Researchers Tested The Google Pixel 9 And Thy Raise Concerns About User Privacy And Security

Posted in Commentary with tags on October 3, 2024 by itnerd

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google. The results show that Google’s latest flagship smartphone raises concerns about user privacy and security. It frequently transmits private user data to the tech giant before any app is installed. Moreover, the research team has discovered that it potentially has remote management capabilities without user awareness or approval.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews.

Cybernews has contacted Google about these findings. However, researchers did not obtain a response before publishing this research.

Key research takeaways:

  • Private information was repeatedly sent in the background, including the user’s email address, phone number, location, app list, and other telemetry and statistics to various Google endpoints, including Device Management, Policy Enforcement, and Face Grouping. 
  • Every 15 minutes, the device sends a regular authentication request to an endpoint called ‘auth.’
  • The phone also requests a ‘check-in’ endpoint around every 40 minutes.
  • The phone constantly requests new “experiments and configurations,” tries accessing the staging environment, and connects to device management and policy enforcement endpoints, suggesting Google’s remote control capabilities.
  • The Pixel device connected to services that were not used, nor explicit consent was given, such as Face Grouping endpoints, causing privacy and ownership concerns.
  • Another Google feature, Voice Search, was connecting to its servers sporadically – sometimes every few minutes, sometimes it wouldn’t communicate for hours. It sent potentially excessive and sensitive data, including the number of times the device was restarted, the time elapsed since powering on, and a list of apps installed on the device, including the sideloaded ones.
  • Moreover, the Pixel device periodically calls out to a Staging environment service (‘enterprise-staging.sandbox’) and attempts to download assets that do not yet exist. 
  • This reveals the capability of remotely installing new software packages.
  • The calculator app, in some conditions, leaks calculations history to unauthenticated users with physical access.

Research methodology

Researchers used a “man-in-the-middle” approach to intercept the traffic between a new Pixel 9 Pro XL and Google’s servers. 

On a brand-new phone with a new Google account and default settings, they installed the Magisk app to gain deep (root) access to the phone’s system. Researchers then proxied the inbound and outbound traffic and used a custom security certificate to decrypt and examine the communications.

Rooting the phone disables AI features such as Google Gemini Assistant, Pixel Studio, and potentially some other features. Therefore, this method did not allow for the capture of complete traffic.

The collected traffic was not modified at any point, and researchers did not manually interact with endpoints nor attempt to verify captured secrets.

To read the full research, please click here. 

Leave a comment »

This Situation Involving A Refund #Scam Could Have Been MUCH Worse For This Client

Posted in Commentary with tags on October 3, 2024 by itnerd

Just last week a friend of mine who reads this blog said “you haven’t had to rescue a client from a scam lately”.

Little did I know that he’d just jinxed my existence.

Yesterday afternoon I got a panic call from a client while I was driving from a data recovery facility on behalf of another client. (That’s a story for another day) The client in a panicked voice described getting an email saying that she had been charged hundreds of dollars for buying Bitcoin using PayPal. She phoned the number and that’s where things went rapidly downhill. I diverted myself from Markham Ontario to downtown Toronto to deal with this. And I’ll give you a bit of a spoiler, she was lucky.

When I arrived, I looked at her Mac and I tried to reverse engineer what happened. Here’s what I found.

She got an email from a random gmail.com account claiming that she had bought Bitcoin using PayPal. There was nothing on the email identifying her other than an email address. That along with the random gmail.com email address should have been the hint that this was a scam. But she didn’t check those details because of how professional the email looked.

Top tip: No matter how professional an email like this looks, if you know that you didn’t buy something from a vendor, and there’s nothing identifying you as being the purchaser, it’s likely a scam and you should just delete the email. In this case, this is called the refund scam. You’ll see why it’s called that in a moment.

She then called the number and the scammer at the other of the line then started to weave a story about her PayPal account being hacked and how they needed to connect to her computer to “secure it” as well as to “generate a cancellation form” to refund her money. That’s where the refund part of the refund scam comes from. The scammers have zero intention of refunding anything and are instead focused on stealing everything they can.

They then connected to her Mac using Team Viewer and then blanked out the screen to cover up their attempt to install ConnectWise Control on her Mac. But for reasons that I cannot discern, they failed at doing that. I’m guessing that it was because she never provided the scammers her computer’s password as I asked her about whether she gave them her password several times. But if they had succeeded, it would have given the scammers the ability to control the Mac and watch what was going on at will and without her knowledge.

In any case, she was told to log into her PayPal account. And she did. However she hadn’t used it in years and it not only had no funds in it, but wasn’t linked to a credit card or bank account.

Fun Fact: The client asked me to help her to cancel the PayPal account because of this incident and because she didn’t use it.

That’s when the scammers pivoted to trying to get her to log into her bank account. Her husband was nearby and got suspicious. When he started to try and intervene, the scammer then started to weave a story to get her husband to leave the room and take his devices (laptop, phone, etc) as they would get taken over by the hackers. Now this illustrates how scammers can use psychological techniques to advance their goals of stealing your money. Which in turn illustrates how dangerous they can be. Because what the scammers were trying to do is to keep them apart so that he couldn’t put an end to the scam. But that didn’t work and when he mentioned that he was going to call me and the scammer heard that, the scammer flipped out on her claiming that “computer guys know nothing and are out to steal your money.” That’s when my client clued in that this was a scam and hung up the phone.

By the time I had arrived, the client had frozen their credit cards and bank accounts. That’s a good idea in a situation like this as you don’t know what info the scammer might have stolen from you. They were also able to validate with their bank that no money was taken and no charges were on their credit card. In terms of their Mac, Team Viewer was installed on it and I removed it. I also found the installer for Connect Wise Control and nuked that too. I spent a fair amount of time looking at the Mac and found no evidence that the scammers had set anything else up. So I felt confident that the Mac was safe to use. As part of this, I was able to discover the ConnectWise instance that the scammers were using. So I reported that to ConnectWise in order to have them kill it. On top of that, I turned over the other information to the scam bait community so that they can extract some “vigilante” justice as I know that this is the only type of justice that these scammers will get.

At this point it appears that no money was stolen from the client, and her Mac is clear of anything “evil”. So other than a bit of wounded pride, the client survived this incident. But it highlights the need for people to stay vigilant. Trust any phone call that is unsolicited, or any email that seems weird to be a threat and do not engage with it. That’s the best way to stay safe. Especially during these times where scams seem to be out of control.

Leave a comment »

Legit Security Adds New, Adaptive ‘Legit Posture Score’ 

Posted in Commentary with tags on October 3, 2024 by itnerd

Legit Security, the definitive application security posture management (ASPM) leader providing end-to-end visibility and protection across the entire software factory, today launched its new “Legit Posture Score,” delivering a dynamic, comprehensive, and fully transparent ASPM rating system. Now security teams can proactively measure and manage their AppSec posture instantly with a holistic score that eliminates security scanning siloes and continuously assesses all associated risks, policies, and controls across today’s sprawling software development lifecycle (SDLC).

Security leaders today struggle simply to see, let alone act or improve on, their application security postures. They’re left with piles of security findings and unpatched vulnerabilities from disconnected application security testing (AST) tools, and no efficient way to prioritize or act on the issues that get surfaced. According to a 2024 ESG Research survey, 42% of security professionals believe that measuring and improving AppSec program efficacy is their toughest challenge today. And with increasingly complex and distributed software factories, mounting supply chain regulations, and agile development teams who continue to prioritize code builds over security checks — the prospect of manually tracking an organization’s application security posture gets less feasible by the day.

Now with the new Legit Posture Score, no longer are AppSec teams stuck piecing together slices of visibility from disparate security scanners and veiled, proprietary scores. The Legit Posture Score sets a new, universal, and fully transparent application security scoring standard for security teams to measure, operationalize, and accelerate AppSec maturity throughout the SDLC. It accounts for thousands of ASPM factors, consolidating broad CI/CD pipeline context from code to cloud, including asset criticality, security scanning findings, vulnerability severity, and more, all while dynamically mapping the mitigating controls and requirements from best-practice industry standards and regulatory frameworks into one holistic ASPM score. 

The new Legit Posture Score empowers AppSec teams to rapidly, with the glance of an eye, identify posture gaps and trends, benchmark performance, and drive continuous improvement throughout their software development environments. With a holistic posture score accounting for a wide spectrum of cybersecurity, regulatory, and operational risks, AppSec teams now intuitively—and automatically—view, prioritize, and remediate the issues most impactful to the business, first.

Key features of the new Legit Posture Score:

  • Real-time AppSec posture assessment from code to cloud: The new Legit Posture Score evaluates every aspect of an organization’s application security posture, from the development pipeline to the repository level. This top-down approach allows for detailed understanding of AppSec risks to answer the same critical question asked at every level of the organization: Is my software being developed securely?
  • Transparent, explainable framework — no veiled or proprietary scoring: The scoring methodology for the Legit Posture Score is completely transparent. With detailed documentation and full visibility into how every variable and calculation is made,  AppSec teams now set priorities and take action in confidence with a score they believe in and can make it their own.
  • Dynamic, customizable model: Security teams can easily adjust the scoring model according to their specific security goals. They can associate new and existing controls to the intricate requirements of any number of industry standards and regulatory frameworks (e.g., FedRAMP, SOC 2 Type II, etc.), ensuring that the Legit Posture Score always remains in tight alignment with their strategic security goals and obligations.
  • Intuitive, actionable insights: The Legit Posture Score is designed for all developers and security pros to quickly and intuitively glean insights, triage issues, and prioritize fixes with surgical precision throughout their SDLC. With modern dashboards and intuitive, drill-down navigation, AppSec leaders can seamlessly benchmark and compare posture performance by any number of predefined applications, asset groups, pipelines, or organizational segments.
  • Broad inclusion of cross-industry best practices and standards: The Legit Posture Score incorporates application security best practices and requirements from the most important regulations and industry frameworks on the market today (including NIST SSDF, SLSA, OSSF S2C2F, ISO 27001, and more), setting a new vision for what a secure, efficient software factory looks like today.

This new feature further enhances the Legit ASPM platform, providing security and development teams with the ability to measure, compare, and improve their application security posture over time, ensuring their software factories and applications in development are being built with the highest security standards in mind.

To learn more about Legit Security and its market-leading ASPM platform, please visit www.legitsecurity.com.

Leave a comment »

Quorum Cyber Teams With Microsoft’s Democracy Forward Group To Reveal New 2024 U.S. Presidential Election Cybersecurity Threats

Posted in Commentary with tags on October 3, 2024 by itnerd

Quorum Cyber – with offices in Edinburgh, UK, Ontario, Canada, and Goodyear, Arizona – today announced its webinar addressing the escalating cyber threats surrounding the November U.S. presidential election. Experts from Microsoft’s Democracy Forward team and Quorum Cyber’s Incident Response and Threat Intelligence teams will discuss current cybercriminal and nation-state actor attempts to undermine democratic processes and the integrity of elections. The live event will be held on Wednesday, October 9th at 3:30 – 4:30 PM BST / 10:30 – 11:30 AM ET.  The insights shared are essential for anyone concerned with securing the future of democratic elections. Attendees may register online at https://bit.ly/47HpZDV or visit www.quorumcyber.com/events/.

Cyber threats to the U.S. presidential election and the electoral system pose significant risks, potentially undermining public trust and influencing outcomes. But how can democracy be defended against increasingly sophisticated cybercriminals and more frequent cyberattacks?

The panel of cybersecurity experts will discuss the evolving nature of cyber threats in the context of U.S. elections, recent incidents, case studies highlighting cyber threats, and strategies for worldwide election security. In addition, attendees will:

  • Learn from experts about effective measures to protect the electoral process.
  • Engage in meaningful discussions with cybersecurity professionals monitoring U.S. election threats.
  • Stay informed about the latest trends and developments in election security.

Leave a comment »

Sage appoints Cinzia Bazzo as Managing Director for Canada

Posted in Commentary with tags on October 2, 2024 by itnerd

Sage, the leader in accounting, financial, HR, and payroll technology for small and mid-sized businesses (SMBs), today announces Cinzia Bazzo as its Managing Director for Canada. This strategic hire underlines Sage’s commitment to its growing Canadian market, which is a cornerstone of the company’s North American success.

In her new role, Bazzo will oversee Sage’s Canadian business, a critical region for growth. She will focus on accelerating sales and revenue by attracting new customers and strengthening relationships with existing ones. Bazzo will also play a key role in enhancing the customer experience, advancing Sage’s position as the most trusted and thriving network for SMBs. Additionally, she will manage the region’s performance, making strategic decisions to capitalize on strong results, address challenges, and provide leadership to over 250 employees across Canada. She will lead the implementation of global and local colleague programs, including engagement, performance management, DEI, and talent development, while fostering Sage’s culture and values.

Bazzo brings a wealth of experience to Sage, with an impressive track record of driving sales growth and delivering exceptional customer experiences. In her most recent role as Country Leader for Workday in Canada, she led her team to achieve record-breaking sales. Prior to that, she held various leadership positions at Oracle, Salesforce and SAP. Bazzo is also an active member of the Business Council of Canada, a network of enterprise executives focused on strengthening the country’s economic fabric by supporting small business and entrepreneurs in communities of all sizes.

Bazzo is based in Toronto and will play a key role on Sage’s North America Leadership Team, reporting into Mark Hickman, Managing Director of North America as Sage.

Leave a comment »

TikTok Launches STEM feed in Canada

Posted in Commentary with tags on October 2, 2024 by itnerd

TikTok is home to a community of curious minds. From discovering new stories on #BookTok to exploring new cultures and finding new life hacks,#LearnonTikTok encourages our community to continue their journey of joyful discovery. Millions of Canadians come to TikTok each month to express themselves authentically, be entertained and learn new things.

Today, TikTok is thrilled to announce the launch of TikTok’s dedicated STEM feed in Canada. This feed offers a viewing experience exclusive to STEM – science, technology, engineering and mathematics – and comes to Canada to empower continued discovery on TikTok and connect a dynamic community of individuals over their shared passion for learning. Canadian users will be able to click into the STEM feed, which will be turned on by default for all Canadian users, to open up a dedicated world of knowledge and education.

The STEM feed will feature Canadian creators and organizations that share enriching educational content, such as @AsapSCIENCE@cheggbiology,@drrachelbarr@justin_agustin@nileredextra@onlinekyne@ROMtoronto@science.bae@sciencenorth and @wildkrattstv. These creators and many more, are creating a range of content that bridges the world of entertaining, engaging creativity and educational content with their unique styles.

To help ensure high-quality STEM content for our community, TikTok continues to partner with Common Sense Networks and Poynter. Common Sense reviews all content and ensures it’s appropriate for the STEM feed. And Poynter continues to partner to assess the reliability of information presented. If content does not pass both checkpoints, it will not be eligible for the STEM feed.

Leave a comment »

Foxit Announces PDF Editor and Editor Pro with AI Assistant, Now Natively Supported on PCs powered by Snapdragon

Posted in Commentary with tags on October 2, 2024 by itnerd

Foxit today announced that its Foxit PDF Editor and Editor Pro with AI Assistant are now natively supported on PCs powered by Snapdragon® processors. This integration will provide commercial and consumer PC customers with greatly enhanced performance and capabilities – such as those customers working with PDF files on Dell Technologies’ latest devices powered by Snapdragon.

Native Snapdragon support refers to software that is developed and optimized to run directly on Snapdragon processors, without the need for emulation or translation layers. This allows the software to take full advantage of Snapdragon’s capabilities – resulting in improved performance, compatibility, and battery life, as well as decreased complexity and maintenance demands – compared to running the software in an emulated environment.

Foxit solutions revolutionize PDF document management by leveraging AI innovation and the power of ChatGPT to enhance productivity and the user experience. Foxit has developed its software to natively support the Snapdragon processors used in PCs, such as those offered by Dell Technologies. This means the Foxit PDF solutions can run directly on the Snapdragon hardware – without the performance overhead of emulation. Moreover, users will benefit from intelligent automation, natural language processing, and advanced document management tools to streamline workflows, increase productivity, and unlock the full potential of their PDF documents.

Foxit’s industry-leading solutions empower PC users to create, edit, collaborate and secure PDF documents with ease. By combining the advanced capabilities of Foxit’s PDF Editor with the AI-driven natural language processing of ChatGPT, PCs powered by Snapdragon allow users to interact with PDFs more intuitively and efficiently. The integration of ChatGPT provides intelligent automation and enhances the user experience by enabling intelligent interactions for tasks such as redaction, document annotation, and form filling.

Foxit has sold to over 485,000 customers, ranging from SMBs to global enterprises, located in more than 200 countries. The company has offices all over the world, including locations in the U.S., Europe, Australia, and Asia. For more information, please visit https://foxit.com.

Leave a comment »

Sonos Is In Deep Trouble With No End To Their Problems In Sight

Posted in Commentary with tags on October 2, 2024 by itnerd

Since spring of this year, audio gear manufacturer Sonos has been a train wreck next to a dumpster fire. The company put out a new app that was rewritten from the ground up. But it was also a buggy mess with features that users loved removed. That in turn led to customers being very vocal about how bad the app was. The company downplayed all of this but was eventually forced to admit that things were broken and they needed to address these issues.

Fast forward to the present day and the company has put up a blog post along with a YouTube video saying that they are going to focus on seven items to win back the trust of the customers they angered:

  • Unwavering Focus on Customer Experience
  • Increasing the Stringency of Pre-Launch Testing
  • Approaching Change with Humility
  • Appointing a Quality Ombudsperson
  • Extending Our Home Speaker Warranties
  • Relentless App Improvement
  • Establishing a Customer Advisory Board

All that sounds nice. But it’s the YouTube video that really shows what Sonos customers think. Here’s the YouTube video below featuring Sonos CEO Patrick Spence:

This video isn’t going over well with Sonos customers based on the comments:

I could go on but you get the point. It’s pretty clear that Sonos customers don’t trust the company or Patrick Spence to get things back on track. Which also means that these people won’t be spending money on their gear and look elsewhere for their audio needs. That’s not surprising because Sonos used to be extremely good audio gear that “just worked.” Now it’s not anything near that. And when people ask me for my recommendation on home audio gear, Sonos isn’t on the list. The reason being that I won’t stake my reputation to a product that is subpar. Which Sonos is absolutely subpar at the moment. And that’s their challenge. They have to fix the reputational damage that they inflicted upon themselves, and I don’t at this point see a clear path to them doing that. And they don’t have a lot of time to do it as their competition such as Bluesound, Audio Pro, and even Apple with the HomePod lineup are going to be sensing an opportunity to take out Sonos. If they haven’t already.

Sucks to be you Sonos.

1 Comment »

T-Mobile Pays The Price For Their Numerous Data Breaches…. Again

Posted in Commentary with tags on October 1, 2024 by itnerd

T-Mobile has had numerous data breaches over the last few years. There’s been example, after example, after example, after example, after example, after example of T-Mobile being pwned by hackers and customer data being exposed. The FCC has stepped in and slapped T-Mobile with a file for their inability to keep customer data safe:

The Federal Communications Commission today announced a groundbreaking data protection and cybersecurity settlement with T-Mobile to resolve the Enforcement Bureau’s investigations into significant data breaches that impacted millions of U.S. consumers. To settle the investigations, T-Mobile has agreed to important forward-looking commitments to address foundational security flaws, work to improve cyber hygiene, and adopt robust modern architectures, like zero trust and phishing-resistant multi- factor authentication. The Commission believes that implementation of these commitments, backed by a $15.75 million cybersecurity investment by the company as required by the settlement, will serve as a model for the mobile telecommunications industry. As part of the settlement, the company will also pay a $15.75 million civil penalty to the U.S. Treasury.

This is on top of this fine that T-Mobile got slapped with earlier this year. At this point it’s pretty clear that T-Mobile needs to get their act together. The question is will they? Given their previous track record, that’s an open question. And one that a lot of people will be watching to see how T-Mobile answers that question.

Leave a comment »

October Is Cybersecurity Awareness Month

Posted in Commentary on October 1, 2024 by itnerd

Cybersecurity should be top of mind every day of the year. But it’s highlighted in October to ensure that we all stay safe when online. Here’s some tips from the Canadian Government that you can use to ensure that you stay as safe as possible. Along with that, I have some commentary from industry experts on Cybersecurity Awareness Month.

From Mike Mestrovich’s (CISO) perspective, he believes organizations need to address cyber  resilience and data risk: 

It’s no longer a matter of ‘if’ cyberattacks will happen, but ‘when’.  According to the most recent Rubrik Zero Labs report, 94% of IT and security leaders reported their organization experienced a significant cyberattack in 2023.

Organizations need to adopt a cyber resilience mindset and they need to be developing and practicing their cyber resiliency playbooks to reduce data risk. One of the key components of this is to determine what constitutes critical data and workloads, where those exist and operate, and how those critical workloads and their associated data would be defended and restored in the event of a cyber event. Organizations also need to reduce the attack surface when it comes to critical data.  This involves understanding who has access to critical data and reducing that access to the minimum required. Additionally, organizations should implement a data retention schedule that periodically deletes data that is stale and has not been used or accessed.

From Amit Shaked’s viewpoint (GM & VP of DSPM Strategy, Growth and Monetization), he believes data security posture management should be a priority: 

As AI adoption grows, so does organizations’ appetite for the vast data from disparate sources needed to train AI models. This has also contributed to the rise of shadow data, with more businesses realizing they can’t protect against what they can’t see — leaving them as easy targets when cyberattacks happen.

Increasingly, organizations’ solution to this challenge is the adoption of data security posture management (DSPM): a holistic approach to assessing and managing an organization’s cybersecurity readiness and effectiveness in protecting its data assets. DSPM solves one of the most daunting aspects of data security: knowing where all data is within the organization, and how to secure it. This is a key step to ensure cyber resilience: keeping your data safe even during a cyberattack.

The last year has shown the secret is out: modern organizations must embrace DSPM as a key ingredient in their overall security strategy to reinforce cyber resilience.

Antonio Sanchez, principal cybersecurity evangelist at global cybersecurity software and solutions provider Fortra had this to say:


“In the world we live in we cannot expect others to protect our personal privacy so we must take steps to protect ourselves.

This year for Cyber Awareness Month I challenge everyone to do one new thing that helps protect their privacy and increase security of our digital interactions. 

Here are some ideas to consider: 

  • If you use the same password/passphrase for all your sites, then start using a password manager and create unique passwords.  Start with just a few sites to get used to using it and then gradually add other sites with new passwords. 
  • If you use a password manager, then increase the number of characters and character types when generating a password. 
  • If you have never used multi-factor authentication app then start using one.  Google Authenticator and Microsoft Authenticator are available for iOS and Android, they are free, and extremely popular so there are lots of resources and videos to help people get comfortable with using them. 
  • If you have never used a shredder then purchase one and get into the habit of shredding mail or other documents with sensitive information you want to discard by shredding them.  This includes those copies of tax returns that are over 7 years old, those checks that come in the mail from your bank which can be used for balance transfers, and monthly bills. 

There are lots of other examples.  Just stop and think about anything that contains personal data and a step you can take to protect it. 

And one other thing, make sure to freeze your credit reports with Experian, Equifax, and Transunion to prevent someone taking out a credit card or mortgage in your name.”

Jason Lohrey, Founder and CEO of data management company Arcitecta adds this:

Cybersecurity Threats & a New Focus on Recovery

National Cybersecurity Awareness Month is a reminder that as data environments reach hundreds of petabytes and hundreds of billions of files, protecting data will become an increasingly difficult and complex challenge. IT leaders are shifting their focus from backup to recovery as organizations need complete and immediate data recovery with no downtime or, at most, only milliseconds of downtime to prevent criminals from holding a business and its data hostage for days, weeks, or more. New approaches such as continuous data availability represent game-changing levels of protection that actively record every significant change in real-time for every file so a user can go back to any point in time to retrieve data – quickly and without the assistance of IT. Organizations will increasingly leverage continuous data availability technology to protect data from loss and cyber threats.  

Cybersecurity Threats & Data Resiliency

As data environments reach hundreds of petabytes and hundreds of billions of files, protecting data will become an increasingly difficult and complex challenge. Organizations need their data to be resilient and continuously available, with the ability to spring back seamlessly to reduce the risk of critical data loss and the impact of downtime, outages, data breaches, and natural disasters. Achieving data resilience at scale requires a radical new model and one that revolutionizes today’s broken backup paradigm. Traditional backup is independent of the file system, but a better approach is to merge the file system and backup as one entity. In this way, every change in the file system can be recorded as it happens, making it seamless to retrieve lost or deleted data, regardless of when it existed and across the entire time continuum.   

UPDATE: Sam McMahon, IT & Security Senior Manager, Valimail adds this:

“The end of the year is a great time to update and review cybersecurity posture. As we look towards 2025, it’s critical that all companies establish and add AI usage policies to their cybersecurity playbook.

Employees will (and should) seek ways to incorporate AI into daily tasks, but without the proper guidelines in place, this evolving technology can expose a business to unnecessary risk. A well-defined policy empowers employees to leverage AI for increased efficiency, while providing expectations for how and when this emerging technology should be used. This is especially important when it comes to leveraging AI for handling sensitive information.

It is equally important to look into the AI policies of current and potential third-party vendors to understand how your data flows through these systems or how it might be used to train AI future models. AI holds immense potential, but requires a risk-based approach like any technology or vendor a business relies on.”

UPDATE #2: James Cassata, cloud security architect at Myriad360 added this:

“As we head into Cybersecurity Awareness Month, organizations should maintain a strong focus on rising attack vectors when educating system users.

Social engineering continues to be a top human risk, according to SANS.   Although spear-phishing emails and text-based smishing messages are not new, voice-based vishing has become more prevalent.  This is largely due to the gaining use of AI, allowing adversaries to accelerate their efforts when attempting to deceive their targets. Generally speaking, a twenty-second audio sample clip of someone’s voice is all that is needed to clone their voice with Ai. 

The most important advice to give when educating users is to slow down and think, “Does this make sense?”.  Always validate the legitimacy of an uncommon request by reaching back out to that individual using another method of communication, with a face-to-face conversation being the preference.  Another indication of suspicious activity is the sense of urgency that adversaries tend to convey. To me, this is a dead giveaway. Investing in continuous employee training is critical to reinforce the importance of being cautious and vigilant and, most of all, slowing down.”

Leave a comment »

« Older Entries
Newer Entries »