Trump Media Loses $327 Million During Q1

Posted in Commentary with tags on May 21, 2024 by itnerd

Trump Media who is the parent company of Truth Social has lost massive amounts of cash in Q1 of their fiscal year. How much cash? Variety has the answer:

Trump Media and Technology Group, the company affiliated with former U.S. president Donald Trump that operates Truth Social, reported $770,500 in revenue for the first quarter of 2024 and a net loss of $327.6 million. 

So in short, Trump Media has earned next to nothing in Q1, and lost an insane amount of money in Q1. For any other business, this would be pretty much fatal. But somehow, these guys are still operating. At least for now. The long and short of it that this is a meme stock. And there’s no scenario that I can see where this changes.

Leave a comment »

Cigent Announces Cigent Endpoint Data Protection

Posted in Commentary with tags on May 21, 2024 by itnerd

Cigent Technology today announced the Cigent Endpoint Data Protection Platform that protects data from ransomware, data exfiltration, and data loss. The Endpoint Data Protection Platform provides a comprehensive portfolio of endpoint data offerings.

It is the first known commercial solution that protects Microsoft Windows endpoint device data every time, against every attack, and enables businesses to continue operating even while under attack – with minimal impact to users and minimal administrative demands on IT resources.

The High Price of Insufficient Endpoint Security: Existing commercial endpoint and data security products are repeatedly proven to be ineffective at stopping ransomware, malware, and advanced persistent threats from disabling endpoints. Because of this, fully 68% to 70% of data loss incidents occur at the endpoint.

Cyberattacks will increase aggressively – in their frequency, their ability to penetrate traditional defenses, and their sophistication – with the imminent widespread adoption of AI by attackers. Attack volumes, sophistication, and precise targeting will escalate rapidly.

The outcome is broadly expected to result in more successful endpoint compromise attacks.

Recent ITIC research on the hourly costs of downtime found that costs now exceed $300,000 /hr for 91% of SME and large enterprises. Fully 44% of mid-sized and large enterprise survey participants reported that a single hour of downtime can cost their business as much as $1 million.

Cigent delivers:

  • Zero Trust Access Control: Verified, policy-driven step-up access control protects files from unauthorized access. Utilizing AI and integration with major authentication solutions, it protects data with minimal end-user impact.
  • Hidden Data Drives: Attackers cannot see or even locate protected drives even when a deception is compromised. Data remains hidden at the sector level until unlocked with step-up authentication.
  • AI Threat Defense: AI monitoring instantly elevates the threat level when ransomware or other malware attempts to access data. Additionally, integration and automation with EDR solutions elevates protection if threats are detected or if they are rendered inoperable by attackers.
  • “Set and Forget” Operations: Protection is in place and automated, requiring no direct intervention or administration by security or IT resources.
  • Data Protection for Modern Workforce: Minimal impact of end-user experience and sustained device usability during an attack event.

The Cigent Endpoint Data Protection Platform At Work

Cigent begins with the assumption that the PC is going to be compromised. While there continue to be advances in the detect and respond approach, it remains insufficient to prevent data compromises.

Cigent provides layered defense that protects data at rest or when in use. We use software, hardware, or dual encryption as foundational data at rest protection. Customers using SSDs are able to provide additional protection with hidden partitions that are invisible to attackers. When a device is in use we maintain data protection with zero-trust access controls that prevent unauthorized access with minimal user disruption. In addition, we integrate with EDR and SIEM solutions instantly elevating protections based on their status. Finally, Cigent leverages its own AI to detect malicious data activity and instantly secure files. This layered approach proactively protects data.

Importantly – Cigent is the first solution that actively preserves user productivity and device efficiency whenever an attack is in process or has occurred.

In field tests with a current and pernicious attack, file access was immediately locked and the user’s ability to continue work was protected. No immediate IT intervention occurred or was needed.

Also Introducing – Cigent BitLocker Manager: Cigent is also delivering BitLocker Manager, another new capability in the Cigent Data Defense Platform that protects full disk encryption environments currently using “tired” technology and facing end-of-life resource issues.

Additional Resources:

Cigent Endpoint Data Protection Platform  Demo: https://www.cigent.com/thinkshield-data-defense-cigent

Leave a comment »

Global Banking Trojan Resurfaces With A Vengeance 

Posted in Commentary with tags on May 21, 2024 by itnerd

According to a new report from IBM’s X-Force, a widespread banking malware Grandoreiro has resurfaced in numerous new campaigns with improved functionality designed to make it a more meaningful threat.

The cybersecurity unit has been tracking several large-scale phishing campaigns since March including attacks impersonating Mexico’s Tax Administration Service, Federal Electricity Commission and Secretary of Administration and Finance, as well as the Revenue Service of Argentina and the South African Revenue Service.

“In each campaign, the recipients are instructed to click on a link to view an invoice or fee, account statement, make a payment, etc. depending on the impersonated entity.

“If the user who clicks on the links is within a specific country (depending on the campaign, Mexico, Chile, Spain, Costa Rica, Peru, or Argentina), they are redirected to an image of a PDF icon, and a ZIP file is downloaded in the background. The ZIP files contain a large executable disguised with a PDF icon, found to have been created the day prior to, or the day of the email being sent,” IBM X-Force said.

The malware has been observed since at least 2017 previously only targeting Spanish-speaking countries. The new Grandoreiro is a modular operation with the ability to target over 1500 global banking applications and websites in over 60 countries.

The latest version features updates that allow the malware to contact at least 12 different C2 domains per day. There are also new capabilities allowing it to spread more efficiently by harvesting victim data from targeted email clients.

“The updates made to the malware, in addition to the significant increase in banking applications across several nations, indicate that the Grandoreiro distributors are seeking to conduct campaigns and deliver malware on a global scale,” IBM X-Force concluded.

Emily Phelps, Director, Cyware:

   “This incident underscores the need for organizations to adopt more proactive cybersecurity strategies. A collective defense approach and the implementation of cyber fusion strategies can help organizations get ahead of threats, operationalizing relevant threat insights and breaking down silos so that security teams can rapidly take action. As adversaries evolve their tactics, our collective defense must be equally dynamic and resilient.”

This highlights the fact that threat actors are taking attack code that is already out there and making them a lot more dangerous. This is why having the sort of defence that Ms. Phelps describes is the best way to stop your organization from getting pwned.

Leave a comment »

WebTPA Discloses 2023 Breach Impacting Over 2.4 Million

Posted in Commentary on May 21, 2024 by itnerd

In an undated notice on its website, WebTPA has reported it was the victim of a “data security incident” last year that may have impacted 2,429,175 people.

Texas-based WebTPA, a company that provides administrative services to health benefit plans and insurance companies, says an investigation launched in late last year revealed that an “unauthorized actor may have obtained personal information between April 18 and April 23, 2023.”

On May 8, WebTPA told the federal Department of Health and Human Services that the exposed information is different depending on the individual, and data may include:

  • Name
  • Contact information
  • Date of birth
  • Date of death
  • Social Security number
  • Insurance information

Company President Lisa Tranberg said that “financial information, such as financial account information or credit card numbers, and treatment or diagnostic information were not impacted.”

The announcement comes amidst the global healthcare disruption of the Change Healthcare breach and, more recently, the attack on the Ascension hospital chain and Australian prescriptions company MediSecure.

BullWall Executive, Carol Volk had this to say:

   “It’s no longer up for debate, assume you will be hacked and breached and that your data will be stolen, held for ransom or destroyed. Your only option is to be prepared. Every organization with valuable data, which means every one of us, must have in place, in addition to sophisticated EDR defense and backup methods, a comprehensive ransomware containment solution. The focus must be to protect, not just detect. When attackers breach the walls, they must not be allowed into the vault.”

This is good advice as we’re in a place now where it’s not if, but when you’re going to get pwned by hackers. Thus you have to shift from not just trying to keep the bad guys out, but containment if they do get in.

Leave a comment »

Kashable and BrightDime Launch New Partnership

Posted in Commentary with tags , on May 20, 2024 by itnerd

Kashable, a fintech platform that provides Socially Responsible Credit™ and financial wellness solutions as an employer-sponsored voluntary benefit, and BrightDime®, a trusted partner that provides a real-time 360-degree view of individuals’ holistic financial picture, have announced a new partnership. This partnership aims to provide access to personalized financial coaching and money management tools. At inception, the program will be implemented across 50 companies, including IKEA, Chobani, and Nasdaq, covering over 170,000 employees.

According to a recent study, 86% of employees indicated that they’re stressed about finances, directly impacting their overall health and performance at work. Having access to financial literacy and coaching tools is crucial to lowering stress and empowering employees to manage their finances effectively and achieve long-term financial stability and security.

Beginning today, employees who have access to Kashable’s Financial Wellness Program will also have access to free financial coaching sessions and other educational resources from BrightDime.

Adding BrightDime’s financial coaching marks a significant stride in empowering employees with the tools they need to enhance and prioritize their financial wellness and security. Through one-on-one and on-demand financial coaching, employees receive support during challenging financial circumstances. This guidance is essential in navigating important financial decisions, enabling employees to stride confidently toward financial independence and well-being.

To speak with Kashable about access to BrightDime’s personalized financial wellness tools, visit Kashable.com.

Leave a comment »

Horizon3.ai Publishes Fortinet FortiSIEM Command Injection Deep-Dive & Exploit POC 

Posted in Commentary with tags on May 20, 2024 by itnerd

Horizon3.ai Chief Attack Engineer Zach Hanley and the Horizon3.ai Red Team Zach Hanley has just published CVE-2023-34992: Fortinet FortiSIEM Command Injection Deep-Dive with indicators of compromise and a link to the team’s proof of concept exploit on GitHub to blindly execute commands as root on vulnerable FortiSIEM appliances.  

Hanley said: “Several issues were discovered during this audit that ultimately lead to unauthenticated remote code execution in the context of the root user. The vulnerabilities were assigned CVE-2023-34992 with a CVSS3.0 score of 10.0 given that the access allowed reading of secrets for integrated systems, allowing for pivoting into those systems.”

FortiSIEM is Fortinet’s security information and event management (SIEM) with user and entity behavior analytics (UEBA), with the functionality typical to SIEM solutions such as log collection, correlation, automated response, and remediation. It also allows for simple and complex deployments ranging from a standalone appliance to scaled out solutions for enterprises and MSPs.

Leave a comment »

The App Tracking Bug In iOS 17.5 Has Been Fixed

Posted in Commentary with tags on May 19, 2024 by itnerd

It appears this issue for app tracking and asking apps to request to track is now working properly. To recap, after updating to iOS 17.5, many people noticed that if you went to Privacy & Security –> Tracking, an option called “Allow apps to request to track” was greyed out so that you couldn’t turn it off or on. This blew up the Internet for a couple of days as this wasn’t exactly a trivial bug.

Apple appears to have fixed it based on the fact that I noted this late yesterday:

Compare that with this photo taken at the time that the issue surfaced:

You’ll note in the first picture the control for this option is now live again. I am guessing that this was some sort of server side fix. As in Apple made some sort of change on their end for iPhones running iOS 17.5 that fixed this.

Now if they would only fix this issue which appears to be extremely widespread. I haven’t seen it. But I know people who have and this looks really bad on Apple.

Leave a comment »

Twitter.com Is Now X.com…. But It’s Still Twitter To Me

Posted in Commentary with tags on May 19, 2024 by itnerd

Elon Musk has been obsessed with rebranding Twitter to X. But if you went to various parts of the site, you would find references to Twitter. But that appears to be no longer the case based on this Tweet from Elon himself:

Let’s start with the fact that this X logo looks nothing like the X logo that Elon has been using for a while now. What’s up with that? And how much does this move to X.com break things for people on the Internet? That’s a good question.

Regardless of what Elon thinks. This site will still be Twitter to me and many other people. And there’s nothing that Elon can do about it.

Leave a comment »

Presto Card Support Coming To iPhone…. Soon…. Whatever That Means

Posted in Commentary with tags on May 18, 2024 by itnerd

For those of you who live in the Greater Toronto Area, your best way to use public transit is to use a Presto Card to pay for your trips on transit. Now Android users have had the ability to have their Presto Cards on their phones for a while now. iPhone users were out of luck. But that appears to be changing based on this Tweet:

I’m not sure what “soon” means to Metrolinx which is the organization that oversees transit in the Greater Toronto Area. I say that because this organization has a pretty poor track record of delivering projects on time and on budget. Thus “soon” could be next year or next week. Who knows? But the fact that they are saying something implies that maybe something is coming in the next few weeks? We will have to see and hopefully this doesn’t become another Metrolinx fiasco where they promise something but don’t deliver on time.

Leave a comment »

AI Increases True Positives On Vendor Risk 500%: VISO TRUST

Posted in Commentary with tags on May 17, 2024 by itnerd

VISO TRUST has issued its “2024 State of Third Party Risk Management: AI’s Impacts and Future Trends” which codifies that longstanding Third-Party Risk Management (TPRM) methods are increasingly inadequate in today’s digital business environment. 

The report leverages VISO TRUST Platform-derived data, which includes profiles of more than 2.4 million companies, and insight from CISOs, security, and TPRM professionals across various industries.

Among key findings on legacy TPRM: 

  • Inadequate responses: Approximately 75% of vendors responding to legacy questionnaire approaches requiring manual input either ignore or delay crucial risk assessments.
  • False positives: Conventional cyber risk ratings yield a 90% false positive rate, undermining their reliability.

AI-driven transformation of TPRM findings:

  • Efficiency gains: AI-assisted modern TPRM programs reduce vendor and partner assessment timelines from months to days.
  • Near-complete coverage: AI and automation achieve almost 100% coverage of third-party networks.
  • Significant increase in true positives: data analysis revealed a 500% rise in accurate risk identifications.
  • Faster assessments: Risk evaluation times have decreased from 60 to 90 days to just five to eight days.
  • Enhanced accuracy: AI-driven methods refine risk assessment precision.

Leave a comment »

« Older Entries
Newer Entries »