London Drugs Starts To Reopen Stores After Getting Pwned

Posted in Commentary with tags , on May 6, 2024 by itnerd

You might recall that Canadian pharmacy chain London Drugs was pwned in some sort of cyberattack. It’s not clear what kind of attack it was. But it was clearly bad enough that it forced the chain to close all their stores. Which is of course a non trivial event. Over the weekend news surfaced that some stores were starting to reopen:

London Drugs is gradually reopening its stores across Western Canada, six days after it shuttered all locations due to a “cybersecurity incident,”  the retail and pharmacy chain said.

It is working with its nearly 80 stores in British Columbia, Alberta, Saskatchewan and Manitoba individually to get them up and running, said the retailer, headquartered in Richmond, a suburban city about 16 kilometres south of Vancouver. 

“We ask for patience as we work with each store to ensure it is operating fully to meet the needs of our customers, and therefore we will not be communicating which stores are opening and when,” London Drugs said in a Saturday statement. “No interviews will be conducted at this time.”

“We are continuing to work with our third-party cybersecurity experts to bring our systems online in a safe and secure manner,” the company said. 

Opening stores six days after getting pwned is quick.

In the above statement they say that they’re working with a third party. Which I assume is a Mandiant or an organization similar to that. So it goes without saying that they are taking their advice on that. I could, and I emphasize could also mean that London Drugs had a mitigation strategy in place so that in the event of something like this, they could reopen quickly. If that’s true, then that’s very good on them. There is the possibility that this attack could have been less severe than we all assumed. Which is a good thing.

But that’s where my glass half full view ends. There is the possibility that they paid the ransom based on the fact that I am making the assumption that this is ransomware. And regardless of how quick London Drugs got back on its feet, there’s still the question regarding the data of their customers and if anything was stolen. London Drugs hasn’t said anything about that, but that has to be on the table. So while London Drugs is making positive steps to getting back to normal, it’s not all sunshine and roses.

My advice is to watch this situation carefully in the coming days and weeks. Especially if you get you prescriptions at London Drugs. Because this incident is far from over.

Leave a comment »

Review: Logitech For Creators Litra Glow

Posted in Products with tags on May 5, 2024 by itnerd

I’m currently in the midst of redoing my desk setup which is being driven by my decision to run my 16″ MacBook Pro in clamshell mode full time. By doing so, it also means that I cannot use the webcam that’s built into the MacBook Pro. That’s a problem for me as I spend a fair amount of time on video calls via Microsoft Teams among other video conference apps. So as a result, I am now using this webcam and to enhance the light that it has to work with, I needed some sort of key light. Which is why I decided to go with this:

This is the Logitech For Creators Litra Glow key light. It has a bunch of features including:

  • It mounts easily onto any monitor or laptop and adjusts for either use case.
  • It has five levels of brightness as well as five colour temperatures to choose from. 
  • A colour temperature range from 2,700 to 6,500 Kelvin and have a maximum output of 250 lumens.
  • It is compatible with the Logitech G HUB that allows you to tweak all the settings digitally as opposed to using the controls on the back of the light.
  • It’s powered via a USB-C to USB-A cable.

Here’s a look at the light and the range of adjustability that you get. It’s pretty extensive and you can pretty much set it up to fit whatever your use case happens to be.

Here’s a look at how it looks on my monitor:

As you can see, it hooks onto the front of the monitor, then you adjust the arm on the back until you find a length that is secure. You can also see the USB-C to USB-A cable running down the back. Since I have a standing desk, I tried moving the desk up and down to see if it would fall off and it didn’t.

But the real question is this light works. The short answer is yes. The long answer goes something like this. This does output a lot of light. At full strength, it is powerful enough to light up most of my home office at night if I have the lights off. I spent some time tweaking it and that time resulted in my face being clear when on camera.There are controls on the back that allow you to make it as bright or as dull as you want along with changing the colour temperature. That way you can get the look that you want. Thus I feel more than confident in saying that you will look great on your next Microsoft Teams call after you spend some time tweaking things to suit your environment.

I tried the Logitech G HUB software on my Mac as part of this review. First of all, it allows you to tweak the settings of the software via sliders while watching yourself on screen. Which is handy to make sure that everything is dialled in before you jump on a video call. Though that’s something that you are likely to do once or occasionally at best. The other thing that I noted is that it does have the ability to turn on and off the light when the camera is activated or deactivated. Though I did note that it would not work initially until I chose the MacBook Pro’s built in camera, which then generated a prompt that Logitech G HUB wanted to access the camera. When I gave it permission to do so, I had to switch it back to the external camera and then it worked flawlessly. Speaking of permissions, this software asked me for permission to record the screen and audio. I didn’t give it permission and it continued to work fine. Which begs the question, why was it asking me for permission to do that? Permission to access the camera I can understand because that’s clearly how it knows to turn the light on and off. But to record the screen and audio? That seems suspect to me.

What makes this light something that I would recommend to you is the price tag. I got it from Amazon for $53.99 CAD which is kind of hard to beat. Thus if you need to improve your video call game, this is a great product to do so.

Leave a comment »

Review: Apple Magic Keyboard With Touch ID And Numeric Keypad

Posted in Products with tags on May 4, 2024 by itnerd

When the topic of Apple products comes up, one of the things that comes to mind is if it’s worth it. Some things are. For example my 16″ MacBook Pro is absolutely worth it because of the speed and power that it has. Other things from Apple… I’m not so sure.

This is a review of one of those other things.

This is the Apple Magic Keyboard with Touch ID and Numeric Keypad. And it is $229 CDN in black which is what you see in the picture, or $209 CDN in white. In other words, if you want the black colour to match your setup or to hide dirt, you’ll have to pay Apple $20 more. And that is the start of why this keyboard might not be worth it for you.

Let’s touch on the fact that this keyboard doesn’t have backlighting. Which to me is completely bizarre as many lower priced keyboards do have backlighting. I’m sure that Apple will say that it has to do with battery life seeing as this is a wireless keyboard. But that doesn’t make sense to me because competing keyboards that cost way less than this one will connect wirelessly like this one does, and go weeks if not much longer on battery while having backlighting. And there are even a few keyboards that will do all of that and self adjust the backlighting on the fly using an ambient light sensor. Apple does this with the Magic Keyboards that are built into their MacBook Air and MacBook Pro models. So you have to wonder why they haven’t done it here. Having said that, battery life is one month on a charge. And I can confirm that I can go five to maybe six weeks between charges.

Incline adjustment is something else that’s missing from this keyboard. As in you can’t adjust the incline if this mostly flat keyboard doesn’t work for you. Now this keyboard as is happens to work for me, but it won’t work for everyone. I know that because I often get emails from people who buy desktop Macs and can’t cope with this keyboard. Thus they reach out to me for advice on what to replace it with. Now if you’re someone who doesn’t want to buy a new keyboard, and needs a bit more incline from their Magic Keyboard, this product might help you. I base that on feedback from clients who have tried this product and reported back that it helped to put the keyboard at an angle that works for them. But the fact that this product exists at all shows that maybe Apple needs to reconsider this design.

Finally, there’s this.

Why on God’s green Earth does this keyboard have a Lightning connector for connection and charging purposes? It’s 2024 and Apple should have moved this to USB-C by now. It’s not as if a USB-C connector wouldn’t fit in this keyboard. The bottom line is that this decision not to have USB-C on this keyboard is baffling to be honest. But on the flip side you get this:

Apple serves up a woven USB-C to Lightning cable in the box that’s colour matched. It’s a nice touch I suppose.

So this keyboard sucks right? Not so fast. A big plus to this keyboard is the inclusion of Touch ID. That’s handy for those who rely on Touch ID for anything from Apple Pay, to simply getting into your Mac, to using it for authentication purposes. There is a catch though. Touch ID only works with Apple Silicon Macs. If you have an Intel Mac, you’re out of luck. And in case you are wondering, no third party keyboard has Touch ID, likely because Apple won’t allow that for security reasons I am guessing. So if Touch ID matters to you, this is your only choice.

Sidebar: If you want to unlock your Mac and you own an Apple Watch, these instructions will help you to set that up. Which means that you won’t need Touch ID to unlock your Mac. Which by extension means that you may not need to buy this keyboard for that use case.

Another plus is the typing experience. I have to admit that despite the fact that I learned to type on a typewriter back when dinosaurs roamed the Earth, which in turn made me gravitate towards mechanical keyboards, the typing experience on this Magic Keyboard is quite good. Key travel is decent, it doesn’t take a whole lot of force to type on it, and it doesn’t make a whole lot of noise. I have no issues typing on it, likely because it mimics the experience of the built in MacBook Pro Magic Keyboard.

The looks this keyboard are another plus because it fits in with the Apple look and feel if that’s what you’re looking for. It also means that you will get a clean desk setup if that’s what you’re looking for. It also doesn’t take up a lot of real estate, and the build quality is very premium. Plus setting it up was laughably easy. I took it out of the box, turned it on, went to Bluetooth settings and clicked connect. Done. Have a nice day.

So, I have to come back to this question: Is this keyboard worth it? Well, if you care about Touch ID, or you want a keyboard that is fully within the Apple ecosystem. It might be worth it. If you want a very good typing experience that is similar to a MacBook Pro for example, it might be worth it. But the thing is that there are keyboards out there that cost less money that do most of what this keyboard is capable of. Which begs the question. Why do I have one? I am in the midst of redoing my desk setup and I wanted a wireless keyboard that occupies less space as I am now moving towards using my MacBook Pro in clamshell mode. So that combined with wanting Touch ID as some of the apps on my MacBook Pro use it made it worth it for me. But honestly, I had to really think long and hard about the “worth it” part before I took out my credit card to pay for this at the Apple Store. Or to put it another way, 95% of you reading this review shouldn’t buy this keyboard and instead you should look to options from companies like Logitech, Keychron, or Matias who are my go to recommendations for Mac keyboards. Chances are those keyboards are going to be worth it for the 95% of people who need a Mac keyboard as you get features like incline adjustment and backlighting which are strangely absent from Apple’s offering for way less money.

2 Comments »

A Rather Bad iCloud #Scam Email Is Making The Rounds… And It Has A Twist To It

Posted in Commentary with tags on May 4, 2024 by itnerd

Scammers are really not even trying anymore. I say that because for the second day in a row, I am writing about a scam where the scumbag scammer doesn’t seem to be putting in any effort into making the scam convincing enough that someone would fall for it. It starts with this email hitting your inbox:

If these scumbag scammers are trying to copy Apple’s look and feel, they’ve failed miserably. Assuming that this email which I am certain isn’t in the same star system as Apple’s in house branding guidelines doesn’t scream scam. This might:

That’s not an apple.com email address. Total #Fail. Besides those two things, I’ll point out that Apple lets you have 5GB of storage for free. After that, iCloud storage costs you money as evidenced by this link. So what the people behind this scam are trying to do is leverage the fact that the next jump in terms of storage capacity is 50GB, and that is normally a paid tier of storage that if you buy into the email is now supposedly “free”. Plus the added incentive for you to click through is that bad things will happen to you if you don’t do so. As in your files will get deleted. Which is false as Apple will never delete anything in an iCloud account. What will happen is that you will not be able to save anything into an iCloud account that is out of storage. But what’s already there will remain there.

I’m pretty sure that 99% of people who get this email will simply delete it. But as I have said numerous times, scams don’t have to be successful in volume to be successful. Thus let’s see what the 1% who click through see:

This fake iCloud website is only slightly more convincing than the email in terms of trying to copy Apple’s branding as well as their look and feel. And by the way, seeing as I haven’t logged into anything, how could this website know that my iCloud storage is full? It can’t which is further evidence that this is a scam. But let’s go down the rabbit hole. Clicking continue gets you this:

There’s this questionnaire that they want me to fill out. Why? What relevance does the following have to my iCloud storage:

  • Where am I
  • Gender
  • Age

Logically, Apple would already have this information if I logged into my iCloud account. Which I haven’t. Oh, by the way, this scam website makes reference to Apple’s “loyalty program”. News flash, Apple doesn’t have one. Then there’s the countdown clock to entice you to click through and do what the website wants you to do. Apple would never do that. Finally, if you look at the address bar, that’s not an Apple website as the address doesn’t end in “apple.com”. So yeah, this is still a scam. Anyway, the website once you answer these dumb questions will say you’ve qualified for the upgrade of your iCloud storage.

Yee haw.

Here’s what happens next:

You can already guess where this is going. The scumbags want to swipe your credit card details along with possibility your iCloud username and password. Let’s see if I am right:

So it appears that I am right about the fact that they want to swipe your iCloud credentials. Why I don’t know. But other than faking that this is a legitimate site, which they didn’t even try to do earlier on in this scam when they perhaps should have to make the scam more convincing, there doesn’t seem to any other reason that I can think of for this to exist. So I entered some bogus credentials into this site to get to this:

And here’s the part where the unwitting type in their credit card details so that these scammers can go to town at your expense. And look at the top right corner. This transaction is Verified By Visa and MaterCard. Sure it is. Anyway, the page has logic in it to verify the card number. Thus I wasn’t able to go past this screen. But you get the point.

In my opinion, this is a pretty unconvincing scam that maybe 1% of the population will fall for. But I guess that these guys are fine with a 1% success rate as that could be hundreds or thousands of dollars every time someone falls for it. I’ll be reporting this scam website to Google, Firefox and Microsoft which means that this website will have even less traffic.

Before I go, there’s one more thing. If you go to this site using Google Chrome (I used Firefox for the screenshots above), you get this:

Great, this is one of these scam websites that is going to be a pop up hell. And sure enough:

It seems I am correct. Just because I have nothing better to do, I will click on the McAfee one and see what happens:

It sent me to another website that pretended to scan my computer and it pretended to find all sorts of viruses. What’s hysterical about this is that it says that my phone is damaged by viruses. But I was running macOS inside a virtual machine when I did this. What losers. If I click “renew subscription” it kicks me to the real McAfee website via an affiliate link which would allow the scumbags behind this to make a few extra bucks. So in short, they are trying to get you in any way they can. Just to rain on their parade, I reported this website to Google and Microsoft as well so I can put an end to their fun. It’s the least that I can do to help keep the Internet safe from scumbag scammers.

Leave a comment »

Palo Alto Networks Delivers The Most Comprehensive SASE Capabilities

Posted in Commentary with tags on May 3, 2024 by itnerd

Palo Alto Networks have announced its latest innovations to future-proof and transform the workforce with the launch of Prisma® SASE 3.0. Prisma SASE 3.0 now delivers Zero Trust to secure both managed and unmanaged devices with the industry’s first natively integrated enterprise browser, AI-powered data security, and acceleration of dynamic applications to perform up to five times faster.

In today’s work environment, employees demand the freedom to be productive from anywhere, using any device, and accessing any application. Current legacy SASE implementations are falling short of meeting these needs, inhibiting innovation and agility. Prisma SASE 3.0 includes enhanced capabilities to combat many challenges enterprises encounter as they rely on data to drive business:

  • Prisma Access Browser protects organizations with a natively integrated enterprise browser that extends Zero Trust protection to unmanaged devices in minutes. AI-powered security identifies up to 2.3 million new and unique attacks every day. Since 2022, more than half of employees, contractors, and third parties access corporate data from BYO devices like personal laptops and mobile devices, according to Forrester.1 With Prisma SASE 3.0 IT professionals can monitor and mitigate threats in real time, safely enabling the workforce to use any device to access any application.
  • AI-Powered Data Security is the breakthrough capability in data classification accuracy for Palo Alto Networks’ already comprehensive Data Security solution. The industry-first LLM-powered classification combines the strengths of context-aware machine learning (ML) models with the power of LLM-based natural language understanding to increase the accuracy of ML behavioral analytics to monitor and protect where sensitive data resides and travels. Prisma SASE 3.0 allows SaaS, GenAI, and cloud applications to drive business growth while securing corporate data.
  • App Acceleration provides up to 5x boost in applications’ performance compared to accessing them directly through the internet to help ensure maximum productivity and security. Prisma SASE with App Acceleration is the industry’s first SASE solution that accelerates applications individually for every user, leveraging patented app-aware technology. Palo Alto Networks is working with leading cloud service providers and enterprise applications, including Amazon Web Services (AWS), Slack, ServiceNow, Google, Zoom and SAP to enhance application performance, benefiting joint customers with faster response rates.

Prisma SASE continues to deliver industry-leading SLAs for security processing and app performance. Prisma SASE 3.0 and its updated capabilities will be generally available in the coming months.

Leave a comment »

A Text Message #Scam Using Scotiabank’s Name That Is Run By Incompetent Scammers Is Making The Rounds

Posted in Commentary with tags , on May 3, 2024 by itnerd

Now that tax season is over in Canada, I guess the scumbag scammers of the world have moved on to text message based phishing scams. Take this one using the name of Scotiabank:

Now this should stretch the boundaries of credibility right out of the gate because it references the first four digits of a Scotiabank debit card number. Why is that important? Every Scotiabank debit card starts with “4536”, which means that the scumbag scammers are hoping that you won’t pay attention to that rather than saying “if this were meant for me specifically, they would be using the last four digits of my debit card as that’s unique to me.” Another area where this text message loses credibility is the website that the scumbag scammers want you to go to. Scotiabank does not own a domain called “Https://auth-scotiabankcanada.com” nor would any communication coming from Scotiabank have a capital H in it. So who owns this domain? For giggles, let’s have a look:

Hmmm…. This traces back to .ru which is Russia the last time I checked. Maybe that’s accurate. Maybe it isn’t. But it sure isn’t Scotiabank.

So right there, we have more than enough evidence to say that this is a scam, and that you should delete this text message. But because that’s not how I roll, let’s see what happens when I click on the link which by the way you should never ever do:

Well, I see that it’s amateur hour with this particular scumbag scammer. I say that because whomever is behind this scam can’t set up a website that uses SSL encryption properly. That means that 99% of people will not get scammed because these clowns are too stupid to set the scam up properly so that a web browser can get to the scam website. More on how they screwed that up in a second.

So after figuring out where they went wrong with their website, and passing by a CAPTCHA (which seems to be a thing with these phishing websites as of late) that even snagged my IP address:

I got this:

I wonder how that compares to the real login screen for the real Scotiabank website…..

It’s a very, very good copy of the real Scotiabank website. Though the real site uses SSL encryption as evidenced by the padlock in the address bar at the top left. And the fake one doesn’t use SSL encryption at all. This is noteworthy because the text message that the scammers send you uses “HTTPS” in the link that is in the text message. That means that if you click on it, the web browser will request an SSL encrypted web page. And when it doesn’t get it, the browser throws an error message like the one that I took a screen shot of. Now this combined with the fact that web browsers in 2024 want only deal with SSL encrypted web pages, and warn you when they don’t get one as it’s a bit of a security risk, shows you that these scumbag scammers really didn’t do their homework. Thus as a result they screwed up the execution of this scam.

Regardless, I can see how someone might be fooled by this scam website. Not to mention the fact that if you look at the address bar, you’ll see “https://auth.scotiaonline.scotiabank.com” which is very similar to the scammer’s website which is “https://auth-scotiabankcanada.com”. This is an old trick that scammers use where they will come up with a URL that unless you’re paying attention, you might not notice that it’s not the same as the website that you are used to going to. That highlights the fact that you need to look at the URL closely before you type your credentials into a website. Or better yet, bookmark the websites that you go to and only use your bookmarks so that you know that they can be trusted.

Back to the scam. I entered some bogus credentials and got this:

Based on the questions, it looks like the scumbag scammers are running an identity theft scam for starters. I am basing that on asking for your mother’s maiden name which is a common security question. I entered some bogus info and got this:

So it’s not just your identity that they’re after. They want your card number right down to your ATM PIN number. That suggests to me that anyone who is unlucky enough to fall for this scam might be dealing with a group of scumbag scammers who are going to use this info to drain your bank account dry. Possibly by going to an ATM with a card that they create with this information. That implies that the scammers might be in Canada. And the Russian registration may be a ruse.

So, given the incompetence of the scammers behind this, combined with the fact that I reported this scam website to Google via this link, and to Microsoft via this link, I suspect that this website will have few if any victims. But it illustrates that you really need to question the legitimacy of anything and everything, along with doing some detective work if required to stay safe online. I say that because even incompetent scumbag scammers like these ones can get lucky and get a great payday at your expense.

Leave a comment »

Guest Post: Are You Heading for a Compliance Disaster?

Posted in Commentary with tags on May 3, 2024 by itnerd

By STEVE LEEPER, VP, PRODUCT MARKETING – Datadobi

How StorageMAP Helps You Steer Clear – Transforming Compliance Nightmares into Strategic Wins with Next-Gen Unstructured Data Management

Even with top-notch experts leading the charge – managing data in regulated industries is no walk in the park.

For instance, take healthcare providers in the U.S. They have to deal with different rules for how long to keep patient records, depending on the state, all under HIPAA regulations. Over in Europe, companies have to be careful with how long they hold onto personal data, thanks to the GDPR, making sure not to keep it a day longer than needed. And, there are rules like SEC 17a-4 in the finance sector that require certain data to be kept just as it is – no changes or deletions allowed. Each industry has its own set of data rules to play by, and it can get pretty tricky to keep everything straight.

And, the stakes are high! A slip-up doesn’t just result in a slap on the wrist – it could lead to crippling fines, irreparable reputational damage, and protracted legal battles.

Businesses are between a rock and a hard place. On the one hand, they could get hit with penalties if they don’t keep data long enough. On the other, they might face fines if they hang onto it too long. And with rules always changing and business demands ramping up, the pressure just continues to escalate.

In fact, according to Accenture, the cost just to stay compliant could jump by as much as 30% in the next few years, with the demand for regulatory technology (RegTech) expected to triple, hitting an estimated $204 billion by 2026.

So… what are your options? Where should you begin? A step in the wrong direction could lead to rather serious, and highly expensive ramifications (not to mention, be a tad career-limiting).

I would respectfully offer you should really take a look at StorageMAP. StorageMAP is unparalleled in its ability to help businesses get their arms around their data while slashing risks and costs. It really makes a hard job a whole lot easier. Here’s how:

  • Full Insights – provides comprehensive visibility into your data landscape, illuminating everything from ownership to activity levels – crucial for heavily regulated industries that must account for every bit of data they handle
  • Customizable Dashboards and Reporting – offers fully customizable dashboards for monitoring and reporting, providing insights into compliance status, data health, and operational efficiency
  • Data Organization – organizes data efficiently, tagging and classifying it according to business and legal requirements – key in industries where data must be meticulously managed to comply with strict regulations
  • Risk and Cost Reduction – ensures data is in the right location and managing inactive or orphaned data, StorageMAP reduces both the risk of non-compliance and the costs associated with data storage and management
  • Data Mobility – data mobility capabilities are built to handle the scale and complexity of unstructured data, enabling actions like data migration, archival, and cleanup in compliance with regulatory requirements
  • Advanced Integrity Protection (AIP) – ensures the highest level of data security, crucial for industries where data breaches can lead to significant legal and financial penalties
  • Vendor Agnostic – operates across heterogeneous storage systems and clouds – ensuring optimal capabilities, protection, and security, as well as vendor lock-in avoidance, cost-efficiency, and maximum ROI
  • Policy-Based Data Movement – facilitates archival, cleanup, and other data management actions based on predefined policies – ensuring ongoing compliance with industry regulations

Regulations are really piling up everywhere, becoming stricter and more widespread across almost every industry around the world. Why is that? Well, it’s a combination of factors. Technology is advancing rapidly. International trade is becoming more complex. People are more concerned about the environment. And, there’s a stronger emphasis on privacy and data security. As a result, governments and regulators keep rolling out new rules to tackle the latest issues, protect consumers, and promote greener practices. For you and your business, it just means there are even more hoops to jump through to make sure you’re staying compliant.

Not to worry… With StorageMAP, you get all the capabilities you need to more easily navigate the compliance landscape. And, as regulations keep evolving, StorageMAP has your back… making sure you don’t just survive but thrive.

Leave a comment »

Dropbox Sign Has Been Pwned…. And It’s Not Good If You’re A User Of This Service

Posted in Commentary with tags , on May 3, 2024 by itnerd

If you pay a visit to this link, you’ll see that Cloud storage firm Dropbox has disclosed that hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information:

On April 24th, we became aware of unauthorized access to the Dropbox Sign (formerly HelloSign) production environment. Upon further investigation, we discovered that a threat actor had accessed data including Dropbox Sign customer information such as emails, usernames, phone numbers and hashed passwords, in addition to general account settings and certain authentication information such as API keys, OAuth tokens, and multi-factor authentication.

For those who received or signed a document through Dropbox Sign, but never created an account, email addresses and names were also exposed. Additionally, if you created a Dropbox Sign or HelloSign account, but did not set up a password with us (e.g. “Sign up with Google”), no password was stored or exposed. We’ve found no evidence of unauthorized access to the contents of customers’ accounts (i.e. their documents or agreements), or their payment information.  

From a technical perspective, Dropbox Sign’s infrastructure is largely separate from other Dropbox services. That said, we thoroughly investigated this risk and believe that this incident was isolated to Dropbox Sign infrastructure, and did not impact any other Dropbox products.

Well, that’s pretty bad. But at least they admitted to it rather than kicking that can down the road for as long as they could get away with doing so. Melvin Lammerts, Hacking Lead, Hadrian had this to say:


“Dropbox was upfront about their security breach, which is good. The fact that hackers gained access through a backend service account is worrisome. The leaked customer information could lead to possible account takeovers, highlighting the importance of robust security measures for backend service accounts and effective methods for detecting unusual activity. This incident demonstrates why companies need to be constantly testing their security in all systems, including those not (fully) publicly accessible.”

Ted Miracco, CEO, Approov Mobile Security:

   “Considering this is the second breach in two years, a comprehensive security review of Dropbox’s entire ecosystem is advisable. This review should be conducted with external cybersecurity experts to ensure impartiality and a fresh perspective on security challenges. Dropbox has already taken some crucial initial steps such as resetting users’ passwords, logging users out of devices, and rotating API keys and OAuth tokens. These actions are essential to securing accounts and preventing further unauthorized access.”

If you use Dropbox Sign, you might want to put your head on a swivel for the next little while as I am certain that secondary attacks are coming. As for Dropbox, the fact that they put this out there is good. But they will have a lot of questions that they need to answer in the coming days and weeks, along with reassuring their customers that this won’t happen again because they’ve taken all required steps to secure customer data.

Leave a comment »

Siri On The HomePod Is Currently Broken As It Can’t Tell You What Time It Is

Posted in Commentary with tags on May 2, 2024 by itnerd

Siri is sometimes pretty useless as a digital assistant. But you know it has hit peak uselessness when it can’t even tell time. This is currently happening to HomePod users everywhere at the moment:

Seeing as this is functionality that usually works fine, and there have been no software updates from Apple lately, this has to be a server side issue. Thus one has to assume that Apple will fix this eventually. But in the meantime, this won’t help Siri’s reputation in the slightest.

UPDATE: As of 5PM EST, this is now fixed.

Leave a comment »

Almond Releases The Second Edition Of Its Threat Landscape

Posted in Commentary with tags on May 2, 2024 by itnerd

Almond, a major French independent player in cybersecurity, publishes the second edition of its Threat Landscape.

This 2023-2024 edition reveals an alarming reality: The threat is intensifying and no longer distinguishes between sectors.

While three groups of hackers dominate the DDoS ‘market’, Almond notes a growing trend among cybercriminals towards the professionalisation of their organisations.  Once resembling an SME, they now resemble a hierarchical structure, like large corporations, with substantial human and financial resources,

In a year marked by numerous conflicts, and with several major elections – in Europe and the United States – and the Olympic Games on the horizon, this Threat Landscape offers a wealth of key figures and insights into these topical issues.

The acceleration of attacks is accompanied by unprecedented sophistication, forcing us to rethink the paradigms of cyber defence. In particular, AI is becoming an essential tool in the cybercriminals’ arsenal, as the use of a Large Language Model (LLM), which aggregates millions of pieces of data, makes it possible to design malicious content very simply through automation.

In a nutshell : Almond’s team has analysed the threats that organisations need to prepare for:

  • An update on new attack techniques
  • Energy and telecommunications: infrastructures under threat
  • An overview of geopolitical risks
  • The Paris Olympics, tense elections: the burning challenges of 2024

You can grab a copy of these insights here (English translation here).

Leave a comment »

« Older Entries
Newer Entries »