Latest Phishing Attack Spoofs a German Broadband and Media Conference to Steal Personal Credentials

Posted in Commentary with tags on June 8, 2023 by itnerd

Rresearchers at Avanan, a Check Point Software company, have put out a report where they discuss how hackers are sending spoofed emails and creating spoofed webpages to make it appear as it comes from Anga Com, a popular conference based in Germany for broadband and media distributors attracting over 22,000 participants from 470 companies from across the world.

In this attack, users get an email from what appears to be coming from Anga Com notifying them that visitors expressed interest in their exhibit during the conference. The email continues by encouraging end-users to click on the link and sign into the portal where they are able to interact with the person who initially expressed their interest. The entire ploy was created to ultimately steal user credentials.

You can read the report here.

Leave a comment »

TELUS launches fourth #StandWithOwners contest

Posted in Commentary with tags on June 8, 2023 by itnerd

TELUS’ #StandWithOwners program is back for its fourth consecutive year, championing business owners, leaders and teams who are doing things differently and making an impact in their local communities. With small businesses employing 10 million Canadians, representing 69 per cent of private sector employment growth in Canada year-over-year, TELUS is recognizing the critical role business owners play in fueling innovation, propelling economic growth and driving social change. 

Starting today until September 6, 2023, businesses can apply at telus.com/StandWithOwners for a chance to win one of five grand prize packages, valued at over $125,000 each, including $50,000 in cash, $50,000 in advertising, over $25,000 in technology and business services from TELUS and their partners, a round-trip package to Vancouver to celebrate their achievement, as well as access to customized mentorship through the TELUS advisory council. In addition, 15 finalists will each receive $20,000 in funding, technology and additional prizing. Throughout the summer, applicants will also be randomly selected as part of the “50 Days of Hustle” to win further prizes. 

Applicants will demonstrate how their business is changing the game, solving the problems of today and tomorrow and using technology to grow and differentiate their business. Winners will be selected by a judging panel that includes Roi Ross, Vice-president of Marketing at TELUS Business; Anjali Kapal, Vice-president, Product Management & Customer Experience at Canada Post; Penny Hicks, Managing Director, Client Partnerships at The Globe and Mail; and Mark Hickman, Managing Director at Sage Canada.

The panel of judges also features Lourdes Juan, Founder of Leftovers Foundation and 2021 #StandWithOwners winner. As an award-winning entrepreneur who has founded a diverse array of organizations, Juan knows firsthand the importance of being recognized as a growing business and having the support of other business leaders in the community.

TELUS is a proud supporter of Canadian business. Since 2020, TELUS has committed $3.5 million to #StandWithOwners, providing funding, advertising and technology to help businesses thrive in a digital world. As part of TELUS’ greater commitment to the growth of Canadian business, over $300 million has been invested to support entrepreneurs, start-ups and leaders of tomorrow through the TELUS Pollinator Fund for Good and TELUS Ventures.

To learn more about the program and how to apply, visit telus.com/StandWithOwners.

Leave a comment »

Veridas Expands Its Age Verification Solution

Posted in Commentary with tags on June 8, 2023 by itnerd

Veridas, a leading global provider of AI-driven identity verification solutions, is proud to announce the expansion of its groundbreaking Age Verification product. Designed to help businesses meet stringent age verification regulations, this cutting-edge solution combines biometric verification and artificial intelligence to deliver accurate and efficient age verification services.

Veridas’ existing Age Verification solution now comes equipped with Age Validation capabilities, which only require a simple selfie. This new component will allow our customers to drive age verification processes that respect their users’ privacy by not requiring them to show or send any personal data, such as identity documents.

In an era of tightening regulatory restrictions, businesses face increasing pressure to comply with age verification laws or face severe penalties, including fines and legal actions. Veridas’ Age Verification product offers a seamless and reliable solution, empowering businesses to verify customer ages quickly and confidently.

A growing regulatory context for greater child protection

Regulatory bodies worldwide are increasingly focused on implementing measures to safeguard children in the digital era. Stricter age verification requirements are enforced for online platforms, including gambling, social media, adult sites and marketplaces. Failure to comply with these regulations can lead to significant penalties and legal consequences.

In the United Kingdom, regulations such as the Gambling Commission’s License Conditions and Codes of Practice and the recently introduced “Age Assurance” provision of the Children’s Code emphasize age verification to prevent underage access to online platforms and protect children from age-inappropriate content. In the United States, individual states are taking proactive measures to address age verification and child protection online. Examples include Louisiana’s law requiring age verification on pornography websites and Arkansas’ Social Media Safety Act. Federal proposals, such as the Mature Act and the Kids Online Safety Act (KOSA), seek to introduce national regulations and age verification standards for online platforms.

These UK and US regulations highlight the ongoing efforts to establish comprehensive age verification mechanisms and ensure enhanced child protection measures in the digital landscape.

Veridas Age Verification for Businesses: Swift, Reliable, and Secure Solution

Veridas offers an advanced Age Verification solution designed to benefit businesses and enhance customer experiences with:

  • Swift and Reliable Verification:
    Our biometrics-based solution ensures quick age verification, mitigating fines and reputational damage while delivering fast and frictionless customer access experiences.
  • Increased Customer Acquisition:
    Streamlined age verification processes enhance user experiences, reducing friction and boosting customer acquisition with a quick selfie backed by our Real-Identity Platform.
  • Protected Reputation:
    Veridas’ advanced technology safeguards businesses from compliance breaches, protecting their brand reputation and ensuring trust by meeting age-related regulatory requirements.
  • Simplified Compliance:
    Veridas’ solution prioritizes customer privacy, aligning with evolving data protection regulations and providing an extra layer of trust while simplifying compliance.

Veridas Age Validation: The New Addition to Our Orchestrated Solutions for Tailored Age Verification

Veridas takes a comprehensive approach to Age Verification, combining cutting-edge AI technology, robust anti-spoofing measures and meticulous document checks. As of today, the highlight of Veridas’ offerings is the new Facial Age Validation service, which leverages advanced facial biometrics to determine an individual’s age within milliseconds. This innovative solution can be used independently or orchestrated with other Veridas Age Verification suite components, providing businesses with a guided experience and real-time feedback.

Veridas’ Facial Age Validation service revolutionizes age verification by utilizing facial biometrics. Lightning-fast processing accurately determines whether an individual is above or below the target age. Businesses can seamlessly integrate this service into their verification process, ensuring a guided experience for customers and real-time feedback on age validation.

However, Veridas’ suite of Age Verification solutions goes beyond Facial Age Validation. It includes automated ID document verification, facial biometric checks, liveness detection, database, and government checks. These solutions enhance the overall verification process, ensuring the authenticity of documents, precise identity verification, prevention of fraud through deepfakes or presentation attacks, real-time validation of IDs and selfies, and cross-referencing against official government databases.

Veridas, with its extensive experience in these sectors, has been at the forefront of verifying ages for organizations such as BBVA, Cabify, Renfe, Codere, Sportium, and Alkomprar, among others. By partnering with industry leaders like OneSpan, LexisNexis, and TransUnion, Veridas has demonstrated its commitment to delivering top-notch identity verification solutions.

To learn more about Veridas’ Age Verification Solution and its AI-driven identity verification products suite, visit veridas.com.

Leave a comment »

CVEs Surge 25% In ’22, Severity Down but Risk is Still High: Skybox Security

Posted in Commentary with tags on June 7, 2023 by itnerd

According to data compiled by Skybox Security in their 2023 Vulnerability and Threat Trends Report, the total vulnerabilities reported by the US government in 2022 increased by 25% to hit a new high of 25,096, the sixth year in a row of increases and the biggest since 2017.

  • 80% – medium or high severity 
  • 16% – critical (down 20% over 2021) 

Skybox noted that severity does not equal risk, with threat actors often using less severe vulnerabilities for remote code execution, privilege escalation and more, patching should be prioritized, not based on the severity of a CVE, but its exploitability, exposure, asset importance and business impact.

“The writing is on the wall. Traditional reactive approaches to cybersecurity – waiting until vulnerabilities are reported and then scrambling to scan and patch every instance – are more outmoded by the day. There are far too many vulnerabilities, it takes too long to find them and close them, and many are unpatchable in any case. Understaffed cybersecurity organizations can’t keep up,” Skybox CEO, Mordecai Rosen said.

Dave Ratner, CEO, HYAS had this comment:

“It has never been more clear that, as attackers innovate, the traditional reactive cyber security solutions are losing both effectiveness and efficacy. The only way to level the playing field is to get proactive with modern solutions like Protective DNS across both the IT and OT environments, and it’s not a coincidence that even CISA is making these kinds of recommendations as part of the Shields Up initiative.”

Clearly it’s time to step things up both on the human asset front as well as the technology front. Because there’s really no other way to keep ahead of threat actors who are determined to pwn everything they can in pursuit of all the money and intel that they can get.

Leave a comment »

Bitdefender Anomaly Detection Finds 60k Apps Secretly Installing Adware

Posted in Commentary with tags on June 7, 2023 by itnerd

Using an anomaly detection feature that was added to its Mobile Security software, Bitdefender detected over 60,000 malicious Android apps disguised as legitimate applications that have been installing adware for the last 6 months.
 
The global campaign that predominantly targets US users is believed to have started in October 2022 and is being distributed as fake security software, game cracks, cheats, VPN software, Netflix, and utility apps on third-party sites, where malware inspection isn’t as strong.
 
When the app is installed and launched, it will display an error message stating that the “Application is unavailable in your region. Tap OK to uninstall,” but actually, the app is not uninstalled and instead sleeps for two hours before registering two ‘intents’ that cause the app to launch when the device is booted or unlocked. Bitdefender says the latter intent is disabled for the first 2 days, which helps evade detection.
 
The app then reaches out to the attackers’ servers and retrieves advertisement URLs to be displayed in the mobile browser or as a full-screen WebView ad.
 
“However, the threat actors involved can easily switch tactics to redirect users to other types of malware, such as banking Trojans to steal credentials and financial information or ransomware,” warns Bitdefender.

Ted Miracco, CEO, Approov Mobile Security had this to same:

   “The discovery of these malicious Android apps raises concerns about how easy it is to distribute malware and the fact that this campaign predominantly targets users in the United States is concerning, as it suggests that a large number of individuals may be at risk. This highlights the need for robust security measures, like app attestation to protect users from such threats. It also serves as a reminder for users to exercise caution when downloading and installing applications, particularly from unofficial sources.”


Dave Ratner, CEO, HYAS follows up with this:

   “The identification of beaconing behavior to adversary infrastructure via Protective DNS is not only for laptops and servers; the explosion of mobile-based malware highlights just how important it is to extend Protective DNS across all connected devices. Bad actors will continue to find innovative ways to trick users but having the visibility to see the anomalous communication reaching out to the adversary’s servers, and the ability to block it, provides a key layer of defense that is critical in today’s world.”

The fact that these Android apps are out there should send a chill down the spine of every Android user. Thus it means to me that Google as well as users of Android phones really need to have their heads on a swivel to make sure that this doesn’t become an extremely popular attack vector.

Leave a comment »

Cisco Accelerates Application Security Strategy With Panoptica

Posted in Commentary with tags on June 7, 2023 by itnerd

Cisco is advancing customers’ modern application security needs along their cloud journey with the introduction of a new solution.

Announced today at Cisco LIVE 2023, Cisco’s Cloud Native Application Security solution, Panoptica, will now provide end-to-end lifecycle protection for cloud native application environments, from development to deployment to production.

This will secure modern applications from the start and help teams identify risks easily, address alerts that matter most first, and ultimately remediate the most important vulnerabilities with powerful attack path analysis.

The capability addresses challenges that organizations worldwide are grappling with amid surging demand for applications to drive core business processes alongside the complexity of securing application development and deployment, across hybrid and multicloud environments.

The innovation in Cloud Native Application Security represents an important step in Cisco’s accelerating end-to-end Security strategy. Cisco is uniquely positioned to be able to secure organizations’ networks, devices, users and now applications.

Cisco Cloud Native Application Security Spans Development to Runtime

Panoptica will include an integrated and simplified visual dashboard experience with seamless scalability across clusters and multicloud environments. This will allow teams to secure APIs as well serverless, containerized, and Kubernetes environments holistically, with less complexity and more efficiency.

The Cloud Workload Protection (CWPP) module in Panoptica provides coverage across APIs, containers, serverless environments, and delivers runtime security. Further capabilities will be added, this September, with the addition of Cloud Security Posture Management (CSPM), which will deliver continuous cloud security compliance and monitoring at scale, giving customers full visibility into their entire inventory of cloud assets, including Kubernetes clusters.

API Logic Protection gives operations teams a clear picture of and path towards policy governance for APIs, rather than requiring developers to perform extensive security research on a case-by-case basis. Plus, Infrastructure as Code (IaC) Scanning allows developers to ensure cloud infrastructure code is secure from the start.

Customers can then combine all the data and insights from these security tools together with Panoptica’s new Attack Path Engine to more richly protect activity, rapidly apply policy management, and remediate problems with automated support.

Cisco Expands its Application Security Integrations, especially in Full Stack Observability

In addition to end-to-end application security, organizations need to understand how cloud application vulnerabilities can have further repercussions across the business.

The Security Insights module for Cloud Native Application Observability, built on the Cisco Full-Stack Observability Platform, will integrate with Panoptica for real-time visibility, prioritized insights, and recommendations to address security issues across critical applications based on business risk.

Security Insights provides differentiated runtime data security to detect and protect against leakage of sensitive data. With real-time vulnerability risk scoring and telemetry to help prioritize top business risks, the right people get the right recommended actions—at the right time.

Today’s announcements and the additional capabilities coming in September, including Panoptica’s holistic cloud native application security capabilities demonstrate Cisco’s commitment to delivering a portfolio of industry-leading security coverage for organizations looking to protect all vital operations and data across the business, from networking and IT infrastructure to user management, cloud applications, APIs, and more.

Leave a comment »

Google Cloud Makes Announcements Regarding Generative AI

Posted in Commentary with tags on June 7, 2023 by itnerd

Today Google Cloud made several announcements about how it is helping organizations get started with generative AI. Here are the highlights below:

Leave a comment »

Guest Post: You are most likely to get a phishing email on Monday

Posted in Commentary with tags on June 7, 2023 by itnerd

Among the myriad of tactics employed by cybercriminals, phishing emails continue to reign as one of the most prevalent and effective methods for breaching personal and organizational security.

According to the data presented by the Atlas VPN team, 27% of phishing emails targeting C-Suite employees are sent out on Mondays. While the statistics are based on C-Suite, they should reflect similarly to the general public. Furthermore, the most common payloads attached to phishing emails are hyperlinks or attachments carrying malware.

For a lot of people, Mondays are busy and stressful. As the workweek starts, inboxes get filled with new messages, deadlines, and essential tasks that must be addressed immediately.

Saturdays are the second favorite day for cybercriminals, as one out of five (19%) phishing emails come on this day. Fridays (14%), Tuesdays (13%), and Thursdays (12%) are the next most common days for phishing emails to arrive at your door.

You are the least likely to receive a phishing email on Wednesdays (9%) and Sundays (6%).

​​Cybersecurity writer at Atlas VPN, Vilius Kardelis, shares his thoughts on phishing attacks:

Individuals and organizations must take a proactive approach to strengthen their defenses against the evolving and sophisticated landscape of phishing attacks. Ongoing education on robust security measures and promoting a culture of skepticism are necessary to combat the constant and widespread threat of phishing attacks effectively.”

Payloads in phishing attacks

Although we have analyzed the frequency of phishing emails on different workdays, it’s crucial to investigate cybercriminals’ methods to execute their harmful intentions.

Phishing hyperlinks made up 38% of all payloads delivered in phishing attacks sent from compromised accounts. Phishing hyperlinks exploit people’s trust in familiar websites by tricking them into visiting fake ones.

Attachments including malware accounted for 35% of payloads delivered in phishing attacks. Financial payloads made up 16% of phishing attacks sent from compromised accounts. Lastly, phishing attacks using pure social engineering tactics with no payload accounted for 11%.

To read the full article, head over to:

https://atlasvpn.com/blog/you-are-most-likely-to-get-a-phishing-email-on-monday

you-are-most-likely-to-get-a-phishing-email-on-monday

Leave a comment »

Commvault Redefines Data Protection With New Security Capabilities And Ecosystem Integrations 

Posted in Commentary with tags on June 7, 2023 by itnerd

Commvault, an enterprise data protection leader for today’s global businesses and the first data protection vendor to introduce cyber deception, announced new security capabilities across its entire portfolio. Signaling the next phase in its evolution, Commvault is helping businesses secure, defend, and recover their data to meet increasingly sophisticated cyber threats head on. As part of these capabilities, Commvault has expanded its security ecosystem to include product integrations with Microsoft and CyberArk. 

Commvault has redefined data protection to include early warning technologies that help to secure against threats before they happen, defend enterprise data if the environment is breached, and ensure recoverability so customers and their data remain resilient in the face of evolving cyber threats. The only data protection vendor with early warning, in-depth threat monitoring, and cyber deception for production and backup environments, Commvault can detect threats in as little as five minutes versus the industry average of 24 hours. Through early detection of zero-day and insider threats, Commvault technology helps protect data against breaches and cyber attacks. 

Available in Q2, Commvault’s advanced security features are managed and delivered through the simplicity of the new Commvault Cloud Command interface, providing complete visibility for better business decisions, improved security postures, and preserved data for cleaner, more efficient recoverability. These capabilities include:

  • Commvault Cloud Command – A single platform and UI, offering universal management for all Commvault offerings in an integrated dashboard that provides full telemetry and observability into key Commvault software indicators. Delivers health-at-a-glance, risk levels, security and recovery indicators, and beyond for Commvault investments from a single source.
  • Commvault Risk Analysis – Powered by machine learning (ML), Commvault Risk Analysis quarantines and protects sensitive data, giving organizations the ability to discover, analyze, and secure sensitive data to help prevent cyber exposure and potential data exfiltration.
  • Commvault Threat Scan – Fosters the detection of corrupted or suspicious datasets. Businesses can use Threat Scan to locate and quarantine malware and threats from backup content, and help ensure clean recoveries while decreasing the likelihood of reinfection.
  • Commvault Auto Recovery – Cyber analysis tool that tests recovery readiness at scale and provides a framework for forensic analysis to validate and sanitize points of recovery, aiding in the prevention of future incidents. Allows organizations to easily and securely recover workloads at scale from cyber-attacks with minimal data loss and downtime.
  • ThreatWise Advisor – Delivers integrated logic into Commvault backup environments to intelligently recommend decoy placement, and further harden critical workloads.

In the event that enterprises need to recover from an attack or outage, Commvault’s proactive and reliable recoverability across the industry’s broadest workload coverage reduces downtime and accelerates response times for business continuity.

Protecting the most workloads requires strong technology and engineering partnerships. To that end, Commvault also announced collaborations with Microsoft and CyberArk to integrate Commvault’s technology with their respective security platforms. By expanding its security ecosystem, Commvault is helping organizations enhance their security posture through automated incident response, better collaboration, and deeper insights into the threat landscape.

Commvault and Microsoft Sentinel bi-directional integration provides an enhanced security posture and improved collaboration between backup environments and security systems. This new layer of interoperability for IT and SecOps teams delivers automated orchestration jointly across both systems for combined cyber event insights, actionable countermeasures, and optimized incident response.

Commvault’s latest security innovations will be available in Q2 through Commvault and its worldwide ecosystem of partners. To learn more, read today’s blog. For more information on Commvault’s integrations, visit the Supporting Technologies page.

Leave a comment »

If You Have An Intel Mac, You Should Make The Move To An Apple Silicon Mac Soon

Posted in Commentary with tags on June 7, 2023 by itnerd

The days of Intel based Macs are over. Which means that if you still have an Intel Mac, you should strongly look into making the move to an Apple Silicon Mac within the next year or two. Now I know that this sounds harsh, but it’s true. And I am basing that on two reasons.

Reason #1: Apple has completed its transition (though I will mention that they were late in doing so) to Apple Silicon by releasing the Apple Silicon version of the Mac Pro this past Monday at the World Wide Developer’s Conference. The Mac Pro was the last Intel based Mac in Apple’s lineup. And as long as that Mac existed, it gave Apple an incentive to develop features inside macOS to support that Mac. But now that the new Mac Pro is out, and it’s powered by a M2 Ultra chip, there is zero incentive for Apple to develop any new features for Intel based Macs in their operating systems. Never mind provide any support for them in the long term. That brings me to my next reason.

Reason #2: You’re already seeing Apple deciding not to provide key features found on Apple Silicon Macs on Intel Macs. Take macOS Sonoma which was announced this past Monday at the World Wide Developer’s Conference. The following features in that version of macOS are not going to be in Intel Macs:

  • Presenter Overlay utilizes a Neural Engine-powered feature called Lift Subject from Background. It places your cutout from the webcam feed over content in a presentation.
  • Screen Sharing gets easier — for Apple Silicon Macs — thanks to the advanced media engine. This makes sharing more responsive over high-bandwidth connections.
  • The newly abbreviated wake word “Siri” is only available for Apple Silicon-equipped Macs and AirPods Pro 2.
  • Game Mode takes advantage of Apple Silicon’s SoC design by prioritizing gaming for the CPU and GPU while also reducing latency with wireless accessories.
  • Made-for-iPhone hearing devices can pair directly with Apple Silicon Macs (excluding those with a base M1).

And on top of that, the list of Macs that can run macOS Sonoma is short:

  • iMac 2019 or later
  • iMac Pro
  • MacBook Air 2018 or later
  • MacBook Pro 2018 or later
  • Mac Pro 2019 or later
  • Mac Studio
  • Mac mini 2018 or later

Keep in mind that Apple Silicon appeared in 2020. So that means that the only Intel Macs that can run macOS Sonoma are from 2018 onwards. That means that there’s maybe 2 years of of operating system support left for those Macs. Maybe three at the most. And what that also means that past a certain point, even security updates won’t be available for Intel Macs. And that would leave those Mac owners wide open to security threats that will never be fixed.

Taking both of those reasons into consideration, that makes now the time to start planning to make the switch to Apple Silicon. Because based on Apple’s previous track record with the switch from PowerPC to Intel many years ago, Apple will likely just wake up one morning and pull the rug out from under Intel Mac users and leave them scrambling for options. You don’t want to be that person. Thus it makes sense that you should start the process of making this transition while you have time and you can calmly consider your options.

2 Comments »

« Older Entries
Newer Entries »