Tony Anscombe to EMCEE Collision Conference 2024’s Developer Track: FullSTK

Posted in Commentary with tags on June 11, 2024 by itnerd

ESET today announced that Tony Anscombe,  Cyber Security Evangelist at ESET, will be the emcee for the Developer Track: FullSTK at this year’s Collision Conference. With topics ranging from AI and privacy to future tech, Anscombe will introduce and shed light on a range of critical technology topics during the event, which brings together the product managers, data scientists, coders and engineers programming the future to talk tech. 

Tony Anscombe brings a wealth of experience to the stage as Cyber Security Evangelist at ESET, having spoken at renowned industry conferences such as RSA, Black Hat, Infosec, Gartner Risk and Security Summit, and the Child Internet Safety Summit. Most recently, Anscombe presented on cyber risk insurance, and published an industry whitepaper on the topic, for ESET World 2024, an annual event where global cybersecurity professionals, analysts and decision-makers come together to discuss technological advancements.  

During the FullSTK Developer Track, the following topics will be highlighted: 

  • Future Tech: Explore the potential of superpositions and DNA enzymes in processing data at unprecedented speeds, the impact of identity orchestration on development, the future of ambient computing, and advances in AI and machine learning. 
  • Security and Compliance: With the escalation of cyberwarfare and increasingly stringent legislation, discover new security tools and tactics. Learn what companies and nation-states can do to thwart sophisticated cyberattacks and stay ahead of technological advancements. 
  • Privacy and Diversity in Data: Address the pressing ethics of AI technology, including opaque terms and conditions and algorithmic biases. Discuss how technology companies are advancing data privacy and fostering diversity to design complex AI systems free from bias. 
  • The Role of the Engineer: Analyze how DevOps teams have led the way in remote work and the ongoing influence of engineers on the future of work. Investigate the challenges companies face in acquiring technically skilled workers and the implications of nearshoring talent. 

As a speaker, author, and recognized expert in the current threat landscape, security technologies, data protection, privacy, and internet safety, Anscombe’s insights are highly sought after and respected globally. He is regularly quoted in leading security, technology, and business publications such as BBC, The Guardian, The New York Times, and USA Today. Additionally, he has made broadcast appearances on Bloomberg, BBC, CTV, CBC, CP24, Global News, and CBS, establishing himself as a trusted voice in the cybersecurity domain. 

Don’t miss the opportunity to engage with Tony Anscombe and gain valuable insights during the FullSTK sessions at Collision Conference 2024. For more details, visit here: LINK

Leave a comment »

Adobe To Change Terms Of Use After EPIC Backlash

Posted in Commentary with tags on June 11, 2024 by itnerd

Last week Adobe released new terms of use for its products that almost immediately sparked anger amongst its user base. And attempts to explain it away didn’t go over well. So Adobe is trying again for a third time via this blog post:

We recently rolled out a re-acceptance of our Terms of Use which has led to concerns about what these terms are and what they mean to our customers. This has caused us to reflect on the language we use in our Terms, and the opportunity we have to be clearer and address the concerns raised by the community.

Over the next few days, we will speak to our customers with a plan to roll out updated changes by June 18, 2024.

At Adobe, there is no ambiguity in our stance, our commitment to our customers, and innovating responsibly in this space. We’ve never trained generative AI on customer content, taken ownership of a customer’s work, or allowed access to customer content beyond legal requirements. Nor were we considering any of those practices as part of the recent Terms of Use update. That said, we agree that evolving our Terms of Use to reflect our commitments to our community is the right thing to do.

In other words, the blowback was so epic that Adobe has had to do a rethink. And next week Adobe will roll out new terms of use that clearly state what Adobe and and can’t do with user data. And at the same time, Adobe hopes by doing so that it can get users to trust them again. That might be a tall order given how epic the blowback was. But I guess we will see when these new terms of use drop.

Leave a comment »

Elon Musk Flips Out At Apple Working With OpenAI

Posted in Commentary with tags on June 11, 2024 by itnerd

From the “what drugs is this guy smoking” department comes a tweet storm from Elon Musk in regards to Apple integrating OpenAI’s Chat GPT 4 into their operating systems that are due to be released this fall. The TL:DR is that he’s so upset by this that he’s threatening to ban iPhones and other Apple devices from his companies:

Elon Musk is threatening to ban iPhones from all his companies over the newly announced OpenAI integrations Apple announced at WWDC 2024 on Monday. In a series of posts on X, the Tesla, SpaceX and xAI exec wrote that “if Apple integrates OpenAI at the OS level,” Apple devices would be banned from his businesses and visitors would have to check their Apple devices at the door where they’ll be “stored in a Faraday cage.”

His posts seem to misunderstand the relationship Apple announced with OpenAI or at least attempt to leave room for doubt about user privacy. While Apple and OpenAI both said that users are asked before “any questions are sent to ChatGPT,” along with any documents or photos, Musk’s responses indicate he believes OpenAI is deeply integrated into Apple’s operating system itself and therefore able to hoover up any personal and private data.

In iOS 18, Apple said people will be able to ask Siri questions, and if the assistant thinks ChatGPT can help, it will ask permission to share the question and present the answer directly. This allows users to get an answer from ChatGPT without having to open the ChatGPT iOS app. Photos, PDFs or other documents you want to send to ChatGPT get the same treatment.

Musk, however, would prefer that OpenAI’s capabilities remain bound to a dedicated app — not a Siri integration.

Responding to VC and CTO Sam Pullara at Sutter Hill Ventures who wrote that the user is approving a specific request on a per-request basis — OpenAI does not have access to the device — Musk wrote, “Then leave it as an app. This is bullshit.”

Pullara had said that the way ChatGPT was integrated was essentially the same way the ChatGPT app works today. The on-device AI models are either Apple’s own or those using Apple’s Private Cloud.

Meanwhile, replying to a post on X from YouTuber Marques Brownlee that further explained Apple Intelligence, Musk responded, “Apple using the words ‘protect your privacy’ while handing your data over to a third-party AI that they don’t understand and can’t themselves create is *not* protecting privacy at all!”

He even replied to a post by Apple CEO Tim Cook, wherein he threatened to ban Apple devices from the premises of his companies if he didn’t “stop this creepy spyware.”

“It’s patently absurd that Apple isn’t smart enough to make their own AI, yet is somehow capable of ensuring that OpenAI will protect your security & privacy!” Musk exclaimed in one of many posts about the new integrations. “Apple has no clue what’s actually going on once they hand your data over to OpenAI. They’re selling you down the river,” he said. While it’s true that Apple may not know the inner workings of OpenAI, it’s not technically Apple handing over the data — the user is making that choice, from the sound of things.

I have a feeling that this is all a smokescreen for the fact that Apple is working with OpenAI and not with him and his Grok AI. I say that because Apple during the WWDC keynote where this was announced did say that it was open to integrating other AI’s, and that OpenAI was the first one. And I am going to guess that his AI isn’t on Apple list. So he’s having a tantrum and throwing his toys out of the stroller like a two year old. Which is typical for Elon as he seems to have the emotional maturity of a two year old. My advice is to completely ignore Elon as clearly he’s lost the plot here.

2 Comments »

ComfyUI Users Targeted by Malicious Custom Node

Posted in Commentary with tags on June 10, 2024 by itnerd

The vpnMentor research team recently discovered an incident involving the popular stable diffusion user interface, ComfyUI, potentially putting at risk users who used a specific user-uploaded node. The custom node was reviewed by the vpnMentor team and the findings were confirmed. 

This malicious code inserted in the “ComfyUI_LLMVISION” node is disguised as a helpful extension but is really designed to steal sensitive user information, including browser passwords, credit card details, and browsing history to later transmit the stolen data to a Discord server controlled by the attacker, posing direct privacy risks and many online threats to their users. 

To understand more on how this malicious code works and how users can protect themselves you can find more information here: https://www.vpnmentor.com/news/comfyui-malicious-custom-node/

Leave a comment »

Fortinet to Acquire Lacework

Posted in Commentary with tags on June 10, 2024 by itnerd

 Fortinet today announced that it has entered into a definitive agreement to acquire Lacework, the data-driven cloud security company.

Lacework delivers a leading AI-powered cloud security platform that seamlessly integrates all critical CNAPP services. With patented AI and machine learning technology, an agent and agentless architecture for data collection, a homegrown data lake, and a powerful code security offering, Lacework is trusted by nearly 1,000 customers to deliver comprehensive security from code to cloud.

Fortinet is renowned for its cybersecurity innovation with more patents than the nearest three competitors combined and over 100 inclusions in industry analyst reports, including recognition in eight Gartner® Magic Quadrant™ reports. Fortinet delivers its solutions as part of the Fortinet Security Fabric, an integrated cybersecurity platform that spans Secure Networking, AI-driven Security Operations, and Unified SASE, which includes access and cloud security.

Fortinet intends to integrate Lacework’s CNAPP solution into Fortinet’s Unified SASE offering, forming one of the most comprehensive, full stack AI-driven cloud security platforms available from a single vendor. This will help customers identify, prioritize, and remediate risks and threats in complex cloud-native infrastructure from code to cloud.

This strategic acquisition aligns with Fortinet’s growth strategy in the Unified SASE market, which includes solutions for securing access and cloud, and underscores the company’s commitment to innovation and integration. As part of the acquisition, Fortinet is committed to a seamless transition for Lacework customers and partners. Backed by Fortinet’s proven leadership and expertise, Lacework customers will be able to benefit from access to Fortinet’s global reach, extensive scale, vast resources, and industry-leading threat intelligence while continuing to leverage their existing security infrastructure investments.

Financial terms of the transaction were not disclosed. The transaction, which is expected to close in the second half of 2024, is subject to required regulatory approvals and other customary closing conditions. Goldman Sachs & Co. LLC is acting as exclusive financial advisor to Lacework. Cooley LLP is acting as legal counsel to Lacework, and Fenwick & West LLP is acting as legal counsel to Fortinet.

Leave a comment »

Christie’s Confirms That They Got Pwned By Ransom House

Posted in Commentary with tags on June 9, 2024 by itnerd

You might recall that threat actors Ransom House had claimed to have pwned auction house Christie’s a couple of weeks ago. At the time I said this:

It will be interesting to see what happens next as we’re only two days from the end of May. I’m pretty sure that this group will release some sort of data in retaliation for not getting paid. But not paying them is the correct course of action as cybercrime groups cannot be allowed to succeed in terms of extorting money from their victims.

Well we’re in June now and it seems that Ransom House has made good on its threat to release data because it appears that Christie’s didn’t pay up. I say that because a data breach notification from Christie’s has appeared.

On May 9, 2024, we discovered that we were the victim of a cybersecurity incident that impacted some of our systems.

As soon as we became aware of this event, we promptly took steps to secure our environment, launched an investigation, and engaged external cybersecurity experts to assist. We also notified law enforcement and continue supporting their investigation.

The investigation revealed an unauthorized actor accessed some of our systems and certain files stored therein between May 8, 2024, and May 9, 2024, and some files were copied from those systems on May 9, 2024. We conducted a robust review of the files to identify individuals whose information may have been impacted and worked to obtain addresses and notify them as quickly as possible after completing the review on May 30, 2024.

Christie’s claims the data that was swiped by Ransom House hasn’t been misused. Which by the way Ransom House claims that the data in question is full names, addresses, ID document details, and various other sensitive personal information of at least half a million clients of the auction house. But at the same time they’re offering up a free twelve-month subscription for the CyEx Identity Defense Total identity theft and fraud monitoring service. Which means that it’s only a matter of time before that information is used to launch secondary attacks. Which will be cold comfort to those who are affected by this.

Seeing as Christie’s is a British company, I wonder what British authorities are going to do. If they do decide to get involved in this, it might be something worth tuning in for.

Leave a comment »

Elon Musk Has So Many Unsold Tesla Vehicles Piling Up, You Can See Them From Space

Posted in Commentary with tags on June 8, 2024 by itnerd

Tesla has a serious problem. So far this year, their sales have fallen off a cliff. And as a result, Tesla has had to cut prices to get people to buy their vehicles. But clearly that’s not working as unsold Tesla vehicles are piling up at such a rate, that you can apparently see them from space:

So where exactly are all those thousands of Teslas? They’re just sitting in lots. Using imagery from SkyFi, a satellite imagery marketplace, Sherwood was able to discover just where all those Tesla’s are being stored. Images taken of Tesla’s Texas Gigafactory from a random Thursday in October 2023 and a Thursday from March of 2024 show lots around the factory going from partially or nearly full to completely full in some cases.

Tesla is storing vehicles in other places around the country as well it seems. Satellite images from St. Louis’ Chesterfield Mall shows a lot outside the mall being filled with nearly 500 cars. Even the mall here in my own city of Moreno Valley, California has been used to store Teslas; I recently observed a few hundred Model Ys parked outside Sears. So while Tesla is still selling hundreds of thousands of cars, it would seem that the brand isn’t the hot seller it used to be. It makes you wonder how long they’ll keep acting like we don’t notice that they have thousands of unsold inventory piling up.

I think that this illustrates how bad Elon Musk is at running Tesla. While it is true that EV sales have generally slowed for car companies. No other car company has this issue. And some are bucking the trend. Hyundai for example has Ioniq 6 sales up 188%. So clearly the some or all of the blame for their sales issues has to land on Elon’s doorstep. And on top of that, this report could not have come at a worse time for Elon. I say that because he wants a new compensation deal from Tesla which is worth an insane $56 billion. There’s pushback from a huge wealth fund which may lead many others to vote against this pay package. On top of that, there’s word that Elon might quit Tesla if he doesn’t get this pay package. Which many would dance in the streets if that happened given how bad things are at Tesla right now. We’ll find out what is the outcome of that is next week when this pay package comes up for a vote. And I bet that many who will be voting will have images of unsold Tesla vehicles parked in lots in such numbers that they are seen from space in their minds.

Leave a comment »

Microsoft Backtracks On Recall Being Switched On By Default…. Not That It Matters

Posted in Commentary with tags on June 7, 2024 by itnerd

Microsoft Recall has been a dumpster fire since it was announced. It was seen as a privacy nightmare. Then a security researcher found how insecure it was. Since them, it has come to light that the situation is even worse than previously thought. I would recommend reading this article because it’s just mind blowing.

In any case, I guess that this all became too much for Microsoft who posted this blog post on Recall:

Even before making Recall available to customers, we have heard a clear signal that we can make it easier for people to choose to enable Recall on their Copilot+ PC and improve privacy and security safeguards. With that in mind we are announcing updates that will go into effect before Recall (preview) ships to customers on June 18.

  • First, we are updating the set-up experience of Copilot+ PCs to give people a clearer choice to opt-in to saving snapshots using Recall. If you don’t proactively choose to turn it on, it will be off by default.
  • Second, Windows Hello enrollment is required to enable Recall. In addition, proof of presence is also required to view your timeline and search in Recall.
  • Third, we are adding additional layers of data protection including “just in time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates. In addition, we encrypted the search index database.

Now to be fair to Microsoft, these are all meaningful changes. But I have to ask the question that most people are going to ask. Why was none of this part of the original spec for Recall? That might have mitigated some of the blowback. On top of that, even with these changes, I wouldn’t recommend ever using recall. Just think of the nightmares that it would create companies who have this feature turned on and a lawyer knocks on their door as part of some sort of legal discovery process. Or how about a domestic abuser who is intent on going after their partner in any way they can. The risks are too great, and Microsoft has no fix for that. So you’re better off not using it as a result.

Leave a comment »

LAUSD Investigates Claims Of Being Pwned By A Threat Actor For A Second Time

Posted in Commentary with tags on June 7, 2024 by itnerd

The Los Angeles Unified School District (LAUSD) is currently investigating a threat actor’s claims that they are selling stolen databases containing sensitive information belonging to millions of students and thousands of teachers. LAUSD, which is the second largest public school district in the United States, had more than 563,000 students enrolled for the 2023-2024 school year.

According to the threat actor, the stolen data is being sold for $1,000 on a hacking forum. The data allegedly includes over 11GB of information, encompassing more than 24 million student records, over 24,000 teacher records, and approximately 500 records containing staff information. The hacker shared samples of the data to prove its legitimacy, which included around 1,000 student records complete with Social Security Numbers (SSNs), addresses, parent addresses, email addresses, contact information, and dates of birth.
 
The authenticity and recency of the data remain uncertain as the threat actor only shared a small portion of the allegedly stolen information. There might be new information that has not yet been disclosed.
 
“We are looking into this and will get back to you if we have further information to share,” said LAUSD Public Information Officer Britt Vaughan in a statement to BleepingComputer.
 
In a related incident, LAUSD was hit by a ransomware attack in September 2022 over the Labor Day weekend. The Vice Society gang claimed responsibility for that breach, claiming they stole 500GB of files before encrypting the district’s systems.
 
Following the 2022 attack, LAUSD mandated all employees (teachers, support staff, and administrators) as well as students, reset their @LAUSD.net account credentials in person at a district site and expedited the rollout of multi-factor authentication.

Steve Hahn, Executive VP, BullWall has this to say:

   “The threat landscape has taken a sinister turn in the last few years, partly because these (mostly) Russian based threat actors consider our support of Ukraine an act of war and also because of the financial stakes. This is a multi-billion-dollar industry now. However recent years has seen the threat actors intentionally targeting young children for extortion and blackmail, which is precisely what this. It’s unconscionable.

   “Threat actors target schools with “dual extortion” techniques. They exfiltrate data on students and encrypt all of the school’s data in a sequenced attack. The school will have to pay to not have that data leaked and pay again to get it decrypted. The information they can get in an attack like this is devastating to the children involved. Information about their grades, sexual activity, medications or mental healthcare, domestic violence, sexual orientation or identity and disciplinary actions. When this gets leaked parents will be, rightfully, outraged and the political fallout severe. The threat actors know this and seem to disregard the impact on the well-being of the targeted children.

   “Unlike big corporations or other government services, schools simply don’t have the resources or personnel to prevent these attacks. It is not a matter of “if” a school district will be hit but “when” and the funding bodies don’t seem willing to allocate pro-active funding until they’ve been hit and see first-hand the fallout. However, even with the best prevention tools in the world a determined threat actor will eventually break through.

   “Schools need to limit the sensitive information they document and retain. They need recovery strategies for the eventuality and need to also focus on rapid containment of the event to limit the amount of data impacted. It is also important to hold tabletop exercises to create a playbook for what happens when they eventually do get hit. How Legal, Boards and City Councils will be involved. These exercises often open up the eyes of the city councils to just how impactful these events are.”

Dave Ratner, CEO, HYAS follows with this:

“Schools and universities are increasingly becoming common targets, both because of the treasure trove of data they contain and their overall cyber security posture, which is unfortunately often less than perfect based on limited budgets. It’s imperative that those in the education sector prioritize cyber security hygiene — often this can be accomplished in a budget-friendly manner via one of the many MSP and MSSPs that focus on best practices.”

It will be interesting to see if these claims of LAUSD being pwned again are true. If they are, then LAUSD will have to do a lot of hard work to make sure that threat actors don’t go three for three so to speak.

Leave a comment »

Bartender Has Been Updated To Remove Analytics Gathering…. So, Do You Trust Them Now?

Posted in Commentary with tags on June 7, 2024 by itnerd

Well here’s a plot twist that I didn’t see coming after this controversy popped up. Applause the company that now owns Bartender has just put out an update to bring the version to 5.0.53. A Reddit user got this and posted about it on Reddit:

So clearly the blow back was so bad, the company claims to have removed the analytics that fanned the flames of this controversy.

On top of that, the change log seems kind of suspect as what they are saying runs counter to what Reddit users have found out about Applause via their own FAQ which you can read as part of my original story above. It honestly sounds that this has become a damage control exercise as the company bought Bartender, really screwed up how it handled the purchase with users of the app, and tossed in some shady behaviour in the form of adding analytics which make you question the explanation provided by Applause as to why these analytics were added.

The real question is if this move makes you trust them?

The answer is my case is no. I will not be updating to this version and I will continue to run Ice for the time being. For Bartender and their new owners Applause to get me back, they will have to do a whole lot more to earn my trust because at the moment, my trust level with them is zero.

Leave a comment »

« Older Entries
Newer Entries »