BlueCat enters agreement to acquire LiveAction

Posted in Commentary with tags on October 3, 2024 by itnerd

BlueCat Networks, a leading provider of mission-critical network infrastructure management, automation, and security solutions, today announced that it has entered into a definitive agreement to acquire LiveAction, Inc., a global provider of network observability and intelligence solutions, from software investor Insight Partners. Insight Partners remains a minority investor and continues to support the combined company’s growth. Moelis & Company acted as financial advisors to LiveAction.

LiveAction provides a leading network observability and intelligence solution that is purpose-built for complex enterprises, leveraging advanced data collection at scale to provide full visibility through a single pane of glass across the entire network.  The LiveAction solution is differentiated by its integrated flow and deep packet analysis, dynamic visualizations, precise troubleshooting, root cause analysis, rapid security forensics, and a superior set of integrations that enable both network and security teams to leverage network data across the observability stack.   Ultimately, LiveAction enables large organizations to get ahead of network performance and security issues before they impact applications, customers and business services.

BlueCat’s industry-leading DNS, DHCP and IPAM (“DDI”) solutions are the source of truth for what is on the network while automating and securing the provisioning, orchestration and configuration of foundational network services. Live Action’s fine-grain packet and flow telemetry become the ultimate source of truth for what is happening on the network–further empowering network and security teams alike. 

LiveAction was recognized as a Mature Platform offering, Strong Challenger and Outperformer in the 2024 GigaOm Radar Report for Network Observability, which evaluates key vendors in the category. The report discusses LiveAction’s observability strategy in leveraging the network as a vantage point for conducting application and traffic analysis to extract intelligence for network and security teams.  The analyst also highlighted LiveAction’s commitment to innovation, citing machine learning and advanced analytics for automated root cause analysis as well as application usage and performance baselining that enables automatic anomaly detection and alerts.  

The transaction is expected to close in October, financial terms were not disclosed.  

Leave a comment »

Researchers Tested The Google Pixel 9 And Thy Raise Concerns About User Privacy And Security

Posted in Commentary with tags on October 3, 2024 by itnerd

Cybernews researchers analyzed the new Pixel 9 Pro XL smartphone’s web traffic, focusing on what a new smartphone sends to Google. The results show that Google’s latest flagship smartphone raises concerns about user privacy and security. It frequently transmits private user data to the tech giant before any app is installed. Moreover, the research team has discovered that it potentially has remote management capabilities without user awareness or approval.

“Every 15 minutes, Google Pixel 9 Pro XL sends a data packet to Google. The device shares location, email address, phone number, network status, and other telemetry. Even more concerning, the phone periodically attempts to download and run new code, potentially opening up security risks,” said Aras Nazarovas, a security researcher at Cybernews.

Cybernews has contacted Google about these findings. However, researchers did not obtain a response before publishing this research.

Key research takeaways:

  • Private information was repeatedly sent in the background, including the user’s email address, phone number, location, app list, and other telemetry and statistics to various Google endpoints, including Device Management, Policy Enforcement, and Face Grouping. 
  • Every 15 minutes, the device sends a regular authentication request to an endpoint called ‘auth.’
  • The phone also requests a ‘check-in’ endpoint around every 40 minutes.
  • The phone constantly requests new “experiments and configurations,” tries accessing the staging environment, and connects to device management and policy enforcement endpoints, suggesting Google’s remote control capabilities.
  • The Pixel device connected to services that were not used, nor explicit consent was given, such as Face Grouping endpoints, causing privacy and ownership concerns.
  • Another Google feature, Voice Search, was connecting to its servers sporadically – sometimes every few minutes, sometimes it wouldn’t communicate for hours. It sent potentially excessive and sensitive data, including the number of times the device was restarted, the time elapsed since powering on, and a list of apps installed on the device, including the sideloaded ones.
  • Moreover, the Pixel device periodically calls out to a Staging environment service (‘enterprise-staging.sandbox’) and attempts to download assets that do not yet exist. 
  • This reveals the capability of remotely installing new software packages.
  • The calculator app, in some conditions, leaks calculations history to unauthenticated users with physical access.

Research methodology

Researchers used a “man-in-the-middle” approach to intercept the traffic between a new Pixel 9 Pro XL and Google’s servers. 

On a brand-new phone with a new Google account and default settings, they installed the Magisk app to gain deep (root) access to the phone’s system. Researchers then proxied the inbound and outbound traffic and used a custom security certificate to decrypt and examine the communications.

Rooting the phone disables AI features such as Google Gemini Assistant, Pixel Studio, and potentially some other features. Therefore, this method did not allow for the capture of complete traffic.

The collected traffic was not modified at any point, and researchers did not manually interact with endpoints nor attempt to verify captured secrets.

To read the full research, please click here. 

Leave a comment »

This Situation Involving A Refund #Scam Could Have Been MUCH Worse For This Client

Posted in Commentary with tags on October 3, 2024 by itnerd

Just last week a friend of mine who reads this blog said “you haven’t had to rescue a client from a scam lately”.

Little did I know that he’d just jinxed my existence.

Yesterday afternoon I got a panic call from a client while I was driving from a data recovery facility on behalf of another client. (That’s a story for another day) The client in a panicked voice described getting an email saying that she had been charged hundreds of dollars for buying Bitcoin using PayPal. She phoned the number and that’s where things went rapidly downhill. I diverted myself from Markham Ontario to downtown Toronto to deal with this. And I’ll give you a bit of a spoiler, she was lucky.

When I arrived, I looked at her Mac and I tried to reverse engineer what happened. Here’s what I found.

She got an email from a random gmail.com account claiming that she had bought Bitcoin using PayPal. There was nothing on the email identifying her other than an email address. That along with the random gmail.com email address should have been the hint that this was a scam. But she didn’t check those details because of how professional the email looked.

Top tip: No matter how professional an email like this looks, if you know that you didn’t buy something from a vendor, and there’s nothing identifying you as being the purchaser, it’s likely a scam and you should just delete the email. In this case, this is called the refund scam. You’ll see why it’s called that in a moment.

She then called the number and the scammer at the other of the line then started to weave a story about her PayPal account being hacked and how they needed to connect to her computer to “secure it” as well as to “generate a cancellation form” to refund her money. That’s where the refund part of the refund scam comes from. The scammers have zero intention of refunding anything and are instead focused on stealing everything they can.

They then connected to her Mac using Team Viewer and then blanked out the screen to cover up their attempt to install ConnectWise Control on her Mac. But for reasons that I cannot discern, they failed at doing that. I’m guessing that it was because she never provided the scammers her computer’s password as I asked her about whether she gave them her password several times. But if they had succeeded, it would have given the scammers the ability to control the Mac and watch what was going on at will and without her knowledge.

In any case, she was told to log into her PayPal account. And she did. However she hadn’t used it in years and it not only had no funds in it, but wasn’t linked to a credit card or bank account.

Fun Fact: The client asked me to help her to cancel the PayPal account because of this incident and because she didn’t use it.

That’s when the scammers pivoted to trying to get her to log into her bank account. Her husband was nearby and got suspicious. When he started to try and intervene, the scammer then started to weave a story to get her husband to leave the room and take his devices (laptop, phone, etc) as they would get taken over by the hackers. Now this illustrates how scammers can use psychological techniques to advance their goals of stealing your money. Which in turn illustrates how dangerous they can be. Because what the scammers were trying to do is to keep them apart so that he couldn’t put an end to the scam. But that didn’t work and when he mentioned that he was going to call me and the scammer heard that, the scammer flipped out on her claiming that “computer guys know nothing and are out to steal your money.” That’s when my client clued in that this was a scam and hung up the phone.

By the time I had arrived, the client had frozen their credit cards and bank accounts. That’s a good idea in a situation like this as you don’t know what info the scammer might have stolen from you. They were also able to validate with their bank that no money was taken and no charges were on their credit card. In terms of their Mac, Team Viewer was installed on it and I removed it. I also found the installer for Connect Wise Control and nuked that too. I spent a fair amount of time looking at the Mac and found no evidence that the scammers had set anything else up. So I felt confident that the Mac was safe to use. As part of this, I was able to discover the ConnectWise instance that the scammers were using. So I reported that to ConnectWise in order to have them kill it. On top of that, I turned over the other information to the scam bait community so that they can extract some “vigilante” justice as I know that this is the only type of justice that these scammers will get.

At this point it appears that no money was stolen from the client, and her Mac is clear of anything “evil”. So other than a bit of wounded pride, the client survived this incident. But it highlights the need for people to stay vigilant. Trust any phone call that is unsolicited, or any email that seems weird to be a threat and do not engage with it. That’s the best way to stay safe. Especially during these times where scams seem to be out of control.

Leave a comment »

Legit Security Adds New, Adaptive ‘Legit Posture Score’ 

Posted in Commentary with tags on October 3, 2024 by itnerd

Legit Security, the definitive application security posture management (ASPM) leader providing end-to-end visibility and protection across the entire software factory, today launched its new “Legit Posture Score,” delivering a dynamic, comprehensive, and fully transparent ASPM rating system. Now security teams can proactively measure and manage their AppSec posture instantly with a holistic score that eliminates security scanning siloes and continuously assesses all associated risks, policies, and controls across today’s sprawling software development lifecycle (SDLC).

Security leaders today struggle simply to see, let alone act or improve on, their application security postures. They’re left with piles of security findings and unpatched vulnerabilities from disconnected application security testing (AST) tools, and no efficient way to prioritize or act on the issues that get surfaced. According to a 2024 ESG Research survey, 42% of security professionals believe that measuring and improving AppSec program efficacy is their toughest challenge today. And with increasingly complex and distributed software factories, mounting supply chain regulations, and agile development teams who continue to prioritize code builds over security checks — the prospect of manually tracking an organization’s application security posture gets less feasible by the day.

Now with the new Legit Posture Score, no longer are AppSec teams stuck piecing together slices of visibility from disparate security scanners and veiled, proprietary scores. The Legit Posture Score sets a new, universal, and fully transparent application security scoring standard for security teams to measure, operationalize, and accelerate AppSec maturity throughout the SDLC. It accounts for thousands of ASPM factors, consolidating broad CI/CD pipeline context from code to cloud, including asset criticality, security scanning findings, vulnerability severity, and more, all while dynamically mapping the mitigating controls and requirements from best-practice industry standards and regulatory frameworks into one holistic ASPM score. 

The new Legit Posture Score empowers AppSec teams to rapidly, with the glance of an eye, identify posture gaps and trends, benchmark performance, and drive continuous improvement throughout their software development environments. With a holistic posture score accounting for a wide spectrum of cybersecurity, regulatory, and operational risks, AppSec teams now intuitively—and automatically—view, prioritize, and remediate the issues most impactful to the business, first.

Key features of the new Legit Posture Score:

  • Real-time AppSec posture assessment from code to cloud: The new Legit Posture Score evaluates every aspect of an organization’s application security posture, from the development pipeline to the repository level. This top-down approach allows for detailed understanding of AppSec risks to answer the same critical question asked at every level of the organization: Is my software being developed securely?
  • Transparent, explainable framework — no veiled or proprietary scoring: The scoring methodology for the Legit Posture Score is completely transparent. With detailed documentation and full visibility into how every variable and calculation is made,  AppSec teams now set priorities and take action in confidence with a score they believe in and can make it their own.
  • Dynamic, customizable model: Security teams can easily adjust the scoring model according to their specific security goals. They can associate new and existing controls to the intricate requirements of any number of industry standards and regulatory frameworks (e.g., FedRAMP, SOC 2 Type II, etc.), ensuring that the Legit Posture Score always remains in tight alignment with their strategic security goals and obligations.
  • Intuitive, actionable insights: The Legit Posture Score is designed for all developers and security pros to quickly and intuitively glean insights, triage issues, and prioritize fixes with surgical precision throughout their SDLC. With modern dashboards and intuitive, drill-down navigation, AppSec leaders can seamlessly benchmark and compare posture performance by any number of predefined applications, asset groups, pipelines, or organizational segments.
  • Broad inclusion of cross-industry best practices and standards: The Legit Posture Score incorporates application security best practices and requirements from the most important regulations and industry frameworks on the market today (including NIST SSDF, SLSA, OSSF S2C2F, ISO 27001, and more), setting a new vision for what a secure, efficient software factory looks like today.

This new feature further enhances the Legit ASPM platform, providing security and development teams with the ability to measure, compare, and improve their application security posture over time, ensuring their software factories and applications in development are being built with the highest security standards in mind.

To learn more about Legit Security and its market-leading ASPM platform, please visit www.legitsecurity.com.

Leave a comment »

Quorum Cyber Teams With Microsoft’s Democracy Forward Group To Reveal New 2024 U.S. Presidential Election Cybersecurity Threats

Posted in Commentary with tags on October 3, 2024 by itnerd

Quorum Cyber – with offices in Edinburgh, UK, Ontario, Canada, and Goodyear, Arizona – today announced its webinar addressing the escalating cyber threats surrounding the November U.S. presidential election. Experts from Microsoft’s Democracy Forward team and Quorum Cyber’s Incident Response and Threat Intelligence teams will discuss current cybercriminal and nation-state actor attempts to undermine democratic processes and the integrity of elections. The live event will be held on Wednesday, October 9th at 3:30 – 4:30 PM BST / 10:30 – 11:30 AM ET.  The insights shared are essential for anyone concerned with securing the future of democratic elections. Attendees may register online at https://bit.ly/47HpZDV or visit www.quorumcyber.com/events/.

Cyber threats to the U.S. presidential election and the electoral system pose significant risks, potentially undermining public trust and influencing outcomes. But how can democracy be defended against increasingly sophisticated cybercriminals and more frequent cyberattacks?

The panel of cybersecurity experts will discuss the evolving nature of cyber threats in the context of U.S. elections, recent incidents, case studies highlighting cyber threats, and strategies for worldwide election security. In addition, attendees will:

  • Learn from experts about effective measures to protect the electoral process.
  • Engage in meaningful discussions with cybersecurity professionals monitoring U.S. election threats.
  • Stay informed about the latest trends and developments in election security.

Leave a comment »

Sage appoints Cinzia Bazzo as Managing Director for Canada

Posted in Commentary with tags on October 2, 2024 by itnerd

Sage, the leader in accounting, financial, HR, and payroll technology for small and mid-sized businesses (SMBs), today announces Cinzia Bazzo as its Managing Director for Canada. This strategic hire underlines Sage’s commitment to its growing Canadian market, which is a cornerstone of the company’s North American success.

In her new role, Bazzo will oversee Sage’s Canadian business, a critical region for growth. She will focus on accelerating sales and revenue by attracting new customers and strengthening relationships with existing ones. Bazzo will also play a key role in enhancing the customer experience, advancing Sage’s position as the most trusted and thriving network for SMBs. Additionally, she will manage the region’s performance, making strategic decisions to capitalize on strong results, address challenges, and provide leadership to over 250 employees across Canada. She will lead the implementation of global and local colleague programs, including engagement, performance management, DEI, and talent development, while fostering Sage’s culture and values.

Bazzo brings a wealth of experience to Sage, with an impressive track record of driving sales growth and delivering exceptional customer experiences. In her most recent role as Country Leader for Workday in Canada, she led her team to achieve record-breaking sales. Prior to that, she held various leadership positions at Oracle, Salesforce and SAP. Bazzo is also an active member of the Business Council of Canada, a network of enterprise executives focused on strengthening the country’s economic fabric by supporting small business and entrepreneurs in communities of all sizes.

Bazzo is based in Toronto and will play a key role on Sage’s North America Leadership Team, reporting into Mark Hickman, Managing Director of North America as Sage.

Leave a comment »

TikTok Launches STEM feed in Canada

Posted in Commentary with tags on October 2, 2024 by itnerd

TikTok is home to a community of curious minds. From discovering new stories on #BookTok to exploring new cultures and finding new life hacks,#LearnonTikTok encourages our community to continue their journey of joyful discovery. Millions of Canadians come to TikTok each month to express themselves authentically, be entertained and learn new things.

Today, TikTok is thrilled to announce the launch of TikTok’s dedicated STEM feed in Canada. This feed offers a viewing experience exclusive to STEM – science, technology, engineering and mathematics – and comes to Canada to empower continued discovery on TikTok and connect a dynamic community of individuals over their shared passion for learning. Canadian users will be able to click into the STEM feed, which will be turned on by default for all Canadian users, to open up a dedicated world of knowledge and education.

The STEM feed will feature Canadian creators and organizations that share enriching educational content, such as @AsapSCIENCE@cheggbiology,@drrachelbarr@justin_agustin@nileredextra@onlinekyne@ROMtoronto@science.bae@sciencenorth and @wildkrattstv. These creators and many more, are creating a range of content that bridges the world of entertaining, engaging creativity and educational content with their unique styles.

To help ensure high-quality STEM content for our community, TikTok continues to partner with Common Sense Networks and Poynter. Common Sense reviews all content and ensures it’s appropriate for the STEM feed. And Poynter continues to partner to assess the reliability of information presented. If content does not pass both checkpoints, it will not be eligible for the STEM feed.

Leave a comment »

Foxit Announces PDF Editor and Editor Pro with AI Assistant, Now Natively Supported on PCs powered by Snapdragon

Posted in Commentary with tags on October 2, 2024 by itnerd

Foxit today announced that its Foxit PDF Editor and Editor Pro with AI Assistant are now natively supported on PCs powered by Snapdragon® processors. This integration will provide commercial and consumer PC customers with greatly enhanced performance and capabilities – such as those customers working with PDF files on Dell Technologies’ latest devices powered by Snapdragon.

Native Snapdragon support refers to software that is developed and optimized to run directly on Snapdragon processors, without the need for emulation or translation layers. This allows the software to take full advantage of Snapdragon’s capabilities – resulting in improved performance, compatibility, and battery life, as well as decreased complexity and maintenance demands – compared to running the software in an emulated environment.

Foxit solutions revolutionize PDF document management by leveraging AI innovation and the power of ChatGPT to enhance productivity and the user experience. Foxit has developed its software to natively support the Snapdragon processors used in PCs, such as those offered by Dell Technologies. This means the Foxit PDF solutions can run directly on the Snapdragon hardware – without the performance overhead of emulation. Moreover, users will benefit from intelligent automation, natural language processing, and advanced document management tools to streamline workflows, increase productivity, and unlock the full potential of their PDF documents.

Foxit’s industry-leading solutions empower PC users to create, edit, collaborate and secure PDF documents with ease. By combining the advanced capabilities of Foxit’s PDF Editor with the AI-driven natural language processing of ChatGPT, PCs powered by Snapdragon allow users to interact with PDFs more intuitively and efficiently. The integration of ChatGPT provides intelligent automation and enhances the user experience by enabling intelligent interactions for tasks such as redaction, document annotation, and form filling.

Foxit has sold to over 485,000 customers, ranging from SMBs to global enterprises, located in more than 200 countries. The company has offices all over the world, including locations in the U.S., Europe, Australia, and Asia. For more information, please visit https://foxit.com.

Leave a comment »

Sonos Is In Deep Trouble With No End To Their Problems In Sight

Posted in Commentary with tags on October 2, 2024 by itnerd

Since spring of this year, audio gear manufacturer Sonos has been a train wreck next to a dumpster fire. The company put out a new app that was rewritten from the ground up. But it was also a buggy mess with features that users loved removed. That in turn led to customers being very vocal about how bad the app was. The company downplayed all of this but was eventually forced to admit that things were broken and they needed to address these issues.

Fast forward to the present day and the company has put up a blog post along with a YouTube video saying that they are going to focus on seven items to win back the trust of the customers they angered:

  • Unwavering Focus on Customer Experience
  • Increasing the Stringency of Pre-Launch Testing
  • Approaching Change with Humility
  • Appointing a Quality Ombudsperson
  • Extending Our Home Speaker Warranties
  • Relentless App Improvement
  • Establishing a Customer Advisory Board

All that sounds nice. But it’s the YouTube video that really shows what Sonos customers think. Here’s the YouTube video below featuring Sonos CEO Patrick Spence:

This video isn’t going over well with Sonos customers based on the comments:

I could go on but you get the point. It’s pretty clear that Sonos customers don’t trust the company or Patrick Spence to get things back on track. Which also means that these people won’t be spending money on their gear and look elsewhere for their audio needs. That’s not surprising because Sonos used to be extremely good audio gear that “just worked.” Now it’s not anything near that. And when people ask me for my recommendation on home audio gear, Sonos isn’t on the list. The reason being that I won’t stake my reputation to a product that is subpar. Which Sonos is absolutely subpar at the moment. And that’s their challenge. They have to fix the reputational damage that they inflicted upon themselves, and I don’t at this point see a clear path to them doing that. And they don’t have a lot of time to do it as their competition such as Bluesound, Audio Pro, and even Apple with the HomePod lineup are going to be sensing an opportunity to take out Sonos. If they haven’t already.

Sucks to be you Sonos.

1 Comment »

T-Mobile Pays The Price For Their Numerous Data Breaches…. Again

Posted in Commentary with tags on October 1, 2024 by itnerd

T-Mobile has had numerous data breaches over the last few years. There’s been example, after example, after example, after example, after example, after example of T-Mobile being pwned by hackers and customer data being exposed. The FCC has stepped in and slapped T-Mobile with a file for their inability to keep customer data safe:

The Federal Communications Commission today announced a groundbreaking data protection and cybersecurity settlement with T-Mobile to resolve the Enforcement Bureau’s investigations into significant data breaches that impacted millions of U.S. consumers. To settle the investigations, T-Mobile has agreed to important forward-looking commitments to address foundational security flaws, work to improve cyber hygiene, and adopt robust modern architectures, like zero trust and phishing-resistant multi- factor authentication. The Commission believes that implementation of these commitments, backed by a $15.75 million cybersecurity investment by the company as required by the settlement, will serve as a model for the mobile telecommunications industry. As part of the settlement, the company will also pay a $15.75 million civil penalty to the U.S. Treasury.

This is on top of this fine that T-Mobile got slapped with earlier this year. At this point it’s pretty clear that T-Mobile needs to get their act together. The question is will they? Given their previous track record, that’s an open question. And one that a lot of people will be watching to see how T-Mobile answers that question.

Leave a comment »

« Older Entries
Newer Entries »