As ransomware incidents continue to grow, Palo Alto Networks Unit 42 has discovered a new ransomware-as-a-service (RaaS) group. Unit 42 has released research on the group, Repellent Scorpius, and how they’re distributing Cicada3301 ransomware.
Highlights include:
Based on the timeline from a Unit 42 IR engagement, it’s estimated that the ransomware group began their operations in May 2024
Despite its recent inception, the group is quickly picking up pace by setting up an affiliate program and recruiting partners. This has increased its number of victims
Repellent Scorpius employs a double extortion scheme of encrypting systems. This entails stealing data and threatening to publish it if the victim doesn’t pay the ransom
You can find the full report here which provides more insights into the new attack group and attack strategy.
DomainTools recently published their latest blog exploring how threat actors are taking advantage of this growing retail sector and how their activity can be “clustered” to help organizations defend themselves. The various clusters include:
E-commerce Domain Fraud
Brand Impersonation for Financial Fraud
Success Sadly Has a Thousand Cousins
The retail sector faces not only the broader threats that businesses more generally face such as ransomware, phishing, and BEC, but threats that try to leverage brand loyalty.
Posted in Commentary with tags OWC on September 11, 2024 by itnerd
Spoiler alert: If you want a fast and high quality portable SSD that will fit a number of use cases, and will likely survive a zombie apocalypse, the OWC Envoy SSD is the one that you should get. You can stop reading the review now.
I’m just kidding. This is why I feel that way. Let’s start with the size of the drive:
I put this SSD next to a mouse so that you can get an idea of the size. It’s tiny. In fact, my wife saw this and said that she could carry a couple of these in her purse. It’s made of aircraft-grade aluminum which makes it not only rugged, but it dissipates heat as well. In fact, during my testing, it was warm to the touch versus other SSD’s of this type that can get very hot to the touch. It’s also very light. On my wife’s kitchen scale it was 45 grams.
The drive comes with a cable and OWC didn’t cheap out on it as you can see here. This cable which is about a foot in length, does 60W power delivery and up to 20 Gb/s in speed. I am pointing this out because this is one area where companies often cut corners. OWC not only didn’t do that, but they went overboard in terms of the cable that they provide. Thus that has to be noted as a big plus.
The drive is bus powered and is USB-C only with a light to right of the USB-C connector. That means that it has a theoretical maximum speed of 10Gb/s.
OWC quotes a speed of “over” 1000MB/s for this drive. As you know, I take any speed claims for any device with a grain of salt. But when I tested this drive, I was pleasantly surprised:
The read speed is pretty close to 1000MB/s, and the write speed is above that speed on my M1 Pro MacBook Pro. Thus I can see this drive doing better than the speeds I got. It also means that OWC wasn’t just throwing a number into the product’s web page to get your attention, and hoping that someone like me wouldn’t call them on it when those speeds didn’t measure up to reality.
Another interesting thing that I want to point out is this:
If you look at the top right corner of this picture, you’ll see a picture of the drive rather than some generic macOS icon. It’s a little thing, but a nice thing.
I’ll also note that the drive comes with a piece of software called Drive Guide which will help you to format it for anything from APFS for use with modern Macs, to exFAT for cross platform compatibility, to HFS+ for older Macs. What’s nice about this is that it saves novice users from having to figure out how to use Disk Utility on Mac to format the drive. OWC also has an app called Copy That Mobile to copy photos and videos from your iPhone or iPad to the drive. I am pointing that out because using this drive with a phone that has USB-C like the iPhone 15 series is a use case that I can see this drive being used in.
The OWC Envoy comes in 1 and 2 terabyte sizes. I have been using the 1 terabyte model and that’s $129 USD. The 2 terabyte model is $249 USD. And I have been impressed enough by this drive that it is going into my Tech Sling as part of the toolkit that I bring to customer sites. It’s small, fast, rugged and decently priced. Simply put, it checks all the boxes for me. And I believe it will check all the boxes for you as well.
Posted in Commentary with tags Apple on September 10, 2024 by itnerd
Something that I noticed yesterday is that Apple Maps transit support has quietly been improved. It now has the ability to see transit options like buses in real time relative to your location. This was rolled out in Tokyo a month ago, but it now seems to be live in the Greater Toronto Area.
Let me demonstrate.
Let’s say that I want to go from my current location which is a client’s office in Mississauga Ontario to the nearest Home Depot. I enter that into Maps and here’s what I get:
You’ll note what looks like a WiFi icon next to the words “Bus departs at 1:51 PM.” That indicates that it is getting live updates about the location of the bus from the relevant transit operator. In this case, MiWay which also known as Mississauga Transit. If I click on that I get this:
If you look at the third item from the top where it tells me to board the MiWay 39 bus, it has the same icon with the word “More” next to it. Clicking more takes me here:
According to this the bus is “on time”. But there’s one more party trick that I noticed:
If you see the blue bus icon that has the text “50s ago”, that’s a semi live look at where the bus is as I watched it move on the Map. That way, you know roughly where the bus is so that you can ensure that you are at the right stop when it arrives. Alternately you can also see if the bus is running late for whatever reason, which would allow you to make alternate arrangements. That’s pretty cool. I’ve only tested this with MiWay and TTC (Toronto Transit Commission), but it is possible that this also works with other Greater Toronto Area transit operators. If you try this, feel free to drop a comment below and share what you’ve discovered.
The only bad news in this is that apps like Citymapper and Transit may have had their careers ended by this move. But that would depend on how good this addition to Apple Maps really is. Time will tell on that front.
Posted in Commentary on September 10, 2024 by itnerd
Today, Nikon Canada Inc. announced the NIKKOR Z 50mm f/1.4, a lightweight prime lens with a wide and bright f/1.4 aperture. This affordable lens is compact enough to take anywhere, while offering a versatile and classic focal length that’s ideal for portraits, landscapes, street snaps, travel, still life and more.
The large f/1.4 aperture of this lens affords users the ability to create images and video with three-dimensional emphasis and naturally soft backgrounds that draw the viewers’ attention to a subject.
The NIKKOR Z 50mm f/1.4 lens features a compact, comfortable and lightweight design, measuring approximately 2.9 in x 3.4 in (74.5 × 86.5 mm) and weighing only 14.8 oz (420 g). The lens is engineered with a premium feel and superb handling, featuring a dedicated focus ring and customizable control ring.
Additional Features of the NIKKOR Z 50mm f/1.4:
Close minimum focus distance lets users get as near as 14.5 in (0.37 m) from the subject, which is great for flowers, still life and food photography.
Nine-blade diaphragm helps to create a natural, circular bokeh for a pleasing out of focus area.
Focus breathing is effectively suppressed to minimize the shift of the angle of view when adjusting the focus.
Near Silent operation for video production, with a click-less control ring and near silent lens drive thanks to the use of STM motors.
Weather Sealed and designed with careful consideration for dust- and drip-resistant performance.
Price and Availability The new NIKKOR Z 50mm f/1.4 will be available in late September 2024 for a manufacturer’s suggested retail price (MSRP) of $679.95. For more information about the latest Nikon products, including the extensive lineup of NIKKOR Z lenses and the entire range of Z series cameras, please visit Nikon.ca.
For leaders, the pressure is on to demonstrate the ROI of their generative AI investments. As one of the few enterprise software companies with real GenAI products already delivering tangible value for customers, ServiceNow is winning.
Today, ServiceNow launched its Now Platform Xanadu release, representing the company’s most comprehensive AI release to-date, to further help move AI from potential to reality.
The new innovations included in the Xanadu release are designed to help businesses harness the full potential of GenAI and streamline work, top-to-bottom. At a high level, today’s announcements include:
New plans to integrate Agentic AI into the Now platform to power 24/7 productivity at massive scale.
Expanded Now Assist capabilities, hundreds of additional AI updates, and the general availability of our Copilot for Microsoft 365 integration, boosting employee collaboration and productivity.
Innovations for developers, IT teams, and employees create a connected, agile work environment, helping organizations scale and drive operational efficiency.
Purpose-builtindustry solutions powered by GenAI help organizations solve distinct business challenges, redefining services and experiences.
Alongside Xanadu, ServiceNow also announced new Data Enhancements on the Now Platform, including a next generation data layer to unlock value with ultra-scale and performance.
Posted in Commentary with tags Nuspire on September 10, 2024 by itnerd
Nuspire has just begun rolling out a new suite of capabilities under the banner of the Nuspire Cybersecurity Experience. Chief among them is their new AI “assistant” – Nutron, which is capable of detecting the different threats and vulnerabilities in an organizations network and providing step-by-step instructions for remediation and prioritizes the organization for addressing them.
There’s a blog post on this news here. With specific information on Nutron here.
Horizon3.ai, a global leader in autonomous security solutions, today unveiled NodeZero Tripwires, an addition to its product suite that integrates attack detection directly into the penetration testing process. This first-of-its-kind solution combines deception and detection technologies within NodeZero autonomous pentests to identify unauthorized access and malicious activities in real time. By providing a precision-placed early warning system on exploitable attack paths during a pentest, NodeZero Tripwires significantly enhances organizational security posture and effectively disrupts potential attackers.
Introducing a New Era in Cybersecurity
In a world where network breaches, ransom demands, and data exfiltration are becoming increasingly common, traditional security measures are proving inadequate against today’s attackers. Existing cyber deception tools often rely on vast rule libraries and scripts, randomly scatter decoys like honeytokens across the network, and frequently produce false positives that burden security teams with unnecessary alerts.
NodeZero Tripwires represents a radical departure from these outdated methods by autonomously deploying the solution as part of the penetration testing process. During a pentest, NodeZero strategically places decoys—such as fake files and credentials—based on the exploitable attack paths it discovers. If a malicious actor interacts with a tripwire, an immediate alert is sent from NodeZero to security teams, enabling rapid response and containment of the threat.
This approach is akin to identifying areas in your home that are likely paths an intruder would take, then placing motion detectors in those deemed high-risk. This ensures that if a real intruder attempts a break-in, you’ll be immediately notified.
Addressing Critical Gaps in Vulnerability Management
A major challenge in vulnerability management is protecting assets when immediate patching or vulnerability remediation isn’t possible. Studies indicate that the average Mean Time to Remediate (MTTR) of critical vulnerabilities is approximately 58 days, leaving organizations vulnerable for extended periods. During these exposed periods, NodeZero Tripwires acts as an essential safeguard, providing early warnings for assets with a high probability of being exploited.
Once NodeZero identifies an exploitable attack path, the countdown begins for the customer to remediate the discovered issues and confirm they are no longer exploitable. During this remediation period, which may last weeks or longer, NodeZero Tripwires can be deployed to offer additional indicators and early warnings when an attacker uncovers a vulnerability and attempts to exploit it. This capability is essential in light of current trends in vulnerability management and remediation.
Revolutionizing Cyber Defense for Today’s Challenges
As cyberattacks become increasingly sophisticated, security teams need to detect and respond to threats with greater speed and precision. NodeZero Tripwires offers reliable insights and alerts so security teams can quickly investigate and contain an attack. With seamless integration into existing SIEMs and other security tools, NodeZero Tripwires allows organizations to effortlessly incorporate this intelligence into their incident response workflows.
Posted in Commentary with tags Clicks on September 10, 2024 by itnerd
Clicks Technology today introduced the redesigned Clicks Keyboard for iPhone 16, further extending the capabilities of iPhone. Beyond typing, Clicks can be used to launch shortcuts at the push of a button like controlling smart home accessories, launching apps, and toggling device settings. The all new Clicks introduces a refined keyboard with ergonomically designed keys that offer an elevated typing experience. Clicks gives back up to 50% more usable screen so users can work, play, and engage with content better than ever before.
Order Clicks for iPhone 16 starting October 7. Deliveries will begin by early November.
Not just for button lovers; Clicks gives a new generation a way to take action
By using Clicks together with shortcuts created through the Shortcuts app, each key can be configured to take an action. Pressing the Clicks Key along with another button on the keyboard allows users to take simple actions like opening an app or calling a contact, or trigger advanced app commands like controlling house lights or identifying a song. Clicks also enables navigation within and between apps with fewer swipes and taps by using powerful iOS keyboard shortcuts.
The most advanced mobile keyboard accessory yet
Combining the latest Clicks Keyboard with iPhone 16 unlocks new possibilities for users to take control of their words, actions, and content.
Ergonomically designed keyboard. Clicks for iPhone 16 delivers the most premium mobile typing experience yet. The keys have been completely redesigned making them larger, now with an all new contoured shape that improves ergonomic spacing, optimised key pressure, and a refined layout that brings more of the most common characters and symbols to the keyboard.
Immersive content. Today’s virtual keyboards occupy almost half the screen and obscure content. By moving the keyboard off the display, Clicks nearly doubles the usable iPhone display for work, play, and beyond.
MagSafe built in. Clicks for iPhone 16 adds MagSafe compatibility for use with wireless charging and other popular accessories.
USB-C data mode. Clicks now works with USB-C accessories that require data (like CarPlay or a computer). Activate USB-C data mode through a keyboard shortcut or in the Clicks Keyboard app.
New premium materials and finishes. Clicks for iPhone 16 introduces new details like brushed metal side keys, a microfiber interior, and a new enclosure that feels great while adding protection inside and out.
Clicks Keyboard app. The Clicks Keyboard App, available free in Apple App Store, offers the ability to customise and personalise Clicks Keyboard settings like backlight, key function, and typing preferences. New features will continue to come to the Clicks Keyboard through firmware updates available through the app.
From online sales to 500 in-store locations, Clicks global rollout continues.
Clicks for iPhone 16 builds on the momentum Clicks Technology has seen since debuting earlier this year. After launching in January 2024 with support for iPhone 14 Pro, iPhone 15 Pro, and iPhone 15 Pro Max, and expanding to iPhone 15 and iPhone 15 Plus, Clicks now has customers in over 100 countries globally.
Beginning in early September 2024, Clicks will be available in-store at select Best Buy locations across the United States. Clicks is also available on BestBuy.com in the US and BestBuy.ca in Canada.
In the UK, Clicks can be found at Smartech in Selfridges, one of the most prestigious department stores in the United Kingdom.
Through a partnership with Swap Asia, Clicks is available at retailers throughout Malaysia, Indonesia, Taiwan, and Singapore, including iStudio, a leading Apple Preferred Retailer.
Pricing and Availability
Clicks for iPhone 16 Pro and iPhone 16 Pro Max, will be available to order beginning October 7 from $139 (USD) / £109 GBP/ €129 EUR / $179 CAD at Clicks.tech with deliveries to begin by early November.
Clicks for iPhone 16 and iPhone 16 Plus models will be available later this year.
Clicks for iPhone 16 is available in three colours: Surf, Spice, and Onyx.
Posted in Commentary with tags Hacked on September 10, 2024 by itnerd
Friday, the Centers for Medicare & Medicaid Services (CMS) and the Wisconsin Physicians Service Insurance Corporation (WPS) said sensitive information belonging to 946,801 Wisconsin residents was breached during last year’s MOVEit cybercriminal campaign.
“Acting on new information,” in May 2024 WPS conducted another investigation with an unnamed cybersecurity company, and they confirmed that before WPS had applied the patch hackers copied files from their system between May 27 and May 31, 2023.
Evan Dornbush, former NSA cybersecurity expert had this to say:
“The MOVEit breach underscores a stark reality – zero-day vulnerabilities remain a formidable threat even for organizations with robust patch management practices. While timely patching is essential, sole reliance on it can be perilous. Organizations must adopt a defense-in-depth strategy, including advanced network threat detection capabilities, to mitigate risks posed by elusive zero-day vulnerabilities.
“The rapid exploitation of zero-days such as MOVEit highlights urgent need for coordinated efforts to disrupt the underground market for such exploits. Organizations should consider investing in threat intelligence services to stay informed about emerging threats and proactively adjust their security posture accordingly.”
And I thought that the whole MOVEit thing was over as I assumed that companies and organizations had either moved off the MOVEit platform or have patched all the things. Cleary it isn’t the case. Thus I would not be surprised if there’s more stories like this to come.
New Unit 42 Repellent Scorpius/Cicada3301 Research Report Is Live
Posted in Commentary with tags Palo Alto on September 11, 2024 by itnerdAs ransomware incidents continue to grow, Palo Alto Networks Unit 42 has discovered a new ransomware-as-a-service (RaaS) group. Unit 42 has released research on the group, Repellent Scorpius, and how they’re distributing Cicada3301 ransomware.
Highlights include:
You can find the full report here which provides more insights into the new attack group and attack strategy.
Leave a comment »