Archive for October 29, 2024

Sage Intacct Accountants Launches in Canada

Posted in Commentary with tags on October 29, 2024 by itnerd

Sage today announces the launch of Sage Intacct Accountants in Canada. This innovative program provides accounting practices with comprehensive, cloud-based financial management tools designed to help them expand their service offerings, efficiently manage outsourced mid-market clients, and drive business growth.

Sage Intacct Accountants addresses the key challenges accounting practices face today. According to Sage’s Practice of Now report, 92% of accountants feel they spend too much time on manual administrative and compliance tasks, preventing them from focusing on more strategic, high-value advisory roles. Additionally, 90% report that their heavy workload affects the quality of client services, while 85% express a desire for more opportunities to engage in strategic work. Sage Intacct Accountants is specifically designed to tackle these issues, enabling accountants to automate routine processes, reduce manual workloads, and enhance client offerings through real-time financial insights and AI-driven tools.

Mid-market businesses in Canada contribute significantly to the economy, accounting for 13.4% of the country’s GDP and creating a substantial portion of new jobs. With Sage Intacct Accountants, practice leaders are empowered to support these businesses by offering tailored, scalable solutions that manage financial complexity, automate routine tasks, and provide data-driven decision-making capabilities.

Sage Intacct Accountants empowers accounting practices with the flexibility to choose between two pathways—Standard and Professional—based on their unique business models. With Sage Intacct Accountants, accounting practices can increase their advisory services and net client fees by more than 10x for every dollar spent. As AI adoption in accounting is expected to double within the next five years, its powerful AI capabilities ensure that firms remain competitive and continue delivering high-value services.

For more information on Sage Intacct Accountants, visit sage.com/en-ca/partners/service-delivery-partners/managed-services and for details on Sage’s Practice of Now report visit, sage.com/en-ca/accountants/resources/practice-of-now.

Leave a comment »

Nuspire’s Q3 2024 Threat Report Shows 50% Spike in Exploit Attempts and Rise in Ransomware Extortion Activity

Posted in Commentary with tags on October 29, 2024 by itnerd

Nuspire today released its Q3 2024 Cyber Threat Report, offering an in-depth analysis of cyber threats over the past quarter. Significant findings in the report include a surge in exploit attempts, a change in ransomware group dominance and shifting trends in dark web behavior.

According to the report, exploit activity increased by over 50%, driven by a sharp rise in attacks against VPN technologies. On the ransomware front, a power shift emerged as RansomHub dethroned LockBit as the top extortion publication group, signaling evolving tactics in the ransomware ecosystem.

Key insights from Nuspire’s Q3 2024 Cyber Threat Report include:

  • Exploit Activity:
    • A total of 16,964,624 exploitation events were detected in Q3, marking a 50.96% increase over Q2.
    • Over 60% of these attacks targeted unpatched or outdated systems, focusing on VPN vulnerabilities.
    • The Fortinet FortiOS SSL-VPN vulnerability (CVE-2022-42475) was the most exploited, with a significant uptick in attack attempts.
    • Exploits targeting remote work environments saw a 45% increase, further highlighting the risks posed by hybrid workforces.
  • Ransomware Trends:
    • RansomHub ransomware overtook LockBit as the leading ransomware group, with an 8.06% rise in ransomware publications.
    • Nearly 30% of all ransomware-related extortion in Q3 was attributed to RansomHub’s activity.
    • 40% of successful ransomware attacks were initiated through phishing or exploited vulnerabilities.
    • Smaller ransomware groups are adopting more agile tactics to evade law enforcement and detection.
  • Dark Web Listings:
    • Dark web activity decreased by 5.41% overall, but the Lumma Stealer infostealer saw a resurgence, with a 12% increase in listings.
    • Demand for compromised VPN and cloud service credentials surged, with listings for these credentials increasing by 15%.
    • High-value targets, particularly in healthcare, financial services and critical infrastructure, were prioritized in dark web transactions.

To access the complete Q3 2024 Cyber Threat Report, click here. 

Leave a comment »

New Chenlun/Sinkinto01 TTPs Development to Use Amazon & USPS Lures in Smishing Attacks

Posted in Commentary with tags on October 29, 2024 by itnerd

DomainTools has published new research on the development of phishing attacks to gather personal information attributed to the threat actor Chenlun/Sinkinto01, which continued after DomainTools’ original investigation in December 2023.

After analyzing related domains, DomainTools noticed interesting evolutions in their tactics, techniques, and procedures (TTPs). Chenlun has expanded to use Amazon and the previously identified United States Postal Office (USPS) lures.

DomainTools domain-related data allowed researchers to identify a preference for using subdomains with short life cycles on older apex-level domains. Both subdomains and apex-level domains indicate using a domain generation algorithm (DGA) as an obfuscation method. 

DomainTools identified redirect domains used after visiting the domain mentioned in the SMS message to further obfuscate the path traveled by the victim before being asked for personal information.

Last year, DomainTools published research on a phishing campaign that targeted individuals by using SMS messages to impersonate the USPS. The original article details the likely responsible threat actor, Chenlun/Sinkinto01. 

You can read the details here.

Leave a comment »