 seconds inside of a jail cell. In any case, I’ll be watching this closely as this might be a sign of things to come for any company in the social media space that operates in Europe.

2 Comments »

The Midyear Edition Of The Flashpoint Cyber Threat Intelligence Index Is Live

Posted in Commentary with tags on August 26, 2024 by itnerd

This morning, Flashpoint released its midyear Cyber Threat Intelligence Index, with new data and trends surrounding both persistent and emerging cyber threats observed from January 1 to June 30, 2024. The report includes research and data tied to vulnerabilities, information-stealing malware, ransomware and insider threats.

Some of the most significant/interesting findings include:

  • 17,518 newly discovered vulnerabilities in H1 
  • 13 million devices infected by cybercriminals 
  • 53 million compromised credentials
  • 456 million stolen or leaked credentials.
  • 8,497 unique instances of insider recruiting

Additionally, the report outlines the primary geographies and industries targeted by ransomware groups this first half of the year. 

I have two quotes from Flashpoint executives on this report:

  • Josh Lefkowitz, CEO at Flashpoint: “The cyber threat landscape is increasingly volatile and interconnected. Vulnerabilities and exploits are on the rise and threat actors are exploiting these weaknesses. Flashpoint sees the deployment of infostealers as the top trend spiking in 2024 thus far. They have already infected over 13 million devices this year and stolen vast amounts of data, fueling a surge of ransomware attacks and data breaches at large. Organizations need to prioritize infostealers accordingly and take proactive steps to defend their people and assets.”
  • Ian Gray, VP of Intelligence at Flashpoint: “Flashpoint’s data reveals an alarming trend: threat actors have infected over 13 million devices with infostealers this year, resulting in the theft of 53 million credentials, further fueling the ransomware problem. While organizations grapple with external threats, the over 8,400 instances of malicious insider activity highlights the need for a proactive, risk-based approach that is powered by comprehensive intelligence.”

The Cyber Threat Intelligence Index report is live here. There’s also a related blog post that can be found here

Leave a comment »

DMZ’s Basecamp showcases the next generation of startups and awards over $50,000 in cash prizes to student-led businesses

Posted in Commentary with tags on August 26, 2024 by itnerd

 DMZ, a global startup ecosystem, officially concluded its annual Basecamp program, where 55 student-led businesses had the opportunity to participate in a summer program to develop technology-driven solutions that address critical industry challenges, equipping them with foundational business skills to thrive in an entrepreneurial career. 

As an inaugural recipient of the Embark Student Foundation Major Grant Program, the 2024 Basecamp program was offered in two phases: Sprint and Voyage. Basecamp Sprint offered a 4-week pitch coaching experience that provided students the chance to pitch their business ideas at Collision, North America’s premier tech conference. Following the Sprint phase, all participants continued their journey in Basecamp Voyage, an 8-week comprehensive program designed to help students refine their innovative ideas through expert 1-on-1 mentoring, customized coaching and opportunities to connect with startups and industry experts within Canada and DMZ’s global network. 

Basecamp concluded with ten student-led startups competing for cash prizes at the highly anticipated Basecamp Demo Day pitch competition. Demo Day awarded $50,000 CAD in total grant prizes to the top three pitch finalists. Award winners included:

  • Glucosense, a HealthTech startup founded by Justin Allen and Tenzin Dhonyoe from Toronto Metropolitan University, was named the first-place winner and took home $20,000 CAD. 
  • PNYX, an Entertainment startup founded by Asar Qadir from Metalworks Institute/Yorkville University, was named the second-place winner and took home $15,000 CAD, as well as the People’s Choice award, voted by the audience. 
  • Summina, a HealthTech startup founded by Sylvia Gehring from Toronto Metropolitan University, was named the third-place winner and took home $10,000 CAD. 
  • Fresh AI, a RetailTech startup founded by Krish Bhoopati from Wilfred Laurier University, was named the fourth-place winner and took home $5,000 CAD. 

The 2024 Basecamp program set new records, doubling the number of startups supported and drawing the highest number of applications in the program’s history. For the first time, Basecamp expanded its reach internationally, welcoming students from DMZ’s global hubs including Qatar’s University of Doha for Science and Technology and Japan’s Yamanashi Prefectural University. 

The prestigious $20,000 grand prize was generously provided by The George and Helen Vari Foundation in honour of the late Dr. Helen Vari for her lifelong dedication to education.  

As part of DMZ’s Talent Academy, Basecamp is just one of the expert-led tech and business programs available. If you’re an entrepreneur or professional looking for mentored, hands-on learning and a downtown Toronto co-working space, check out DMZ’s SkillHouse upcoming courses at dmz.to/SkillHouse.

Leave a comment »