Is The “Digital Key” Feature Available On Hyundai Canada Cars? Inquiring Minds Want To Know

Posted in Commentary with tags on January 18, 2024 by itnerd

I was directed to this Reddit thread by a reader. In short, it has a guy who started said thread complaining that he bought a 2024 Hyundai Elantra sedan partially because it supposedly came with feature that allows you to unlock your car using your smart phone or smart watch. The feature is called “digital key” and it’s been slowly rolling out to various car brands over the last few years.

The thing is, when he couldn’t get it working, he reached out to Hyundai Canada and this is what they replied with:

Here’s the problem with this statement. If you go to the Elantra section of the Hyundai Canada website, and scroll down about half way, you see this:

So it lists digital key as a feature. That makes Hyundai Canada’s response a bit suspicious as the kids say. But I figured, maybe this only applies to certain trim levels. Thus I paged through the Specs section noting that in his post on Reddit he had said that he had the “Luxury” trim level and found nothing that provided any further clarity.

Here’s the thing, long time readers will remember that Hyundai Canada back in 2015 went through a bit of a PR crisis where people who were mad due to the fact that US buyers were promised Apple CarPlay and Android Auto via future software updates, but Canadians didn’t get the same treatment. Now Hyundai Canada didn’t promise this at all to Canadian customers, but likely because of the blowback from owners and perhaps my coverage of this, Hyundai Canada made good and delivered that update to Canadians for free. In short, they underpromised and over delivered.

Fast forward to this situation, it looks like to me that Hyundai Canada has done the exact opposite here. They clearly have this feature on their website. But they for whatever reason aren’t able to deliver it to Canadian consumers who buy their cars. So unless the person in that screen shot above was seriously misinformed, Hyundai Canada really has some explaining to do. Because besides the fact that any sort of “digital key” in a car is a feature that I along with many consumers would be looking for in a new car, this really has the feel of false advertising at worst. At best this is one hell of a screw up by Hyundai Canada. I’d really like to find out what Hyundai Canada has to say about this and what the actual truth is so that any potential buyer of any Hyundai vehicle knows what the deal is.. So if Hyundai Canada reads this, they can reach out to me via my about page and tell me what their side of the story is, and I will publish it as soon as I get it in my inbox.

Leave a comment »

Stream+ from TELUS Is Bringing Canadians A Streaming Bundle With Netflix, Disney+ and Prime Video For One Price

Posted in Commentary with tags on January 18, 2024 by itnerd

Today, TELUS introduced a new Stream+ bundle, bringing together three of Canada’s most popular streaming services, Netflix, Disney+ and Prime Video, in one package. Stream+ is available exclusively to TELUS customers nationwide, offering customers access to thousands of content titles at an unbeatable price, with affordable plans starting at $20 per month – a monthly cost savings of 17%. The new Stream+ bundle sets the stage for non-stop winter entertainment where customers can enjoy their favourite TV shows and movies from the comfort of home or on-the-go.

Stream+ offers two new enticing bundles:

  • Stream+ Basic: For content streamers looking for great value, the Stream+ Basic bundle provides Netflix Standard with Ads, Disney+ Standard with Ads, and Prime Video all for just $20 per month.
  • Stream+ Premium: For those seeking the ultimate streaming experience and unbeatable value, the Stream+ Premium bundle offers Netflix Premium, Disney+ Premium, and Prime Video for $38 per month.

Stream+ includes not only Prime Video, but a full membership to Amazon Prime (valued at $9.99 per month or $99 per year), giving customers access to unlimited fast, free delivery on millions of items, including One-Day Delivery to most cities and towns and Same Day Delivery in select cities, ad-free listening of millions of songs on Amazon Music Prime, free gaming benefits with Prime Gaming, thousands of books with Prime Reading, unlimited photo storage with Amazon Photos, among others.

Whether viewers are looking for heartwarming family sitcoms, iconic classic movies or captivating docu-series, Stream+ has everything you need for the perfect streaming marathon. Popular content titles include Emmy-award winning, global hit drama series The Crown on Netflix; Marvel Studios’ Loki on Disney+; and the global success The Lord of the Rings: The Rings of Power on Prime Video.

Streaming enthusiasts can easily add the new Stream+ bundle with eligible TELUS services directly on their My TELUS website or app, and watch from multiple devices simultaneously – including their TV, smartphone, tablet and laptop. This means customers can manage their subscriptions in one convenient place and binge-watch their favourites at home or on-the-go anywhere, any time. Customers who already have a subscription to one or more of the three streaming services can now link their existing accounts to the Stream+ bundle and enjoy these incredible savings – with no change to their preferences, viewing history or profiles.

For more information and to sign-up for Stream+, visit telus.com/streamplus

Leave a comment »

JPMorgan Chase Gets Attacked By Hackers 45 BILLION Times A Day…. WTF??

Posted in Commentary with tags on January 18, 2024 by itnerd

Here’s a mind blowing stat for you. US finance firm JPMorgan Chase gets attacked by hackers an astonishing 45 million times a day. Here’s the details:

Mary Callahan Erdoes, Chief Executive of JPMorgan’s Asset & Wealth Management line discussed the increasing numbers of hacking attempts during a panel at the World Economic Forum in Davos.

‘The fraudsters get smarter, savvier, quicker, more devious, more mischievous,’ Erdoes said. 

‘It’s so hard and it’s going to become increasingly harder and that’s why staying one step ahead of it is really the job of each and everyone of us.’

JPMorgan isn’t the only bank dealing with a surge in cyberattacks.

Since Russia invaded Ukraine two years ago – rising global geopolitical tensions have caused cyber crime to skyrocket. 

Over 70 per cent of bank leaders in a 2023 KPMG survey reported being concerned about cyber crime and cyber insecurity. 

JPMorgan spends $15 billion each year just on technology to prevent cyber attacks as part of an effort to bolster its cyber defenses. 

This budget is up substantially from the $14.3 billion that the company spent on technology in 2022. 

Edroes also reported that JPMorgan Chase had employed 62,000 technologists to help secure systems and prevent hacking. 

Ken Westin, Field CISO, Panther Labs had this comment:

This type of messaging is not helpful to the industry without providing more specifics. It feels similar to the  “cyber apocalypse” we experienced a few years back to instill fear in consumers and businesses. In this instance, I am pretty sure they’re referring to vulnerability scans, DDoS attempts, bots etc. – most of which are automated and not really attacks, but I guess that depends on how they define an attack – context that I believe is lacking in this statement. Erdoes’ quote also refers to “fraudsters” which can also include credit card fraud, BEC attempts, etc. and not just “hackers.” We need to get beyond the fear, uncertainty and doubt (FUD) narratives in security, and focus on real threats with appropriate context – not push “monsters under the bed” narratives to keep CISOs up at night.

The fact that JPMorgan Chase hasn’t been taken out, at least not that we know of, is likely a good sign that their cyber defences are working. Whatever they are. It also highlights that other companies need to put in their level of effort to stay secure.

1 Comment »

Konica Minolta Delivers Layered Security Approach and Solutions for MFP Clients

Posted in Commentary with tags on January 18, 2024 by itnerd

 Konica Minolta Business Solutions (Canada) Ltd. today announced its recommended layered security approach for customers who operate the company’s bizhub MFPs (multifunction printers) and other print devices to help protect organizations of all sizes from today’s increasing cybercrime threats that can halt operations, incur millions of dollars in expenses and ruin business reputations.

Recent studies show the global average data breach cost in 2023 has risen to $4.45M – a 15 percent increase over the last three years. Additionally, the increase in hybrid workforces over the last few years and the associated types of office, laptop, mobile and remote devices connected to business networks and the internet has made it more important than ever to protect users and a company’s customers from malware and other threats at every endpoint.

Because new threats appear constantly, and smaller businesses don’t often have expert IT help on staff, Konica Minolta is strongly advising customers who operate the company’s MFPs and other print devices to protect help protect themselves with additional layers of security solutions, all based on each customer’s and their industry’s needs.

IT departments at many organizations may not have the ability to ensure machine security across all devices, so automated security capabilities can significantly reduce risk – including potential security breaches that can happen inside an organization with unauthorized users at an MFP. Konica Minolta addresses these risks with tools such as hard drive lock passwords, hard drive encryption, automatic deletion of temporary image data, and data overwrite of electronic documents on a timed basis. Konica Minolta’s layered security solutions include:

bizhub SECURE family of entry-level services – Includes enhanced password and data security protection as well as advanced encryption for data in transit and at rest in the MFP. Users are only able to access the MFP with a password that is locked and stored to protect access to documents.

bizhub SECURE Notifier – Allows an organization to receive alerts in real time to protect their bizhub SECURE settings and offers a multitude of password safeguards. Embedded antivirus and malware protection checks for incoming, outgoing and data at rest and sends alerts for security issues.

Antivirus and malware protection powered by BitDefenderTM – Enables the MFP to scan for viruses as data is received and before outbound transmission. Checks for incoming, outgoing and data at rest in the MFP that could contain malware, which can include viruses, Trojan horses, ransomware and spyware. BitDefender is a worldwide leader in cybersecurity, offering real-time device protection, 24/7.

Shield Guard – Takes protection to another level by providing anywhere, anytime access to make monitoring and managing the security of an entire print fleet faster and easier. A single dashboard delivers instant notifications and alerts to enable immediate action if security vulnerabilities are detected, ensuring industry compliance.

Dispatcher Paragon+ – Delivers enhanced security measures plus a consolidated view of an organization’s entire print, copy, fax and scan operations to help boost productivity. This advanced document workflow solution provides secure pull print across an entire fleet of devices and single sign-on (SSO) multifactor authentication.

Dispatcher Phoenix – Securely captures, processes and distributes documents to help increase business productivity and efficiency, drive collaboration and reduce costs. This advanced, intelligent document workflow supports digital workflows with email or fax capture, streamlines print and scan activities and its centralized management interface requires little to no technical expertise.

Learn more about Konica Minolta’s data and device security solutions for every industry here.

Leave a comment »

Oh What A Shock! It Looks Like Elon Musk Lied About What The Cybertruck Could Do

Posted in Commentary on January 18, 2024 by itnerd

The Tesla Cybertruck. It’s years late. It’s more expensive than promised. And apparently it’s not as capable as Elon Musk said it was going to be. Here’s the details via The Verge:

Tesla claims the $99,990 tri-motor “Cyberbeast” went from zero to 60 miles per hour in just 2.6 seconds and completed the quarter-mile race in less than 11 seconds. But was that really the case? In a video posted last week, YouTuber Engineering Explained calls out Musk for peddling what appears to be exaggerations about the Cybertruck’s capabilities.

For one, channel owner Jason Fenske says the Cybertruck doesn’t actually complete the full quarter-mile race in the demo — instead, Tesla ends the race at the one-eighth mile marker. Fenske points out that both vehicles are only “halfway to the timing boards” when Tesla shows the view of the Porsche and Cybertruck crossing the finish line side by side.

That suggests they only completed one-eighth of a mile, as the timing boards are typically placed at the end of the quarter-mile strip. Fenske found some additional evidence supporting this, too, and even measured the length of the track on Google Maps using landmarks from the video.

This isn’t the only potential discrepancy Cybertruck owners have found so far, now that the vehicle is being delivered to buyers. Another YouTuber, Kyle Conner from Out of Spec Motoring, held a livestream to test the Cybertruck’s range. At the end of the five-hourlong stream, Conner found that the Foundation Series dual-motor model only got around 254 miles of range after a full charge — quite lower than the 320-mile range promised by Tesla. The cold might’ve had something to do with the lower-than-expected range, though, as Conner took it out on a highway in around 45-degree weather. Cold weather can significantly reduce an EV’s range.

Meanwhile, over at the Cybertruck Owners Club forum, one user has found that towing a heavy load severely limits the range of the vehicle, which is expected. In their tests, they used their all-wheel drive Cybertruck to tow a Tesla Model Y on a trailer weighing in at a total of around 6,000 pounds. The driver got just around 111 miles on an 84 percent charge before the Cybertruck’s battery petered out.

And there’s this:

The Cybertruck might not be as rugged as Musk describes it, either. A post on Reddit offers a glimpse of the Cybertruck’s owner’s manual, which similar to Tesla’s other vehicles, suggests that owners should “immediately remove corrosive substances,” including grease, oil, bird poop, road salt, dead insects, and other materials from the exterior of the car to “prevent damage.” But the Cybertruck also doesn’t have clear coat — something most cars come with to help protect the paint against damage from the sun and minor scratches. 

That’s why Tesla notes “any scratches that appear are in the stainless steel panels themselves.” All of this doesn’t quite add up to the Cybertruck being the otherworldly beast capable of going off-road and being “built for any planet,” especially when apparent software issues stranded this Cybertruck in the snow. The Cybertruck might not even be the most practical pickup for here on Earth.

Honestly. Is anyone surprised that Elon was just saying anything to sell a few of these pickup trucks? At this point I’m hoping that Cybertruck owners sue Elon for false advertising.

What Elon really doesn’t get is that a story like this will be seen in Dearborn Michigan where Ford is willing to sell your an F150 Lightning which is an electric pickup truck that does real truck things seeing as it’s based on a existing pickup truck platform. Not to mention over at Stellantis who have an electric version of their RAM 1500 pickup truck incoming which is again an electric pickup truck based on an existing pickup truck platform that does real truck things. Both of these companies have another thing in common. Both of them will try not to be Elon and Tesla by over promising and under delivering as both Ford and Stellantis know that’s a great way to tick off your customers and ensure that they never set foot into your dealership ever again. Perhaps Elon should have read that memo. But of course, we all know that he’s not smart enough to do that.

1 Comment »

New Malware Targeting Vulnerable Docker to Deploy Smart Web Traffic Exchange App as Payload

Posted in Commentary with tags on January 18, 2024 by itnerd

Cado Security has published its discovery of the first documented case of malware deploying the 9Hits Traffic Exchange, “A Unique Web Traffic Solution,” viewer application as a payload. The 9Hits app responsible for generating hits and credits is now being deployed by malware to generate credits for the attacker. 

Cado observed a novel campaign targeting vulnerable Docker services to deploy two containers: an XMRig miner and 9hits. Members can buy credits on this platform to exchange traffic generated on their chosen website and run the 9hits viewer app to visit websites requested by other members in exchange for a cut of the credits. 

This campaign shows that exposed Docker hosts are still a common entry vector and that attackers always seek more strategies to profit from compromised hosts. Cado can observe the processes being run, allowing the 9hits app to authenticate with their servers and pull a list of sites to visit. Once visited, the session owner is awarded a credit on the 9hits platform.

In the new research, Nate Bill, Threat Intelligence Engineer at Cado Security, analyzes why the threat actor behind this campaign removed the ability to visit crypto-related sites, the main impact of this campaign on compromised hosts, and the result on infected servers unable to perform.

You can read the details here.

Leave a comment »

Aptum Retains Microsoft Azure Expert Managed Service Provider Certification

Posted in Commentary with tags on January 18, 2024 by itnerd

Aptum, a global cloud solutions provider specializing in technology consulting and managed services, today announced it has retained its status as a Microsoft Azure Expert Managed Services Provider (MSP). This certification is a testament to Aptum’s unwavering commitment to delivering top-tier managed services within the Microsoft Azure ecosystem. 

The Microsoft Azure Expert MSP Program is an initiative reserved for a select group of industry leaders, with less than one percent of Microsoft partners globally holding the accreditation. To qualify, partners must undergo a rigorous evaluation, showcasing exceptional customer delivery, technical proficiency, and successful completion of an independent audit assessing their managed services, personnel, processes and technologies. 

Aptum initially earned this designation in December 2022, and surpassed the recertification audit process in December 2023. This accomplishment underscores Aptum’s ongoing dedication to meet and exceed the stringent criteria set by Microsoft, ensuring it continues to align with evolving technology standards. 

Key highlights include: 

  1. Consistent Excellence: Aptum proudly maintains its Azure Expert MSP certification for the second consecutive year, underscoring its commitment to delivering exceptional technical services within the Azure environment. 
  2. Exclusive Recognition: This accomplishment places Aptum in an exclusive category, as less than one percent of Microsoft partners globally hold the Azure Expert MSP accreditation. 
  3. Reduced Risk for Clients: Aptum’s continued recognition highlights its ability to execute Azure projects with a lower risk profile, providing clients with confidence in the delivery of secure and reliable solutions. 
  4. Investment in Technical Competencies: The recertification emphasizes Aptum’s ongoing investment in enhancing its technical competencies, ensuring that clients benefit from cutting-edge solutions and expertise. 

Aptum continues to meet ongoing requirements from Microsoft and will be re-evaluated annually to ensure it continues to meet updated technology standards. 

Leave a comment »

Apple To Sell Apple Watches With Disabled Blood Oxygen Hardware Starting Today

Posted in Commentary with tags on January 18, 2024 by itnerd

Numerous media outlets are reporting that in advance of the latest Apple Watch sales ban which is due to start today at 5PM EST in the USA, Apple will start selling versions of the Apple Watch 9 and Ultra 2 that have the blood oxygen sensors disabled via software. Something that I covered here. To be clear, this only affects the USA. The blood oxygen sensor hardware still works if you are somewhere else on planet Earth, or if you already bought the watch in the US. And since it’s disabled via software, there is the possibility that Apple could reactivate it if they sort out their differences with Masimo.

Now I suspect that Apple Watches that have this hardware enabled are about to become very much sought after for as long as this fight between Apple and Masimo goes on. 9to5Mac has a guide that speaks to figuring out if the Apple Watch that you’re about to buy has the disabled blood oxygen hardware in the box. Alternately, any store other than an Apple Store such as Best Buy or Amazon likely still have stock of Apple Watches that don’t have this hardware disabled.

I said this before and I will say it again. Apple seems intent on dying on this hill as they clearly haven’t got any interest in settling this fight with Masimo. While this is a trillion dollar company we’re talking about, Apple is fighting a billion dollar company that is currently winning. And Apple having to make the changes that I described above to get around this sales ban can’t be cheap. Nor are lawyers to fight this in court. And there’s the repetitional damage to the Apple brand because they’re in a situation where one could argue that they were caught “Sherlocking” Masimo. By the time this is over, whenever that is, Apple might come to the conclusion that it would have been easier and cheaper to settle with Masimo rather than to fight them.

Leave a comment »

Allianz Ranks Cyber Events As Top Risk To Organizations In 2024 

Posted in Commentary with tags on January 17, 2024 by itnerd

According to the 2024 Allianz Risk Barometer, cyber incidents and business interruptions are the biggest worries for companies globally in the coming year.  

Overall, 36% of respondents and 17 countries ranked cyber incidents as the most significant risk globally for the third year in a row, ahead of closely interrelated worry business disruption (31%) and political instability and war (14%).

Specifically, 59% see a data breach as the most concerning cyber threat followed by attacks on critical infrastructure and physical assets (53%). Ransomware attacks saw a resurgence in activity, with insurance claims activity up by more than 50% compared with 2022.

“The growing number of incidents caused by poor cyber security, in mobile devices in particular, a shortage of millions of cyber security professionals, and the threat facing smaller companies because of their reliance on IT outsourcing are also expected to drive cyber activity in 2024,” explains Scott Sayce, Global Head of Cyber, Allianz Commercial.

George McGregor, VP, Approov Mobile Security had this to say:

   “It’s no surprise that companies see cyber incidents as their biggest concern. Allianz highlights poor mobile device security in particular as a key risk factor. Companies should evaluate and address this key attack vector as a priority – the basic security provided by App stores processes and tools is not enough.

   “The mobile ecosystem is complex and evolving quickly, but there are simple and effective solutions which can protect mobile apps and APIs and prevent them being an open door for hackers.”


Emily Phelps, Director, Cyware follows with this:

   “These findings underscore the critical need for businesses to adopt proactive strategies that mitigate cybersecurity risks that undoubtedly can cause business interruption. Businesses should think holistically about their security strategy. This includes prioritizing things like advanced threat intelligence and operationalization, orchestrated response, enhancing data protection measures, and continuously educating employees about cyber risks.

   “Given the shortage of cybersecurity professionals, companies should also consider leveraging automated security solutions and partnering with specialized security partners to outpace cyber threats.


Troy Batterberry, CEO and Founder, EchoMark adds this:

   “The insights from the 2024 Allianz Risk Barometer offer a view into the growing concern of cyber threats that businesses and executive leadership have been reluctant to realize and act on. The concern over cyber risk and incidents continues to increase as evidenced by the ranking of cyber incidents as a top global risk. With advances in adversary attack vectors and methodologies, and threat actors leveraging the efficiencies and scalability of new tech, there is a critical need for innovative cybersecurity strategies covering far left and far right of boom.

   “It’s clear that businesses must prioritize a defense in depth approach against data breaches and infrastructure attacks, particularly as ransomware continues to be a top extortion method. Coupled with the global growing gap in cybersecurity expertise, the rising trend of IT outsourcing particularly impacts smaller companies and requires a strategic approach to risk management – forcing an urgent call for investment in cybersecurity training and education, and development of more intuitive, AI-driven security solutions to bridge the resource gap and bolster defenses.”

It’s good that people know what the threats are. But it’s another thing entirely set up defences against them. Thus I hope that anyone who reads this is making plans to do just that. Because if they don’t, bad things will likely happen to them.

UPDATE: Mark Cooper, President & Founder, PKI Solutions adds this:

   “In today’s complicated cyber security market, there are far too many vendors claiming to have the solution to a corporation’s cyber security issues. The truth is, complexity in security isn’t doing any corporation any favors. Most of the tried-and-true security solutions that have been available for years are still quite valid, but they need to be constantly reviewed and monitored. Adding another new security solution on top of a poorly implemented security solution is actually counterproductive.”

Leave a comment »

BianLian Ransomware Group Pwns US Based Shipper 

Posted in Commentary with tags on January 17, 2024 by itnerd

Reported Chinese ransomware group BianLian has targeted Republic Shipping Consolidators of Miami, FL, a high-profile shipping concern involved in Ocean and Air Fright services across the US, Nicaragua, Asia, and Europe.

According to @HackManac on X, the group’s data leak site posting claimed 117 GB of data from the attack, including accounting, budget, financial data, email and message archives, files from employee PCs, operational and business files, personal, and technical data.

No details on the amount of the ransom or attack methods have been disclosed.

BianLian refers to the Chinese art of face changing, a traditional entertainment form.

John Benkert , CEO, Cigent had this to say:

   “Infrastructure represents a prime target for hackers due to its critical importance and interconnected nature. These systems, encompassing utilities like electricity, water, and transportation networks including shipping, are essential for the functioning of a society and economy. A successful cyber attack on these can lead to significant disruptions, with potentially widespread and severe consequences. Moreover, the increasing digitization and interconnectivity of these systems, while boosting efficiency and monitoring capabilities, also create vulnerabilities.

   “Cyber attackers, whether they are state-sponsored actors, terrorists, or cybercriminals, are aware that compromising these systems can lead to chaos, economic damage, or political leverage. As such, it is critical that these entities recognize their status, vulnerabilities and then implement technology to protect their data.  The government needs to be more involved in protecting these assets not only through legislation but by providing cutting edge technology to these critical organizations.”


Emily Phelps, Director, Cyware follow with this:

This cyberattack highlights the critical importance of threat intelligence and intelligence operationalization in the cybersecurity landscape.

Intelligence isn’t just about gathering data; it’s also about understanding and outpacing the tactics, techniques, and procedures of adversaries. By analyzing patterns and sharing this intelligence across sectors, companies can address these risks more quickly and effectively.

This hack highlights the fact that companies need to make it difficult if not impossible for threat actors to get in and do bad things. Because in this case, the outcome is pretty bad, and could get worse for the rest of us if they pay the ransom.

Leave a comment »

« Older Entries
Newer Entries »