Archive for September, 2024

« Older Entries
Newer Entries »

Privacy Overreach of AI Browser Extensions 

Posted in Commentary with tags on September 25, 2024 by itnerd

The Chrome Web Store is home to hundreds of AI browser extensions. Taking that into account, researchers at WizCase looked into the privacy implications of using these extensions to understand the potential risks and overreach into user data. We explain some highlights of our findings below.

According to their research:

  • Despite being advertised as serverless with no analytics and data collection, WebChat GPT secretly sends data to its own server and records your email address before you even sign up for an account.
  • The Liner AI browser extension collects extremely sensitive user information, including 2FA codes, user credentials, and emails, which is a major security and privacy issue.
  • Wiseone actively logs sites you visit and can extract data — including email, contacts, and other personal information — from your Google account without your permission or consent.
  • LinkedRadar collects excessive browser traffic, actively logging open browser tabs every 10 seconds. 

Why it matters: Their research has shown that, even if browser extensions give users ease-of-use, too often, the software accesses and records information contrary to the Chrome Web Store policies and even the developer’s own, making it almost impossible for consumers to know how secure their information truly is.

You can access their detailed report here: https://www.wizcase.com/blog/privacy-overreach-of-ai-browser-extensions/

Leave a comment »

LinkedIn Top Startups 2024: 15 Canadian companies on the rise

Posted in Commentary with tags on September 25, 2024 by itnerd

LinkedIn has released the 2024 Canadian Top Startups List, featuring 15 emerging companies attracting attention and top talent in 2024. Eleven new companies are on this year’s list including Pine, Sweat and Tonic, Quandri, and Felix.  

As the landscape of work changes rapidly around professionals, from what we do to how we do it, startups are a natural place to look for forward thinking and innovation around the future of how we live and work. LinkedIn’s Top Startups list is the place to find the startups Canadians should be paying attention to, whether they’re looking for a new job or inspiration from those leading us through change. 

2024 Top Startups Canada List

  1. Cohere
  2. Float
  3. PostGrid
  4. Hiive
  5. Pine
  6. SALT XC
  7. MedMe Health
  8. Quandri
  9. Sweat and Tonic
  10. Carbon6
  11. Felix
  12. Kensington Grey Agency
  13. Zūm Rails
  14. OwnersBox
  15. pH7 Technologies

Additional details can be found here.

Methodology

LinkedIn measures startups based on four pillars: employment growth, engagement, job interest and attraction of top talent. Employment growth is measured as percentage headcount increase over methodology time frame, which must be a minimum of 10%. Engagement looks at non-employee views and follows of the company’s LinkedIn page, as well as how many non-employees are viewing employees at that startup. Job interest counts the rate at which people are viewing and applying to jobs at the company, including both paid and unpaid postings. Attraction of top talent measures how many employees the startup has recruited away from any global LinkedIn Top Company, as a percentage of the startup’s total workforce. Data is normalized across all eligible startups. The methodology time frame is July 1, 2023 through June 30, 2024.  

To be eligible, companies must be fully independent, privately held, have 30 or more full-time employees, be 5 years old or younger and be headquartered in the country on whose list they appear. We exclude all staffing firms, think tanks, venture capital firms, law firms, management and IT consulting firms, nonprofits and philanthropy, accelerators and government-owned entities. Startups who have laid off 10% or more of their workforce based on corporate announcements or public, reliable sources between July 1, 2023 and the list launch, are not eligible. These decisions are made by the LinkedIn News team based on company statements and/or reputable news outlets. 

Leave a comment »

TTC Reverses Course On Killing Free WiFi In The Subway…. For Now

Posted in Commentary with tags on September 25, 2024 by itnerd

I woke up this morning to the news that at least for now, the TTC which had announced that free WiFi was going away in Toronto’s subway system will stay for now:

The service will now continue at least until studies are done on the impact of the move on vulnerable riders — including youth, women and people with low-income. 

TTC staff will also consider a plan to establish a pilot for free Wi-Fi on bus and street platforms, as well as bays at stations, according to the motion, put forward by Coun. Josh Matlow. 

I was never completely comfortable with this decision as I am sure it was predicated on the fact that now that 5G cell service is available in the subway, that the TTC didn’t need to spend the cash to upgrade WiFi. The problem with that logic is that this is Canada and Canada has some of the highest costs for cell phone service on the planet. So there’s plenty of people who would be adversely affected by this decision in my mind. As long as the TTC seriously looks at this again and makes a decision that is based on logic and facts, I’m fine with them keeping WiFi in the subway around.

Leave a comment »

Horizon3.ai Publishes Deep Dive On A SolarWinds Web Help Desk Hardcoded Credential Vulnerability

Posted in Commentary with tags on September 25, 2024 by itnerd

Horizon3.ai Chief Attack Engineer Zach Hanley has just published “CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential Vulnerability Deep-Dive.”  He details “a hardcoded credentials vuln affecting SolarWinds Web Help Desk. It allows attackers to read all help desk tickets, often containing sensitive IT procedures including user onboarding, password resets and shared resource credentials.”

On August 13, 2024, SolarWinds released a security advisory for Web Help Desk (WHD) that detailed a deserialization remote code execution vulnerability. This vulnerability, CVE-2024-28986, was added to CISA’s Known Exploited Vulnerability (KEV) catalog two days later on August 15, 2024.

The advisory states: SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine.

While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.

Zach said: “While we initially went in looking for the above vulnerability, we discovered a different vulnerability, now assigned CVE-2024-28987, which allows unauthenticated attackers to remotely read and modify all help desk ticket details – often containing sensitive information like passwords from reset requests and shared service account credentials.

“At the time of writing this, there are approximately 827 instances of SolarWinds Web Help Desk reachable on the internet. The WHD application is seemingly popular with State, Local, and Education (SLED) market segment according to a brief examination of those that expose it to the internet and our own client base.”

Horizon3.ai is publishing the deep dive today (September 25, 2024), having provided SolarWinds more than 30 days’ notice (on August 13, 2024), allowing the SolarWinds team to discover and patch the vulnerability. This is in keeping with Horizon3.ai’s practices to decrease the likelihood of exploitation and protect users.

Leave a comment »

Keith Poyser Appointed as Vice President for EMEA at Horizon3.ai

Posted in Commentary with tags on September 25, 2024 by itnerd

Horizon3.ai today announced the appointment of Keith Poyser as Vice President for EMEA. Poyser brings more than 25 years of experience in driving sales growth, strategy, and business development in leading cybersecurity and technology firms. He joins Horizon3.ai at a time of significant market expansion as the company continues to deliver its cutting-edge solution, NodeZero™, to organizations worldwide.

Poyser has built an impressive career in the technology sector, holding key leadership roles at organizations like SentinelOne, Palo Alto Networks, BigFix, and IBM. With a proven track record of building and revamping sales teams, developing go-to-market strategies, and driving sustained growth, Poyser is well-positioned to lead Horizon3.ai’s expansion efforts across the EMEA region.

Poyser’s leadership will focus on strategic talent development, refining go-to-market strategies, operational excellence, and expanding partnerships across key verticals and regions. He emphasizes the importance of efficient resource management and delivering value to clients as Horizon3.ai continues to help organizations address today’s most pressing cybersecurity challenges.

Poyser’s prior roles include leadership positions at SentinelOne, where he served as Area Vice President for Northern EMEA, and Palo Alto Networks, where he led Enterprise Sales and then served as Interim Vice President for Western Europe. His wealth of experience includes leading teams through periods of rapid growth, driving sales excellence, and consistently exceeding performance targets.

With his deep understanding of the EMEA market, Poyser is ready to lead the company’s next phase of expansion. Outside of work, Poyser, who is based just outside of London, enjoys the outdoors and is an accomplished long-range rifle competitor, having represented the UK internationally.

Leave a comment »

Review: Bakespace And Bakebot AI

Posted in Products with tags on September 25, 2024 by itnerd

By Ms. IT Nerd

Besides her many other talents, my wife when she isn’t working during the day is a trained baker having studied at George Brown College’s Hospitality and Culinary Arts school. Her cakes and other baked goods are sought after for parties and other events. Thus this makes her the perfect person to do this review.

When BakeSpace reached out to Mr. IT Nerd, I was excited. This dropped into my lap a timely way as I was involved in baking up a cake for my girlfriend’s milestone birthday for her party. This cake needed to feed 40 – 44 people and I needed help. On the suggestion of our planning group chat in Signal, the idea was born where the cake was to be a certain part of the male anatomy. This was uncharted territory for me but I had ideas and a rough plan of attack. Enter Bakebot AI. Let me demonstrate this via a video before I go into detail:


Here’s the interaction that I had with Bakebot AI:

Bakebot AI question: “What cake pans should I use to make a penis cake to serve 45 people?” I had the Home Cook option turned on as I needed Bakebot AI to provide options that I can use at home cook and it delivered suggesting 9 inch round pans and 9 x 13 inch rectangular pan which would be most commonly used by home cooks.   

Out of curiosity I tried the ProChef and Adventurous setting almost expecting the same answer to the same question and I was pleasantly surprised when it gave me a different answer each time and all of the options suggested would work. You can also re-frame the question and ask “how can I make a penis cake using only 9 inch round pans and 9 x 13 inch rectangular pans”.  In fact I was having so much fun conversing with Bakebot AI that it was getting a bit addictive for the baking nerd in me. 

My next hurdle was getting the right colour(s) for my project. I asked BakeBot “what Chef Master colours should I use to mix skin tone?” It provided me with the suggestion of Chef Master Soft Pink (#101), Egg Yellow (#112), Master Brown (#124), Master Red (#107) along with colour mixing suggestions. It will do the same for AmeriColour. I then tried to challenge it by asking for suggestions for a Toronto food colour brand McCall’s.  This is where it provided more general colour vs the specific version of the product. But it had exceeded my exceptions.

I found that I liked using the free BakeBot version as it was very intuitive for me to just click on the BakeBot AI beacon and ask all my questions and it would provide you with the advice that I mentioned above. As a member to utilize the BakeBot AI functionality you would need to go to BakeBot AI Recipe Maker and provide you with a recipe then you see below. Personally I liked the BakeBot AI beacon/icon and think that in the member section they can add “Save Recipe to BakeSpace” as an option that would work better rather than having change the experience. 

As for the rest of the experience, My Cookbooks is the section where you can create, share and sell your cookbook.  

Pro – The creators of BakeSpace thought about you and your privacy in many ways here as you can see in the Privacy Level. You can keep your Grandma’s recipe in the family by setting it as Group Cookbook or you can share it with the world for free or charge a fee. Most of the cookbooks for sale seemed to be published by Bloggers, Pros or the Community usually for a nominal price. The only con that I can think of is that I have a cooking app paid subscription or using recipes from website or my hardcopy cookbooks and BakeSpace is all about Community for Community and does not allow proprietary or paid subscriptions to be integrated.

Pantry Magic – I entered all the ingredients that I use for make my easy comfort food Asian fruit salad and it gave me this recipe with fresh herbs, honey, walnuts, lemon juice to provide texture and some freshness which is definitely a practical way to go.  But you can try it this pantry staple salad using the Asian Kewpie Mayonnaise (a Japanese mayo that gives that umami flavour) and you will change BakeSpace get the Asian pantry fruit salad that you may like.  For anyone reading this article I am sharing this recipe with you as I have saved the recipe and called it Asian Fruit Salad.  Unfortunately I was not able to remove the section “Pairs Well With” with default “This delightful salad pairs well with Sauvignon blanc and non-alcoholic iced green tea” so I modified it to say “This delightful salad pairs wonderfully with any non-alcoholic iced green tea or drink.” as I feel there is no place for alcoholic drink with a fruit salad unless you are one of these people who feel it’s 5 pm somewhere.

Recipes – is where you can access all of the recipes created by BakeBot AI or shared by the BakeBot community.

Overall I feel that BakeSpace exemplifies the best of a sharing community where the love of baking can be shared.  My favorite aspect is the BakeBot AI who hands down has helped me with my many baking projects where I need to “wing it” or take pieces of various recipes to create my unique baking product. 

1 Comment »

HP Announces New AI Innovations and Experiences to Reshape the Future of Work

Posted in Commentary with tags on September 24, 2024 by itnerd

 Today at HP Imagine, HP Inc. revealed exciting new enhancements for its consumer portfolio to enable users to reimagine their experience via AI-powered innovations, whether it be for work or play. The announcements include next-gen AI PCs, AI-enabled video conferencing solutions, and a scalable GPU performance sharing solution for AI developers – all designed to transform the future of work.

Outlined below are a few highlights of the announcements:

  • For freelancers and creators, the HP OmniBook Ultra Flip 14-Inch, is the perfect device for those looking for AI-powered creative experiences, offering uncompromising style, performance, and flexibility.
  • For tech experts and business consultants, the HP EliteBook X 14-Inch is the first in HP’s Commercial PC lineup delivering performance, productivity and security for workflows both locally and in the cloud.
  • People work in different places throughout the workday, whether in a meeting room, at the desk, or on the go.  HP’s newest additions to the industry’s broadest portfolio of AI-enabled multi-camera capable video conferencing solutions include the Poly Studio X32 and Poly Studio X72 all-in-one video bars and Poly Studio V32 and Poly Studio V72 premium USB video bars.
  • The HyperX Cloud MIX™2 takes flexibility to the next level with personalized, HyperX Signature Sound. Its over-ear headset design featuring plush memory foam earcups and up to 110 hours of battery life via Bluetooth offer all-day comfort and power that’s perfect for gaming on the go, music, or work calls.

HP has an announcement on all of this which you can read here.

Leave a comment »

HP Wolf Security Uncovers Evidence of Attackers Using AI To Generate Malware  

Posted in Commentary with tags on September 24, 2024 by itnerd

At HP Imagine, HP Inc. today issued its latest Threat Insights Report revealing how attackers are using generative AI to help write malicious code. HP’s threat research team found a large and refined ChromeLoader campaign spread through malvertising that leads to professional-looking rogue PDF tools, and identified cybercriminals embedding malicious code in SVG images. 

The report provides an analysis of real-world cyberattacks, helping organizations to keep up with the latest techniques cybercriminals are using to evade detection and breach PCs in the fast-changing cybercrime landscape.  Based on data from millions of endpoints running HP Wolf Security, notable campaigns identified by HP threat researchers include: 

  • Generative AI assisting malware development in the wild: Cybercriminals are already using GenAI to create convincing phishing lures but to date there has been limited evidence of threat actors using GenAI tools to write code. The team identified a campaign targeting French-speakers using VBScript and JavaScript believed to have been written with the help of GenAI. The structure of the scripts, comments explaining each line of code, and the choice of native language function names and variables are strong indications that the threat actor used GenAI to create the malware. The attack infects users with the freely available AsyncRAT malware, an easy-to-obtain infostealer which can record victim’s screens and keystrokes. The activity shows how GenAI is lowering the bar for cybercriminals to infect endpoints. 
  • Slick malvertising campaigns leading to rogue-but-functional PDF tools: ChromeLoader campaigns are becoming bigger and increasingly polished, relying on malvertising around popular search keywords to direct victims to well-designed websites offering functional tools like PDF readers and converters. These working applications hide malicious code in a MSI file, while valid code-signing certificates bypass Windows security policies and user warnings, increasing the chance of infection. Installing these fake applications allows attackers to take over the victim’s browsers and redirect searches to attacker-controlled sites.  
  • This logo is a no-go – hiding malware in Scalable Vector Graphics (SVG) images: some cybercriminals are bucking the trend by shifting from HTML files to vector images for smuggling malware. Vector images, widely used in graphic design, commonly use the XML-based SVG format. As SVGs open automatically in browsers, any embedded JavaScript code is executed as the image is viewed. While victims think they’re viewing an image, they are interacting with a complex file format that leads to multiple types of infostealer malware being installed. 

By isolating threats that have evaded detection tools on PCs – but still allowing malware to detonate safely – HP Wolf Security has specific insight into the latest techniques used by cybercriminals. To date, HP Wolf Security customers have clicked on over 40 billion email attachments, web pages, and downloaded files with no reported breaches.  

The report, which examines data from calendar Q2 2024, details how cybercriminals continue to diversify attack methods to bypass security policies and detection tools, such as: 

  • At least 12% of email threats identified by HP Sure Click bypassed one or more email gateway scanners, the same as the previous quarter. 
  • The top threat vectors were email attachments (61%), downloads from browsers (18%) and other infection vectors, such as removable storage – like USB thumb drives and file shares (21%). 
  • Archives were the most popular malware delivery type (39%), 26% of which were ZIP files.   

HP Wolf Security runs risky tasks in isolated, hardware-enforced virtual machines running on the endpoint to protect users, without impacting their productivity. It also captures detailed traces of attempted infections. HP’s application isolation technology mitigates threats that can slip past other security tools and provides unique insights into intrusion techniques and threat actor behavior.  

About the Data

This data was gathered from consenting HP Wolf Security customers from April-June 2024

Leave a comment »

Kaspersky Deletes Itself And Installs UltraAV On Computers In The US…. WTF?

Posted in Commentary with tags on September 24, 2024 by itnerd

Kaspersky is pretty much banned in the US because of the fact that it’s a Russian company, and the US and Russia don’t have the best relationship. So it appears that due to that, anyone who runs Kaspersky might have this happen to them:

Starting Thursday, Russian cybersecurity company Kaspersky deleted its anti-malware software from customers’ computers across the United States and automatically replaced it with UltraAV’s antivirus solution.

This comes after Kaspersky decided to shut down its U.S. operations and lay off U.S.-based employees in response to the U.S. government adding Kaspersky to the Entity List, a catalog of “foreign individuals, companies, and organizations deemed a national security concern” in June.

And:

In early September, Kaspersky also emailed customers, assuring them they would continue receiving “reliable cybersecurity protection” from UltraAV (owned by Pango Group) after Kaspersky stopped selling software and updates for U.S. customers.

However, those emails failed to inform users that Kaspersky’s products would be abruptly deleted from their computers and replaced with UltraAV without warning.

If I woke up one morning and my anti virus software were just replaced randomly. I would be really freaked out by that. I can look at this both ways. On one hand, Kaspersky needed to do the right thing to make sure that their customers in the US are secure. But on the other hand, the way they did it doesn’t really sit right with me. So as a result, I really don’t know how to feel about this. But strangely, I’m not done yet:

To make things worse, while some users could uninstall UltraAV using the software’s uninstaller, those who tried removing it using uninstall apps saw it reinstalled after a reboot, causing further concerns about a potential malware infection.

Some also found UltraVPN installed, likely because they had a Kaspersky VPN subscription.

This doesn’t exactly inspire confidence. Neither does this:

Not much is known about UltraAV besides being part of Pango Group, which controls multiple VPN brands (e.g., Hotspot Shield, UltraVPN, and Betternet) and Comparitech (a VPN software review website).

This seems a bit suspect to me. Personally, if I were affected by this, I’d be removing this software as quickly as possible possible and replacing it with some other anti virus software that I could trust. Because to be honest, I am not sure that I can trust these guys.

Leave a comment »

Ford Wants To Target You With Ads By Listening In On Your Conversations…. WTF?

Posted in Commentary with tags , on September 24, 2024 by itnerd

My wife and I a few years ago said that we would drive our car into the ground because modern cars seem to want to invade your privacy in so many ways. And according to MalwareBytes Labs, Ford has taken this next level. Here’s how:

Car manufacturer Ford Motor Company has filed a patent application for an in-vehicle advertisement presentation system based on information derived from several trip and driver characteristics. Among those characteristics—human conversations. 

In the abstract of the patent application publication Ford writes:

“An example method includes determining vehicle information for a trip, the vehicle information including any one or more of a current vehicle location, a vehicle speed, a drive mode, and/or traffic information, the user information including any one or more of a route prediction, a speed prediction for the trip, and/or a destination, determining user preferences for advertisements from any one or more of audio signals within the vehicle and/or historical user data, selecting a number of the advertisements to present to the user during the trip, and providing the advertisements to the user during the trip through a human-machine interface (HMI) of the vehicle.”

Further one it details that “the controller may monitor user dialogue to detect when individuals are in a conversation.”

Based on this info, the controller can decrease or increase the number of advertisements. And “the conversations can be parsed for keywords or phrases that may indicate where the occupants are travelling to.”

If Ford wanted to incentivize me to not ever consider buying their cars, this would be a great way to do it because I don’t want a third party listening in on my conversations…. Ever. Now to be clear, there’s no evidence that this has been implemented in any car that they sell. But the fact that they came up with this and are filing a patent for it is downright scary.

That’s not the only patent that they’ve filed lately:

Another controversial Ford patent filed in July described technology that would enable vehicles to monitor the speed of nearby cars, photograph them and send the information to police.

So based on that sentence, your car will snitch on other cars to the 5-0 as gangster rappers would say. While I will call the police if I see an impaired driver, or a dangerous driver, I am not at all comfortable with my car doing that by default.

So what does Ford have to say about that?

In a statement to Fortune, the company clarified that filing a patent is a standard practice to explore new ideas and doesn’t necessarily indicate immediate plans to release such a system.

That’s likely true. But the fact that they are even thinking about stuff like this and trying to patent it is just creepy. And while I am picking on Ford in this story, it’s a safe bet that other car companies are doing something similar. So perhaps before you sign the lease or finance deal for your next car, perhaps you should read the car’s privacy policy in detail to make sure that this car isn’t doing something that you’re not comfortable with.

1 Comment »

« Older Entries
Newer Entries »