Review: JBL Go 2

Posted in Products with tags on November 29, 2021 by itnerd

Regardless of how good your laptop or phone speakers are, there are times where you need a speaker that gives you more sound that those can provide. Or you need a more robust speaker for going to the beach with. JBL has you covered on that front with their Go 2 speaker:

Here’s what you get in the box:

Besides the speaker, you get a USB-A to micro USB cable. Which in the age of USB-C is a #Fail. And the usual documentation that nobody will read. The speaker itself has these controls and connections:

There is a very thick rubber flap that covers these ports:

You get a micro USB connector and a 3.5mm input.

You get controls on the other side of the speaker including power and volume. The speaker is pretty compact and is easy to carry. It takes up little room in a backpack, laptop bag or purse.

The Go 2 supports Bluetooth 4.1 and have a battery life of 5 hours and takes 2.5 hours to charge. The speaker is IPX7 waterproof which means taking it to the pool or the beach is not an issue as it means it can be fully submersed in 1 meter of water for up to 30 minutes.

The question is, how does it sound? To find out, I paired it to my 16″ MacBook Pro and played one of my audio torture test playlists that I use when I evaluate car audio systems. Paring it is dead easy as I was able to turn the speaker on and have it pop up in the Bluetooth menu of my MacBook Pro. Once paired, there’s a white light that goes from flashing to solid as well as some sounds that you hear when it is powered up and it is paired. Once I did that, I had to hurriedly turn down the volume as the Go 2 is loud. It also has a surprising amount of bass, though you’re not going to shake windows with this speaker. Even at full volume. Beyond that, the sound is pretty good and I suspect that you will have no complaints. And just in the interest of pushing the envelope a bit, I played a couple of videos and found zero issues in terms of having the audio synced with the video. It also performs reasonably well as a speakerphone as there’s a built-in microphone. But I am not sure that I would use this in a noisy environment as background sound was picked up and was audible on my test calls.

My verdict is that the JBL Go 2 is a speaker that will provide you with decent sound at a decent price. Which is $35 USD as I type this. Though mine is black, there are a number of colours available. One thing that I should point out is the Go 3 is now available from JBL so you might want to either look at that, or look for the best deal on the Go 2 that you can find. Regardless, the Go 2 is worth a listen to if you are in the market for a portable Bluetooth speaker that is waterproof.

IKEA Email Systems Hit By Ongoing Cyberattack

Posted in Commentary with tags on November 28, 2021 by itnerd

IKEA is apparently under a cyberattack that is affecting it’s email systems. Bleeping Computer has the details:

In internal emails seen by BleepingComputer, IKEA is warning employees of an ongoing reply-chain phishing cyber-attack targeting internal mailboxes. These emails are also being sent from other compromised IKEA organizations and business partners.

“There is an ongoing cyber-attack that is targeting Inter IKEA mailboxes. Other IKEA organisations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA,” explained an internal email sent to IKEA employees and seen by BleepingComputer.

“This means that the attack can come via email from someone that you work with, from any external organisation, and as a reply to an already ongoing conversations. It is therefore difficult to detect, for which we ask you to be extra cautious.”

IKEA IT teams warn employees that the reply-chain emails contain links with seven digits at the end and shared an example email, as shown below. In addition, employees are told not to open the emails, regardless of who sent them, and to report them to the IT department immediately.

Recipients are also told to tell the sender of the emails via Microsoft Teams chat to report the emails.

Attacks like this are crippling and difficult to resolve. The best advice that I can give is to stop attacks like these before they start. That means having a layered set of defences from software to user training to make sure that you don’t become the next IKEA.

Two Week Challenge: Ekster Aluminum Cardholder – My Final Thoughts

Posted in Products with tags on November 27, 2021 by itnerd

I’ve come to the end of my two week challenge of using this super slim Ekster Aluminum Cardholder. In the first part of this challenge, I was able to get all the cards that I need into it. And I think that’s due to the fact that a lot of cards these days are digital (as in they are on your phone for example) rather than physical. That highlights that you don’t really need to have a big wallet to carry your stuff along. And related to that, I found that the stuff like parking receipts don’t collect inside my wallet. That’s a good thing as well.

In the second part of this challenge, I decided to use the Ekster Tracker Card. I think the concept is solid because it is thin, recharges the internal battery via light, and gives me a decent shot at finding this cardholder if I lose it. My only suggestion is that Ekster, or more accurately Chipolo who makes the tech behind this card have a version that works with Apple’s Find My network. Seeing as I have a few AirTags in use, it would be nice to not have to run an another app to keep track of the cardholder. And I am sure that other Apple users would appreciate it.

Related to this, a reader who owns a Ekster Cardholder emailed me with his hack to use an AirTag. He uses this AirTag holder for dog/cat collars on his cardholder. He claimed that it doesn’t add that much bulk and is secure. So for giggles, I ordered one.

The AirTag added some amount of bulk, especially in my pocket. But it’s a kludge and not a solution as the whole point of having this cardholder is to keep the bulk to a minimun. Though I can see someone in the iOS ecosystem deciding to use this method as they really want to have this cardholder and an AirTag.

Here’s the bottom line. The Ekster Aluminum Cardholder really slims down your pocket and almost feels like it’s not there. While the camo design doesn’t match the matte black/carbon fibre vibe that I tend to use with my gear, I am absolutely going to make this part of my everyday carry. If you want to slim down your wallet, this is absolutely the way to go. If Ekster comes out with a Find My compatible Tracker Card, it would be perfect. But even without that, I would highly recommend the Ekster Aluminum Cardholder without question.

Help Goliath Games Spread Some Holiday Cheer!

Posted in Commentary with tags on November 26, 2021 by itnerd

As the holidays are upon us, Goliath is committed to spreading holiday cheer throughout North Texas, but they need your help!

This year, they are hosting a holiday toy and game giveaway for non-profit organizations that serve children and families. There are ten organizations in the running, and they need your help to win! Watch all the organizations short submission videos linked below, and don’t forget to like and comment on your favorite.

Thanks in advance for helping them make children and their families’ holiday a little bit more special this year!

UK Bans Default Passwords In Smart Home Gear

Posted in Commentary with tags , on November 26, 2021 by itnerd

The UK government has done something that I absolutely applaud. They’ve introduced new legislation to protect smart devices in people’s homes from being hacked. Here’s the details:

Recent research from consumer watchdog Which? suggested homes filled with smart devices could be exposed to more than 12,000 attacks in a single week. Default passwords for internet-connected devices will be banned, and firms which do not comply will face huge fines. One expert said that it was an important “first step”. Cyber-criminals are increasingly targeting products from phones and smart TVs, to home speakers and internet-connected dishwashers. Hackers who can access one vulnerable device can then go on to access entire home networks and steal personal data.

In 2017, for example, hackers stole data from a US casino via an internet-connected fish tank. There have also been reports of people accessing home webcams and speaking to family members. And poor security on a home wi-fi router could have been behind the uploading of illegal child abuse images from a home network that led to police accusing an innocent couple of the crime. While there are strict rules about protecting people from physical harm — such as overheating, sharp components or electric shocks — there are no such rules for cyber-breaches.

Like I said I applaud this, if they enforce this strictly. I hope that this is something that catches on with other countries as the more countries that take this stance, the more likely that companies who make smart home gear will just make their gear secure by default.

Israel Restricts Exports Of Cyberweapons To Eliminate Autocratic Regimes From Accessing Them

Posted in Commentary with tags on November 25, 2021 by itnerd

I am guessing that the Israeli government isn’t thrilled with all the recent shots taken at The NSO Group from everyone from the US Government to Apple. I say that because the news is out that they are going to drop the list of countries that The NSO Group can export to from 102 countries to 37:

The new list, obtained by Israeli business newspaper Calcalist earlier today, only includes countries with proven democracies, such as those from Europe and the Five Eyes coalition: Australia, Austria, Belgium, Bulgaria, Canada, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Iceland, India, Ireland, Italy, Japan, Latvia, Liechtenstein, Lithuania, Luxembourg, Malta, New Zealand, Norway, Portugal, Romania, Slovakia, Slovenia, South Korea, Spain, Sweden, Switzerland, the Netherlands, the UK, and the US.

The list noticeably removes autocratic regimes, to which Israeli companies have often supplied surveillance tools. Spyware developed by Israeli companies like Candiru and the NSO Group has been linked in recent years to human rights abuses in tens of countries, with the tools being used by the local governments to spy on reporters, activists, dissidents, and political rivals.

I am not sure if this is really going to move the needle on this issue. The knives are out for The NSO Group and I am not sure that this move by the Israeli government will change that. But I am going to watch this closely as I am always free to be surprised.

iRobot Canada Black Friday Deals – Available Now

Posted in Commentary with tags on November 25, 2021 by itnerd

I would like to share iRobot’s Canadian deals that are now live on iRobot.ca. In addition to these deals, Rakuten is currently offering 6% cash back on the Roomba i3, which is fantastic! 

DEALS AVAILABLE NOW ON iROBOT.CA 

Roomba i3+: Regular Price: $749.99 CAD. Black Friday promo: Save $200  

Roomba i3: Regular Price: $499.99 CAD. Black Friday promo: Save $100  

Roomba 694: Regular Price: $369.99 CAD. Black Friday promo: Save $100  

Braava jet m6: Regular Price: $599.99 CAD. Black Friday promo: $100  

Braava jet 240: Regular Price: $279.99 CAD. Black Friday promo: Save $30  

H1 Hand Vac: Regular Price: $329.99 CAD. Black Friday promo: Save $100  

Root Coding Robot: Regular Price: $179.99 CAD. Black Friday promo: Save $30 

Mobile Klinik Opens 100th Store

Posted in Commentary with tags on November 25, 2021 by itnerd

Today Mobile Klinik, Canada’s expert leading chain on device performance and professional smartphone and tablet repair offering high-quality, certified pre-owned mobile devices, opened its 100th store location at the Pickering Town Centre in Pickering, Ontario. To celebrate this milestone, across Canada this holiday season, customers who purchase a certified pre-owned phone and activate select mobility plans in-store can save up to $250. Until the end of 2021 the Pickering Town Centre location is providing 20 per cent off most repairs, accessories and certified pre-owned mobile devices.

The demand for trusted repair outlets and locations to purchase high-quality certified pre-owned devices is growing. A recent Angus Reid Institute survey conducted by Mobile Klinik found 41 per cent of Canadians would consider purchasing a pre-owned phone, citing cost and environmental benefits as leading motivators. Further, the majority of Canadians consider their mobile phone as their most expensive personal item and are willing to consider repairing rather than replacing their device, with nearly half of those respondents having repaired their device before.

Mobile Klinik offers Canadians a trusted location to buy, sell, repair and connect their mobile devices:

  • Buy: Customers can choose from Canada’s widest variety of premium certified pre-owned devices, backed by an industry-leading one-year warranty
  • Sell: Mobile Klinik will buy most used device makes and models for top dollar, and to protect customer privacy will safely transfer the seller’s data to a new device or USB before properly wiping the old one
  • Repair: All repairs are performed by certified, expert technicians, with most completed in about an hour. Common issues include cracked screens, broken cameras, software updates, and battery replacements with premium-quality-parts and state-of-the-art diagnostics
  • Connect: Mobile Klinik also offers a full range of rate plans from leading Canadian wireless carriers, with special sustainability discounts to reward customers who extend the life of their devices by repairing their device or replacing it with a certified pre-owned device, rather than buying expensive new devices

Providing customers with further convenience, earlier this year Mobile Klinik launched its Onsite Repair Units, the first van service of its kind offering consumers and businesses nationwide the convenience of professional smartphone and tablet repair at the location of their choice. Now residents and businesses in more than 100 communities nationwide can conveniently access Mobile Klinik’s Onsite Repair Unit service.

Founded in 2015, Mobile Klinik has rapidly grown into Canada’s leader in professional smartphone and tablet repair, refurbishment and resale with 100 retail locations and 500 team members across Canada. For more information visit mobileklinik.ca.

FBI/CISA Issues A Ransomware Holiday Warning

Posted in Commentary with tags on November 25, 2021 by itnerd

Earlier this week, CISA and the FBI issued a warning reminder for organizations to stay vigilant against cyber threats during the holiday season, especially on weekends when ransomware gangs normally like to strike – since many companies are closed, short-staffed or off-guard.

While CISA and the FBI provided some best practices to manage the risk of posed cyber threats, I sourced some commentary. Starting with Brent Sleeper, data security product marketing manager at HelpSystems, a provider of IT management software and services, who says the following:

“Ransomware has been a constant cybersecurity threat to organizations for many years. With the tools needed to carry out these attacks readily available on the dark web, ransomware has evolved into a serious activity for today’s cybercriminals. The tools are used to gain access to systems or networks with the objective of stealing or locking down sensitive data. The perpetrators then demand a ransom for its safe return, with many threatening to release the data into the public domain or destroy it if the ransom is not paid. Organizations that fall victim to ransomware attacks will often face weeks of costly disruption and unwanted publicity, so it’s important to understand the risks and limit the number of vulnerabilities that could potentially be exploited.

Improving awareness is a step in tackling ransomware. As ransomware is often delivered through email, employees should be educated on what to look out for and understand the dangers of clicking on unsolicited links or opening attachments. However, even with training in place, employees may still inadvertently trigger an attack, which is why it’s critical to have technology that prevents ransomware from reaching your organization in the first place. Email security solutions that automatically detect and remove malicious content or active code buried deep in attachments can neutralize threats before they do any harm. Organizations can also make sure that vulnerabilities in systems, software and applications are minimized by keeping them patched and up to date. These countermeasures will help ensure an organization’s defense against ransomware is more resilient and robust, and that its data is well protected.”

Next up is Mieng Lim, VP of product management at Digital Defense by HelpSystems, who says:

“Ransomware threats are constantly evolving. From the commoditization of ransomware through the recent availability of as-a-service tools, to increasingly sophisticated attack strategies, it is a threat landscape that demands constant monitoring and education from organizations and governments alike. This is perfectly illustrated by the new strain of ransomware discovered by Sophos this week.

Typically, hackers enter their victim’s systems and linger undetected, harvesting data and identifying targets before they deploy a targeted ransomware attack. However, this new python-based ransomware enters systems and initiates an attack within a few hours, making fast-acting threat detection and response absolutely essential for businesses. 

The first step in building an effective ransomware mitigation strategy is always setting realistic expectations. Ransomware breaches are no longer fully preventable, so businesses must focus on layering defensive barriers between an attacker and their most sensitive data. Running regular penetration testing and vulnerability scanning can help an organization identify and repair possible attack vectors, closing backdoors before an attacker can enter them and minimizing an attacker’s ability to escalate their privileges once inside the system. 

However, for any organization looking to improve its cyber threat response time, threat detection tools are a must. Network Traffic Analysis (NTA) works to monitor a network for any suspicious activity, detecting ransomware breaches and infection as quickly as possible. On top of these, active threat scans can give the organization peace of mind. If a breach is spotted, it is important to reassess the state of the IT environment to ensure that there isn’t a repeat attack. Unfortunately, we live in an era where preventing 100% of cyber risks is no longer possible, but constant vigilance, ongoing-cyber threat education, and a well-planned threat detection and response strategy will go a long way towards keeping your organization’s most sensitive data safe.”

Guest Post: Over 100 Million Windows-Targeted Malware Developed In 2021 Alone Says Atlas VPN

Posted in Commentary with tags on November 25, 2021 by itnerd

According to data analyzed and presented by Atlas VPN, 2021 marks a record year for the development of new Windows malware. Even though 2021 has another month to go, cybercriminals have already developed a whopping 107.28 million unique threats targeted at Windows devices. 

The data for the analysis was provided by AV-TEST GmbH, an independent research institute for IT security. The figures were last updated on November 23, 2021

Interestingly, the creation of new malware types targeted towards Windows OS devices has been growing steadily since 2012. On average, the quantity of new malicious software samples grows by 9.5 million or 23% YoY.

This year so far, we see 107.28 million new threats for Windows OS, representing a 16.53 million or 18% increase over 2020.

In other words, cybercriminals employed more of their resources towards Windows OS than ever before. To put things in perspective, threat actors developed around 328 thousand malware samples daily in 2021.

Cybercriminals work together to reduce costs

The fact that malicious software is easier to develop than ever before contributes to this unprecedented increase in risks.

Hackers no longer require advanced programming abilities because they can buy ready-made malware code, customize it to their needs with a little coding, and create an entirely new malware type.

Moreover, the wide availability of hackers-for-hire made prices ridiculously cheap. For example, one of our earlier analyses uncovered that hiring attacks on the dark web cost as little as $250 per attack.

To read the full article, head over to: https://atlasvpn.com/blog/over-100-million-windows-targeted-malware-developed-in-2021-alone