Review: EnGenius EXT1105P Switch Extender

Posted in Products with tags on April 11, 2024 by itnerd

The EnGenius EXT1105P Switch Extender is an interesting piece of kit with a very specific use case. And to understand that use case, let’s look at the the EnGenius EXT1105P Switch Extender:

This is the business end of the EnGenius EXT1105P Switch Extender. The gigabit input port is compatible with PoE++, which gives an input power of 51W to the switch, and the additional gigabit ports can all provide PoE+. With 802.3at PoE+, this can provide up to 25.50W to a device. And that’s all there is to this switch extender. There’s no power adapter on it because all the power comes in via the input port. Thus the use case for the switch extender goes something like this:

  • You need to power a bunch of devices in some corner of an office or warehouse that doesn’t have easy access to mains power. To get around that, you run a PoE cable to the location and plug it into this switch extender’s input port.
  • You then plug in your devices into any of the 4 ports. Given the level of power that it supports, I am guessing that this is intended for cameras or lower powered devices.

Setting this up was what I expect from any EnGenius product. Which is that it was laughably easy. All I had to do was the following:

  1. Power on the switch
  2. Use the QR code on the base of the switch to add it to the EnGenius app
  3. Done. Declare victory and have a beer.

After that I pugged in some PoE cameras that I borrowed from a client of mine and everything was working perfectly. There’s honestly not much more to say here as it does exactly what it says it is supposed to do with ease. I could complain that it doesn’t do 2.5 Gbps Ethernet if I wanted to nitpick something. But that would likely require more power and make this solution border on unworkable. The EnGenius EXT1105P Switch Extender goes for $119 USD and if you have a use case involving PoE that fits this switch extender, consider this a must buy.

Leave a comment »

Increased Risk Among Immature Threat Actors, Ransomware Operators: Research From GuidePoint Security

Posted in Commentary with tags on April 11, 2024 by itnerd

GuidePoint Security has released new research intelligence that explores the differences between the ransomware groups we “see on TV” – the large, established, and well-resourced RaaS operations – and the smaller, ad hoc, opportunistic, or “immature” ransomware groups that operate more quietly, generally impacting less well-defended victims. 

GuidePoint Security’s researchers highlight the increased risks and behaviors associated with such groups and provide two case studies of immature, high-risk groups – Phobos and DATAF LOCKER – that they observed during recent incident response efforts.

Popular images, depictions, and understanding of modern ransomware groups often focus on the largest and most established groups, maintaining media attention through high-profile attacks and sensationalist extortion tactics. 

While this segment of the ransomware ecosystem exists and remains, relevant, immature ransomware groups operating on the fringe continue to harm smaller and less well-defended organizations, often without a recognizable brand or name to aid in attributing and ascribing deceitful behavior. 

You can read the research here.

Leave a comment »

Cado Security Joins Wiz Integrations (WIN) Platform to Enable Cloud Forensics and Incident Response

Posted in Commentary on April 11, 2024 by itnerd

Cado Security today announced its partnership with cloud security provider Wiz and joins Wiz Integration (WIN) Platform. Cado Security enhances WIN by bringing the power of the Cado Security platform to the partner ecosystem so that Wiz customers can seamlessly integrate Cado into their existing cloud security workflows.

Mutual customers receive the following benefits:

Accelerate response time to cloud threats: Customers are enabled to rapidly kick off forensics investigations of AWS EC2 instances and automate forensics investigations of cloud resources using Wiz’s one-click forensics capabilities to accelerate the path to root cause and remediation.

Gain deep insights into the impact of threats: This integration empowers customers with deep forensics analysis capabilities, such as Cado’s AI Investigator, to better understand the root cause, scope, and implications of cloud-based threats, improving an analyst’s ability to respond appropriately.

Simplify incident response: Customers gain instant access to cloud resources and potentially compromised systems without configuring additional access requirements or having to work through other teams, saving analysts critical time during an investigation.

The combined value of these two offerings will streamline security for organizations on a cloud journey, regardless of where they may be on that journey.

WIN enables a cloud security operating model where security and cloud teams work collaboratively to understand and control risks across their cloud and software development lifecycle. Wiz integrates with a wide-range of technologies by partnering with companies like Cado Security to maximize the operational capabilities of organizations in WIN.

Leave a comment »

Telehouse launches new subsidiary to power Canadian digital innovation and growth

Posted in Commentary with tags on April 11, 2024 by itnerd

Telehouse, a leading global colocation data centre service provider, announced the launch of Telehouse Canada, bringing Canadian businesses the improved IT infrastructure and connectivity services needed to power Canadian growth and innovation. 

As Canadian organizations across all industries continue to invest in digital transformation and scale through advanced technologies like AI and Cloud Services, Telehouse Canada will meet the growing demand for highly resilient colocation services, digital connectivity and the enablement of High-Performance Computing.

Today’s announcement comes after Telehouse, together with parent company and Japanese telecommunications leader, KDDI, signed an agreement to acquire three Toronto data centres in June 2023. When fully operational, the new carrier-neutral data centres will provide more than 30MW of IT load.

KDDI has been steadily expanding Telehouse’s presence into new international markets since establishing the first Telehouse data centre in New York in 1989.  With the launch of Telehouse Canada, Telehouse now operates over 45 data centres across 10+ countries.

Leave a comment »

UK and Irish Taxi Passengers PII Exposed In Data Breach

Posted in Commentary with tags on April 11, 2024 by itnerd

Nearly 300,000 passengers using taxi apps that are powered by iCabbi, a Dublin-based cloud-based taxi dispatch system provider, had their personally identifiable information exposed according to cybersecurity researcher Jeremiah Fowler. 

The key findings are the following: 

  • Over 22,000 records; 
  • Several .csv documents revealing customers’ PII such as names, email addresses, phone numbers; 
  • Hundreds of thousands of email addresses including from renowned media outlets and government agencies. 

Should this data had been discovered by ill-intentioned hackers could have put their users across the UK and Ireland at risk to phishing attacks, identity or financial theft, and more.

You can find out more details here.

Leave a comment »

Epilepsy Foundation of Metropolitan New York Pwned In Ransomware Attack

Posted in Commentary with tags on April 11, 2024 by itnerd

After several days of reporting on supply chain attacks, it’s back to reporting on ransomware attacks on healthcare.

The Epilepsy Foundation of Metropolitan New York (EFMNY) was hit by a ransomware attack compromising confidential patient information. The foundation is dedicated to raising epilepsy awareness and assisting individuals in finding treatments, support, and resources. 

Attackers were able to encrypt some systems within the EFMNY’s network and according to the breach notification letter, the attack led to “the unauthorized access and/or acquisition of certain files from within the network.” This incident is characteristic of a double-extortion ransomware attack, where data is first stolen and then encrypted on the victim’s systems, with threats of data leakage unless a ransom is paid. 

Compromised data included:

  • Date of Birth
  • Social Security number
  • Account number
  • Medicare ID
  • Medicaid ID
  • Diagnosis code
  • Treatment location
  • Procedure type
  • Provider name
  • Treatment cost
  • Medical date of service
  • Billing/Claim information
  • Health insurance information

The organization’s subsequent investigation revealed that the electronic health record database remained unaffected. Nevertheless, unauthorized access to specific documents and folders within their systems was confirmed. Following “a comprehensive manual review,” we determined that “individual personal information may have been accessed and/or acquired by the unauthorized party.”

BullWall Executive, Carol Volk: (she/her)

   “Here we go again, another day, another ransomware attack. This time, the victim is the Epilepsy Foundation of Metropolitan New York (EFMNY), a critical organization providing support and resources for those affected by epilepsy. This incident underscores a disturbing cyberattack trend we see all too often, especially within the healthcare sector, where sensitive patient data becomes fodder for cybercriminals’ extortion schemes.

   “Historically, healthcare organizations have been prime targets for cyberattacks due to the valuable nature of the data they hold. Attacks on hospital & care facilities have been accelerating over the past 12 months, leading to the disruption of patient care and confidentiality. The impact of the EFMNY attack is profound, not just for the organization but for the individuals whose sensitive data was compromised. 

   “It brings to light the vulnerability of even specialized, non-profit healthcare entities and underscores the broader industry challenge of securing patient information against increasingly sophisticated cyber threats.

   “To mitigate such incidents, organizations must adopt a layered security strategy that includes regular cybersecurity awareness training for all employees, rigorous access controls, and the implementation of advanced threat detection tools, including ransomware containment. Equally important is the need for a robust incident response plan that can swiftly address data breaches, minimizing damage. As we’ve seen in the past, no entity is immune, and proactive measures are the best defense against relentless and evolving cyber threats.”

At this point I should start copying and pasting my thoughts on ransomware attacks on healthcare institutions because they honestly haven’t changed. Healthcare isn’t doing enough to protect themselves because they don’t have enough resources to protect themselves. That needs to change or I will continue to write stories like these day, after day, after day with no end in sight.

Leave a comment »

Appdome Partners With Atlassian To Automate Delivery Of Secure Mobile Apps

Posted in Commentary with tags on April 10, 2024 by itnerd

Appdome, the mobile app economy’s one-stop shop for mobile app defense, today announced it has released a new plug-in for the CI/CD cloud-based service from Atlassian Bamboo. The new pre-built plug-in connects the Appdome unified mobile app defense platform to Atlassian Bamboo CI/CD and enables teams to continuously code, build, validate, test and sign Appdome-secured mobile applications from the Bamboo CI/CD with ease. This new plug-in is part of the Appdome Dev2Cyber Agility Partner Initiative to advance the delivery of secure mobile apps globally.

Manual methods of coding or integrating point products for obfuscation, RASP, anti-tampering and other defenses in Android and iOS apps are complex, resource-intensive and brittle. The Appdome Unified Mobile App Defense platform leverages machine learning and automation to code, build, validate, test and release cybersecurity, anti-fraud and other defenses in iOS and Android apps. With the new Appdome for Atlassian CI/CD Plug-In, Atlassian Bamboo customers can fully automate the end-to-end lifecycle for any of Appdome’s 300+ mobile app defenses including runtime application self-protection (RASP), code obfuscation, mobile data encryption, man-in-the-middle attack prevention, anti-malware, anti-fraud, anti-cheat, anti-bot, geo compliance, social engineering and other protections and keep pace with modern DevOps pipelines.

Today, global consumers demand more protection than ever in their mobile app experiences. Appdome’s recent global consumer survey revealed that 94% of global consumers would promote a brand if the mobile apps protected them against security, fraud and malware risks. 68% also indicated they would abandon brands that offered no protection.

For more information on how to use the Appdome Build2Secure Task for Atlassian Bamboo, please see this knowledge base article.

Leave a comment »

Cyware Taps Cyber Channels Vet Stephan Tallent to Lead MSSP Program

Posted in Commentary with tags on April 10, 2024 by itnerd

Cyware, leaders in threat intelligence management, security collaboration, and orchestrated response, has appointed Stephan Tallent as the new Head of Managed Security Service Providers (MSSP) Program. 

He has a proven track record of propelling organizations towards revenue growth and market leadership, demonstrated through his pivotal roles at Stellar Cyber, Cybereason, Fortinet, and in the telecommunications industry over the last two decades.

This strategic hire will fuel Cyware’s channel-first strategy and enable rapid market adoption of the organization’s modern approach to Cyber Fusion.

Stephen’s expertise lies in creating and launching innovative services, optimizing sales operations, and leading new partner recruitment. These efforts have consistently resulted in improved business outcomes and operational effectiveness in security service delivery for his previous employers and their partners.

At Cyware, Stephan’s role will be crucial in shaping the future of MSSP engagements. His focus will be on the development of valuable service offerings and the deployment of best-in-class solutions that address the current and emerging needs of MSSPs. 

He joins Alex Bender, who was recently appointed as CMO. With 22 years of cybersecurity marketing experience, Alex joined after serving as the CMO of Invicti Security. Prior to Invicti, Alex served as the SVP of Global Marketing at Mimecast, contributing to its growth as the leading cloud email security provider and managing a team of 100+ marketing professionals globally. Alex has also held cybersecurity marketing leadership roles at RSA Security, Archer Technologies, McAfee, and Tripwire.

Leave a comment »

Introducing Google Cloud Contact Centre AI from Bell

Posted in Commentary with tags on April 10, 2024 by itnerd

Bell Canada has announced the availability of Google Cloud Contact Center AI (CCAI) from Bell for Canadian businesses – the first fully AI solution for Bell enterprise and mid-market customers.

Google Cloud’s CCAI from Bell is a managed solution supported by professional services expertise that enables intelligent customer and agent experience leveraging generative AI-infused technology. Providing rich conversational experiences and analytics, Google CCAI from Bell offers scalability and flexibility that can be added to existing contact centre environments and to cloud contact centres of any size.

Google’s CCAI solutions can deliver exceptional outcomes, as Bell has experienced with its own implementation. Bell will work with customers to customize use cases that leverage the power of the innovative technical solutions available with Google CCAI from Bell, including:

  • Virtual Agent – Natural-sounding virtual agents reduce call volumes and accelerate time-to-resolution by collecting key information to answer simple customer queries, freeing human agents to handle more complex issues. When customers do need to speak to an agent, they’ll reach one faster and be automatically directed to the agent with the right expertise to solve their issue.
  • Agent Assist – A virtual supervisor of sorts, Agent Assist uses real-time natural language processing to determine customer needs and sentiment and offers step-by-step recommendations to help agents deliver the best responses and solutions with confidence. Faster agent onboarding, improved customer experience, reduced callbacks for the same issue, and improved sales are proven outcomes of Agent Assist.
  • Analytics and Insights – Actionable insights into customer experience and sentiment help managers and agents learn from every interaction. Analyses of interactions provide a better understanding of business trends, interaction drivers, traffic, and other key metrics. Insights support strategic business decisions, tailored agent coaching, and result in more data-driven workforce planning and management.

Bell is also deploying both the virtual agent and contact centre as a service AI solutions (CCAI and CCAIP) within its own contact centres, digitally transforming and AI-enabling their internal solutions, delivering improved customer experiences to Bell customers, and helping them develop deep expertise to guide Canadian businesses with their own integrations. Bell provides customers with end-to-end managed support – from assessment of the best fit solutions, to customer journey mapping and optimization, workforce management and quality assurance, technology and applied AI integrations, and optimization of agent experience and change management.

As a Premier Level Partner for Google Cloud in the Sell Engagement Model and 2024 Google Cloud sales Partner of the Year – Canada recipient, Bell offers enhanced expertise within Google Cloud. Bell will now add Google CCAI solutions to its Contact Centre Practice, which has a proven track record of successful premise and cloud contact centre implementations with a commitment to customer satisfaction.

The availability of Google CCAI is a significant milestone for Bell as the company continues to support Canadian businesses in their digital transformation journey with next-generation solutions. Bell itself is undergoing a company-wide digital transformation, and in addition to Google CCAI services, is in the process of deploying other solutions within its contact centres, including Google Cloud Contact Centre AI Platform. Join Bell at this year’s Google Cloud Next conference starting today (April 9-11, 2024) to learn more about how these AI solutions are driving digital transformation among Canadian businesses, and why Bell looks to leverage these same solutions internally.

Leave a comment »

Uber Introduces New Customizable Late Night Safety Feature

Posted in Commentary with tags on April 10, 2024 by itnerd

Starting today, Uber will begin giving riders across Canada even more control over their on-trip experience, especially at night.

Whether it’s drinks with friends, a sports game, or a first date, going out at night should be fun and safe. 81% of riders say safety is an important reason why they choose to ride with Uber. With today’s new feature, riders are in control. 

Today Uber is launching safety preferences, a new one-stop destination in the app where riders can set and forget a bundle of safety features. Features can be customized to automatically turn on based on:

  • Time of day — like for every ride after 9pm, or only on weekends
  • Location — within 50 meters of a bar or restaurant
  • Or for every trip

Safety features riders can schedule include:

  • Audio Recording: Riders can record audio during a trip, and send us a recording if something goes wrong. All audio recordings are encrypted and stored securely on the rider’s device. Their recording will be locked, and no one—not the driver, not Uber, not the rider—has access to it. Uber can only access the recording if the rider reports a safety incident and chooses to share the recording with Uber. 
  • PIN verification: Riders have the option to receive a four-digit PIN code to provide to a driver before the trip can begin. This helps ensure you’re getting into the right car. 
  • RideCheck: RideCheck helps detect if a ride goes off-course, stops unexpectedly, or ends early and sends an in-app check-in. With safety preferences riders can choose to receive check-ins more frequently. When this happens we will check-in to ask if everything is ok and offer resources to help. 
  • Share My Trip: Riders can automatically share their live location and trip details with a friend or family member. This can now be automated for every trip, or only after a certain hour or when leaving a bar and restaurant. 

There are two different ways to set it up:

  • In the Account tab, scroll down and tap “Settings”, and then “Safety preferences”
  • While on a trip, tap the Safety Toolkit blue shield, and then tap “Set up safety preferences”

Leave a comment »

« Older Entries
Newer Entries »