Spigen And dBrand Have A Beef On Twitter… And I’m Here For It

Posted in Commentary with tags , on June 18, 2024 by itnerd

First, for those of you who don’t know what the term “beef” means, here’s a quote from Urban Dictionary:

to have a grudge or start one with another person.

In this case, for reasons that I do not understand, phone accessory company Spigen decided to start a beef with dBrand:

This is a reference to that situation where dBrand made a racist remark on Twitter and got called out for it. The thing is, that happened in April. Why is Spigen bringing this up now? That literally makes no sense because that incident is over and done with. Maybe Spigen is trying score some cheap points at dBrand’s expense? I don’t know.

dBrand for their part returned fire:

But they didn’t stop there:

I checked and that is Spigen’s share value in Korea. Which doesn’t exactly look healthy as it seems to be on a decline from its high of roughly 39,000 WON a few years ago. For the record, 29,850 WON which is their current share price is about $29 CAD.

The net result is that Spigen has started something that I bet it wished it didn’t. And I suspect that dBrand is going to finish them. I really don’t have a favourite in this fight. But I think it’s safe to say that the entertainment value from this will be significant the longer this goes one.

Get the popcorn ready.

Leave a comment »

Ondorse Announces Further Growth And UK&I Customer Wins

Posted in Commentary with tags on June 18, 2024 by itnerd

Ondorse, a leading provider of a KYB (Know Your Business) solution, today announced it has secured three new clients in the past two months as part of its ongoing expansion into the UK&I market. Ondorse provides an innovative, all-in-one platform that automates and accelerates burdensome compliance processes, enabling businesses to verify customers more efficiently and reduce the operational costs of compliance.

The new wins – PayXpert , Kota, and Assurdeal – have been secured as part of its ongoing growth in the region. Since its launch in 2021, Ondorse has raised total funding of $6.63M over two rounds from two institutional investors and expanded its client base to include major European companies like insurance unicorn, Alan. The company now aims to build on this through new hires and partner recruitment in the region, with plans to open an office in the UK next year following its rapid and recent commercial success. The company is also announcing the appointment of Olivier Godement, a senior U.S. executive at OpenAI, as an independent Board member.

The Ondorse platform eases the pain of resource-intensive compliance tasks, enabling teams to take a risk-based approach to evaluating and verifying new and existing customers. By flipping compliance on its head, Ondorse is looking beyond traditional onboarding. With AI-driven remediation, automated ongoing due diligence, and a day-1 risk view, the solution is designed to ensure businesses can prevent fraud and money laundering and meet AML regulatory challenges such as AML6 and DORA in the E.U. and the Financial Services and Markets Act (FSMA) in the UK. Orchestrating with 100 vendor solutions, Ondorse unifies compliance, data, risk, and fraud APIs into a single API.

The complete compliance platform scans, remediates, monitors and onboards, covering the entire customer journey. By eliminating manual tasks such as copy-pasting KYB data, retrieving data and documents, and manual activity logging, customers have reported that the solution is delivering a 70% reduction in overall compliance costs and 95% reduction in manual compliance reviews.

The solution is the brainchild of its two founders: President Aymeric Boelle and CEO Florent Robert, who have first-hand experience in compliance and financial services. Aymeric has previously worked as a City lawyer in financial regulation and enforcement at Skadden, whilst Florent has held roles across the finance sector, from fintech founder to Deutsche Bank executive, after RBC and SocGen. Their experience inspired them to develop an innovative approach to manage onboarding and compliance workflows at scale and deliver immediate pain relief to compliance teams.

Headquartered in Paris, Ondorse provides a business identity solution which aims to ease the pain of resource-intensive compliance tasks. Ondorse’s all-in-one platform reduces risk and verification delays whilst ensuring users stay compliant with regulatory requirements.

Visit https://www.ondorse.co for more information.

Leave a comment »

Next DLP Unveils Revolutionary Secure Data Flow Capability in Reveal Platform

Posted in Commentary with tags on June 18, 2024 by itnerd

Next DLP a leader in insider risk and data protection, today announced the launch of Secure Data Flow, a groundbreaking capability within the Reveal Platform that uses the “What, Where, Who and How” of data’s origin, movements and modifications to provide unparalleled protection.

Revolutionizing Data Protection

In today’s rapidly evolving digital landscape, legacy data protection technologies are falling short. They rely heavily on pattern matching, regular expressions, keywords, user-applied tags, and fingerprinting, which can only cover a limited range of text-based data types. Secure Data Flow overcomes the limitations and complexities of legacy Data Loss Prevention (DLP) by complementing traditional content and sensitivity classification-based approaches with origin-based data identification, manipulation detection, and data egress controls. This results in an all-encompassing, 100% effective, false-positive-free solution that simplifies the lives of security analysts.

Recent studies show that employees download an average of 30GB of data each month from SaaS applications to their endpoints, including mobile phones, laptops, and desktops​ (Productiv)​​ (Vendr)​. This staggering volume underscores the critical need for advanced data protection measures. By tracking data from its origin as it flows to sanctioned and unsanctioned egress channels within an organization, Secure Data Flow equips security teams to prevent data theft and misuse effectively.

Key Benefits of Secure Data Flow

  • Comprehensive Data Tracking: Secure Data Flow secures the flow of critical business data from any SaaS application, including Salesforce, Workday, SAP, and GitHub, ensuring that sensitive information is always protected.
  • Enhanced Data Protection: By using data origin and sensitive data identification, Secure Data Flow safeguards your company’s intellectual property and sensitive data from accidental loss and malicious theft.
  • Insightful Investigations: Security analysts investigating malicious data exfiltration gain invaluable contextual insights into data origin, manipulation, and lineage, enabling them to identify, investigate, and report on data security risks and incidents with unprecedented accuracy.

A New Era in Data Loss Prevention

With Secure Data Flow, Reveal sets a new standard for data protection, offering a solution that is both powerful and easy to use. It ensures that organizations can confidently protect their most critical data assets with confidence, regardless of their location or application.

For more information about Secure Data Flow and the Reveal Platform, please visit the Next DLP website.

Leave a comment »

TELUS declares it will not use AI to create or replicate art or imagery of Indigenous Peoples 

Posted in Commentary with tags on June 18, 2024 by itnerd

TELUS is proud to uphold its commitment to reconciliation by declaring that it will not use artificial intelligence (AI) technology to create or replicate the art or imagery of Indigenous Peoples. TELUS released its Reconciliation Commitment in 2021, which states TELUS is committed to progressing the path of Reconciliation in a deeply meaningful way, in partnership with Indigenous Peoples and is dedicated to fulfilling its role and responsibilities in this regard. This commitment has underscored TELUS’ ongoing reconciliation efforts and the update to include technology and the use of AI further cements the evolution of this work.  

The declaration states: Progressing the path of reconciliation in a meaningful way includes the ethical use of technology and AI. Indigenous data sovereignty is crucial in this endeavor, with Indigenous Peoples controlling and protecting their cultural heritage and artistic expressions. TELUS is proud to support the artistic practices of Indigenous Peoples, while being mindful of the historic role organizations have played in the misappropriation of Indigenous art and culture. In upholding TELUS’ Commitment to Artistic Integrity, we declare that we will not use AI technology to create or replicate the art of, or imagery of, Indigenous Peoples.

TELUS is a global leader in the responsible and ethical use of AI, and recently made history with its generative AI (GenAI) customer support tool becoming the first in the world to be internationally certified in Privacy by Design (ISO 31700-1). TELUS also recently won an international Outstanding Organization 2023 prize from the Responsible AI Institute in recognition of its commitment to fostering trust and benefitting society. It’s also the first telecom company in Canada to sign the Government of Canada’s voluntary code of conduct for generative AI, which aims to ensure the transparent, equitable and responsible development and deployment of GenAI technology. Earlier this year, the company published its inaugural TELUS AI report: The power of perspectives in Canada, sharing the perceptions, insights and opinions of AI from nearly 5,000 Canadians, including Indigenous Peoples, racialized groups, older Canadians, new Canadians, youth, people with physical disabilities, and the LGBTQ2S+ community.

To commemorate this declaration, TELUS commissioned a work of art by Kenneth Letander, an Ojibway artist originally from Manitoba and now living in Alberta’s Treaty 6 region. The artwork, titled “Honour by Design”, conveys Letander’s vision: 

  • “In this concept, a human hand is in control of pressing a small green circle, symbolizing the individual’s choice in when and how to use AI. Behind the hand is a turtle, representing Indigenous stories, while below flows a blue river of water where the green circle meets in the middle, signifying the collision of humanity and technology and how humans can use it for good, such as using AI to protect waterways and Mother Earth. Adjacent to this scene is a globe with communication lines leading to a tablet screen, where the turtle is looking and taking in information. Notably, the information representing AI is intentionally separate from the turtle and the hand, as it is respecting Indigenous stories, culture, and determination.”

To learn more about TELUS’ AI art declaration and future opportunities to have your voice heard on responsible AI, visit telus.com/responsibleAI/declaration. To learn more about TELUS’ commitment to reconciliation and to read the 2023 Indigenous Reconciliation and Connectivity Report, visit telus.com/reconciliation.

Leave a comment »

EV Startup Fisker Files For Bankruptcy Protection

Posted in Commentary with tags on June 18, 2024 by itnerd

It seems that EV startup Fisker has filed for bankruptcy protection after burning through all its cash trying to get their Fisker Ocean SUV to market.

I’ve written about them in the past and I kind of had high hopes for them. But to be honest, I’m not surprised by this result. After all Hendrik Fisker who is the CEO of Fisker had tried to make an EV before called the Karma and the company behind that, which to be clear isn’t the same company that we’re talking about now, had similar difficulties before reinventing itself as Karma Automotive.

What also likely didn’t help is that YouTuber MKBHD reviewed the Fisker Ocean in a video called “This is the Worst Car I’ve Ever Reviewed” which likely scared off a lot of customers. In short, the video illustrated a lot of issues with the Fisker Ocean that to be frank, should never be seen by anyone. Now I’ve watched MKBHD’s videos for years, and he goes out of his way to not trash products. So if he says something like this, it has to be bad. To be fair, he did give them a second chance via reviewing the car again with updated software that fixed some of these issues, but like the title of the video suggested at the time, it was likely too little too late.

At this point, I don’t see any good outcome for Fisker. While the company behind the Karma was bought out and still exists today, I don’t see that outcome this time around. Nor do I see Fisker exiting this in any state where they could try and make a go of it. Thus all I have to say is R.I.P. Fisker.

Leave a comment »

US Justice Department Sues Adobe Over Subscriptions

Posted in Commentary with tags on June 18, 2024 by itnerd

Adobe has had a few problems over the last week. Most notably the uproar over the changes in their terms of use of their apps. But they now have a new problem that they need to worry about. The US Justice Department is suing them:

The Justice Department, together with the Federal Trade Commission (FTC), today announced a civil enforcement action against Adobe Inc. and two Adobe executives, Maninder Sawhney and David Wadhwani, for alleged violations of the Restore Online Shoppers’ Confidence Act (ROSCA). The lawsuit alleges that the defendants imposed a hidden “Early Termination Fee” on millions of online subscribers and that Adobe forced subscribers to navigate a complex and challenging cancellation process designed to deter them from cancelling subscriptions they no longer wanted.

Adobe Inc. is a software company that offers online subscriptions to design and productivity software applications via its website, Adobe.com. David Wadhwani is Adobe’s President of Digital Media Business, and Maninder Sawhney is Adobe’s Vice President of Digital Go to Market & Sales.

According to a complaint filed in the U.S. District Court for the Northern District of California, the defendants have systematically violated ROSCA by using fine print and inconspicuous hyperlinks to hide important information about Adobe’s subscription plans, including about a hefty Early Termination Fee that customers may be charged when they cancel their subscriptions. The complaint alleges that for years, Adobe has profited from this hidden fee, misleading consumers about the true costs of a subscription and ambushing them with the fee when they try to cancel, wielding the fee as a powerful retention tool.

The complaint alleges that Adobe has further violated ROSCA by failing to provide consumers with a simple mechanism to cancel their recurring, online subscriptions. Instead, Adobe allegedly protects its subscription revenues by thwarting subscribers’ attempts to cancel, subjecting them to a convoluted and inefficient cancellation process filled with unnecessary steps, delays, unsolicited offers and warnings.

The lawsuit seeks unspecified amounts of consumer redress and monetary civil penalties from the defendants, as well as a permanent injunction to prohibit them from engaging in future violations.

I have heard stories about it being difficult to cancel Adobe subscriptions. I guess that this lawsuit confirms that. Which is bad news for Adobe. You have to wonder if this combined with their other issues will send customers to the exits. I’m sure Adobe will deny the charges and say they will fight this. But honestly, how many battles can one company fight at the same time?

Leave a comment »

Pressure Mounts On CISOs With Reporting Set To Rise By Up To 20x As SEC Bares Teeth With Legal Action

Posted in Commentary with tags on June 18, 2024 by itnerd

Panaseer, a leader in security posture management powered by Continuous Controls Monitoring (CCM), has released a blog analyzing the increased focus on cybersecurity posture in reports to the Securities and Exchange Commission (SEC). Panaseer warns this growth in reporting will place CISOs at real risk of legal action if their organizations’ statements do not match reality.

The Panaseer investigation into organizations’ annual 10-K filings reported to the SEC shows that, from January-May 2024, at least 1,327 filings mentioned ‘NIST’ (National Institute of Standards and Technology) – a key indicator that cybersecurity posture is present in a filing. This compares to just 110 during the same period of 2023 – a 12-fold increase – and 128 across the entire year. On current projections, Panaseer predicts up to 2,600 such filings across 2024 – a more than 20 times increase. 

This will put pressure on CISOs for two reasons: 

  1. The burden of additional cybersecurity reporting: December 2023’s new SEC rulings that incorporated cybersecurity risk into investor reporting mandated the inclusion of cybersecurity posture and processes in annual reports. Although CISOs won’t be directly responsible for compiling reports, they’ll need to work closely with the Enterprise Risk Management (ERM) team to ensure reports are accurate.
  2. The threat of legal action: Accurate reports demand a deep understanding of cybersecurity posture and risk exposure. Any discrepancies between reports and reality will be tantamount to lying to investors, leaving CISOs potentially facing charges. SolarWinds’s CISO, Timothy G. Brown, has already been charged by the SEC for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.  

The new regulation applies to listed enterprises, with two separate SEC reports that apply to cybersecurity:

  • A 10-K filing – a comprehensive annual report of critical information including financial performance. Now, organizations must detail their approach to cyber risk management, including cybersecurity strategy; board oversight; and management’s role in cyber governance.
  • An 8-K filing – a report announcing major events shareholders should know about. This now requires businesses to disclose “material cybersecurity incidents” – which are likely to impact investors – in a timely fashion. These must be reported within four days after the determination of materiality.

To satisfy the SEC, these filings need to accurately portray cybersecurity posture. The new rulings also reflect an ongoing shift in the CISO’s role. While not solely responsible for organizations’ risk posture, CISOs need to accurately portray risk posture and security processes to the ERM team and the board. CISOs need to understand and communicate their company’s cybersecurity practices clearly, with a data-driven approach that enables factual filings.

As such, Panaseer recommends that CISOs direct their focus towards ensuring that there’s oversight and assurance over the security tool they have, verifying that they are working correctly across every asset. 

To find out more about the SEC’s regulations and its impact on CISOs, visit Panaseer’s blog

Leave a comment »

New Software Vulnerability Ratings Report For 2024 Finds High Exploitability Rates & RCE Vulnerabilities

Posted in Commentary with tags on June 18, 2024 by itnerd

Action1 has unveiled new research in its Software Vulnerability Ratings Report 2024 to provide trends based on exploitability rates and the dynamics of Remote Code Execution (RCE) vulnerabilities within enterprise software categories and specific applications. Key findings include:

  • Attackers target load balancers with record exploitation rate: Action1 researchers discovered a high exploitation rate for NGINX (100%) and Citrix (57%). Vulnerabilities in load balancers pose significant risks, as just one exploit can provide attackers with broad access or disruption capabilities against targeted networks. 
  • Threat actors target Apple operating systems: MacOS and iOS showed an increased exploitation rate of 7% and 8%, respectively. Additionally, although MacOS reduced its total vulnerability by 29% from 2023 to 2022, exploited vulnerabilities increased by over 30%. These findings underscore the targeted nature of attacks on iOS devices.
  • MSSQL RCE vulnerabilities surge, highlighting the risk of new exploits: In 2023, Microsoft SQL Server (MSSQL) experienced a 1600% surge in critical vulnerabilities, each being an RCE. This spike signals a potential risk that attackers are quickly discovering and exploiting the next unknown RCE.
  • Increased exploitability of MS Office as attackers take advantage of human error: MS Office’s critical vulnerabilities account for nearly 80% of the overall annual vulnerability count, up to 50% being RCEs. In 2023, Microsoft saw its exploitation rate rise to 7%, compared to 2% in 2022. These findings underscore threat actors’ exploitation of user-facing software prone to human error

You can read the full report here.

Leave a comment »

Datadobi Unveils StorageMAP 7.0

Posted in Commentary with tags on June 18, 2024 by itnerd

Datadobi today announced the launch of StorageMAP 7.0, featuring new features to provide deeper insights into unstructured data environments, facilitate informed decision-making, and enable policy driven data placement. These advancements are in direct response to the urgent need for businesses to manage the acute risk, cost, and opportunity associated with the rapidly increasing volume of unstructured data that is inundating most enterprises. 

The single most significant challenge in managing unstructured data is its inherent diversity and its detailed variation. This diversity extends from the data content through the data formats, data sources, data locations, data users, data owners, data managers, and more. The value and usage of this unstructured data varies widely; while regulatory or internal rules govern some data, some has little value, and some may be damaging or even illegal.

Taming this diversity in large scale environments is the continued mission of StorageMAP. The 7.0 updates are a significant step in its journey to solve the unstructured data challenges of IT and business leaders alike.

StorageMAP 7.0 features the following capabilities: 

Data Insight Enhancements

Getting insights into the nature of unstructured data and organizing it to make sense to all stakeholders is the foundation of good data management. Insights and organization provide all stakeholders with the information needed to make decisions, create policies, execute actions that implement policies, and monitor policy effectiveness to achieve stakeholder goals.

For example:

  • The IT department needs to understand where the data is located, how much it costs, and how important it is, and then relocate it as it ages through its lifecycle.
  • Business units want to identify candidate GenAI data and copy it to a datalake for training, fine-tuning, or augmenting GenAI models.
  • The Compliance Department wants to reduce risk by identifying and removing or archiving data with no business value.

Managing these diverse goals is complex in large unstructured data hybrid cloud environments storing billions of files. To address this, StorageMAP 7.0 includes two new features that help companies drive critical decision making about their unstructured data: Custom Dashboards and an Analysis Module.

  • Custom Dashboards enable the entire range of stakeholders to create a library of views of their unstructured data that is relevant and specific to them. Custom Dashboards use metadata fields and StorageMAP tags to visualize, organize, and monitor the data in a single pane of glass. A Custom Dashboard has a number of key elements that can be added by the user including point in time charts, series charts, and lists among others.

Data shown on a Custom Dashboard can be categorized according to, for example, data ownership, age, last accessed time or any user defined tags such as data criticality, sensitivity, usefulness, and so on. Additionally, Custom Dashboards can be exported in MS PowerPoint® format to easily share with all stakeholders.

  • The Analysis Module is the place to explore and analyze trends in an enterprise’s unstructured data and can also be customized to specific user needs. An analysis can consist of multiple layers of filters and classifications that create datasets matching the criteria of interest. The resulting datasets can then be used to create charts, tabular output, and other reports. The results can be included in Custom Reporting Dashboards and used as input for actions such as migration, replication, pipelining etc. all carried out within StorageMAP.

Data Mobility Enhancement

With StorageMAP 7.0, Datadobi continues to far outpace all competition by continuously adding new functionality to its unequaled armory of complex data mobility solutions. StorageMAP’s ability has been proven through millions of hours of real-life runtime in the most complex corporate and government environments.

StorageMAP 7.0 now supports WORM migrations from IBM COS and Hitachi HCP Object systems to any S3 systems supporting the S3 Object Lock API. Along with other Object and NAS platforms, customers with object-based WORM data on these platforms now have an accurate, scalable, and performant solution to migrate data while retaining legal hold status and retention dates.

Supporting these two systems specifically was necessary because these storage vendors were forced to implement their own proprietary WORM API protocols prior to AWS implementing WORM functionality in the S3 API.

StorageMAP 7.0 general availability (GA) is planned for July 2024. 

Leave a comment »

Reddit Makes Announcement At Cannes

Posted in Commentary with tags on June 18, 2024 by itnerd

Reddit is at Cannes this week. And they announced via a blog post the following:

To this end, we’re thrilled to kick off Day 1 at Cannes by announcing a full revision of ads on the conversation page, our fastest-growing ads surface, and where 47% of Reddit screenviews happen (2). With redesigned creative featuring larger, more premium media, advertisers can appear where users are researching or discussing the topics they care about. We have also commenced testing on an all-new ad placement that lives seamlessly between individual comments in Reddit conversations. It’s specifically designed to reach audiences right at the moment they are most leaned in and primed to take action. Under the new name “Conversation Ads,” advertisers will also benefit from new brand safety controls, including specific ML tooling to further enhance confidence, coming later this year.

Here’s what these ads will look like:

The blog post has a lot more detail that is worth reading if you’re an advertiser looking to engage with Reddit users.

Leave a comment »

« Older Entries
Newer Entries »