Epson Has The Perfect Gift Idea For TV & Movie Lovers Alike

Posted in Commentary with tags on November 27, 2023 by itnerd

There are a few surefire signs that we’re heading into the holiday season. The weather starts to get colder, neighbourhoods come to life with red and green lights and you don’t have to go far to find your favourite holiday flicks streaming on repeat.

Gifting the Epson EpiqVision Mini EF12 Smart Streaming Laser Projector (MSRP: $ 1,299.99 CAD) means holiday fun for the whole family. Curl up on the couch and enjoy an epic viewing experience watching your favourite cult classics with stunning picture quality in up to 150″ – no screen required. Featuring built-in Android TV, sound by Yamaha and wireless connectivity, the EpiqVision Projector gives you seamless access to popular streaming services, including Hulu, HBO and YouTube™, right out of the box.

The portable projector has a compact yet elegant design that allows you to move from room to room (or house to house) so you can elevate movie night no matter which family member is hosting your holiday gathering this year.

If you are working on gift guides for splurge-worthy items, we hope you’ll consider the Epson EpiqVision Projector as the perfect family present to encourage time spent together.

Leave a comment »

US Navy Releases Its First Cybersecurity Strategy 

Posted in Commentary with tags on November 27, 2023 by itnerd

The U.S. Navy has released its first cybersecurity strategy as the service tries to modernize its efforts in the space after years of staffing and preparedness issues.

The blueprint devised by Chris Cleary, the Navy’s principal cyber advisor, and its CIO, features the following seven lines of effort:

  • Improve and support the cyber workforce
  • Shift from Compliance to Cyber Readiness
  • Defend Enterprise IT, Data, and Networks
  • Secure Defense Critical Infrastructure and Weapon Systems
  • Conduct and Facilitate Cyber Operations
  • Partner to Secure the Defense Industrial Base
  • Foster Cooperation and Collaboration

Troy Batterberry, CEO and founder, EchoMark had this comment:

   “In order for the USA to achieve and maintain information superiority, we must adopt new forms of insider risk management. Nearly all major government agencies have experienced highly damaging leaks in part because the leaker (insider) felt they would never be caught. An entirely new approach is required to help change human behavior. Information watermarking is one such technology that can help keep private information private.”


Stephen Gates, Principal Security SME, Horizon3.ai follows with this:

   “In the context of the Department of the Navy Cyber Strategy 2023, one line of effort stands out among the others: 2.0 Shift from Compliance to Cyber Readiness. As recent cyber events have repetitively proven, a purely defensive cyber strategy is not working and must be augmented by “adversarial assessments” of your own environments.

   “These adversarial assessments are not the run-of-the-mill vulnerability scans. These assessments are cyber red team exercises whereby organizations attack themselves using the same tools, tactics, and procedures (TTPs) attackers use. The reason for this is simple. If you cannot find that hidden chink in your armor, that crack in your layered walls of defense, that blind spot you didn’t even know existed, you will never be able to adequately defend yourself against a purposeful attacker with nothing but time on their side – and disruption on their mind.

   “Today, autonomous assessment solutions that let your see your environments through the eyes of an attacker are readily available. Having these solutions in the hands of highly skilled red teams allows them to force-multiply, meaning, they can do expansive cyber readiness exercises simultaneously, while using these solutions to accelerate their assessment analysis. Furthermore, these solutions also meet the objective of prioritizing mitigations and reassessment tracking to ensure issues have been remediated and readiness is confirmed.”

At least the Navy realizes that it has issues, and is moving to address them. That’s good. But everyone will be watching to see if the Navy “walks the walk” as opposed to just “talking the talk”.

Leave a comment »

General Electric Investigating Cyber Attack Which Could Include Possible DARPA Data Theft 

Posted in Commentary with tags on November 27, 2023 by itnerd

The threat actor “IntelBroker” was seen on a hacker forum, peddling a database allegedly containing information from General Electric and DARPA, complete with critical access credentials like SSH and SVN, as well as DARPA-related military documents, SQL files, and more.

General Electric is probing the claims of a breach that allegedly resulted in the data theft.
The company is investigating the suspected breach and potential data theft from their development environment, traced back to a hacker’s attempt to sell access and data on multiple occasions

Initially, the threat actor attempted to hawk access to GE’s “development and software pipelines” for $500 on a hacker forum. Failing to sell the access, the actor returned, offering both network access and the purportedly stolen data. From the threat actor:

“I previously listed the access to General Electrics, however, no serious buyers have actually responded to me or followed up. I am now selling the entire thing here separately, including access (SSH, SVN etc),” the threat actor posted to a hacking forum.

“Data includes a lot of DARPA-related military information, files, SQL files, documents etc.”

Troy Batterberry, CEO and founder, EchoMark had this comment:

   “Unfortunately, we see this every day. Highly skilled and well-funded organizations are working hard to protect their data with security stacks that include security gap discovery and analysis, EDR, Cloud security, UEBA, Identity & Access Analytics, SOAR and even ransomware killswitches, but then leave much of their most sensitive data both unprotected and readily sharable. The recent leaks of sensitive government and judicial information are just a few examples.

   By digitally watermarking data and assets, organizations get several key benefits. First, they can help deter insider leaks from ever happening in the first place by motivating better stewardship of the private information. If malicious or accidental insider leaks do happen, the source can be quickly identified and remediated. In the case of a successful external attack, watermarks can help quickly identify the compromised assets for fast remediation.”

It will be interesting to see what General Electric reports back in terms of the extent of this hack and what was swiped. Because like other hacks we’ve seen lately, this one is far from trivial.

Leave a comment »

AI-powered Cybersecurity Assistant from Trend Micro Announced

Posted in Commentary with tags on November 27, 2023 by itnerd

Trend Micro made a pair of announcements today:

  1. Trend Micro announced the launch of its new generative AI tool, Trend Companion, designed to empower security analysts by driving streamlined workflows and enhanced productivity. Trend Companioncould potentially reduce analyst time spent on manual risk assessments and threat investigations by 50% or more. Read the press release here
  2. Trend Micro also announced the latest evolution in generative AI: the integration of its leading global threat intelligence and millions of diverse sensor types to enhance outcomes for its flagship Trend Vision One™ cybersecurity. In 2022, Trend handled over six trillion threat queries from customers across 65+ countries. Using AI trained on this data, Trend blocked more than 146 billion threats, three billion of which were ransomware. Read the press release here

With the ever-evolving cyber landscape, security teams need more than just AI to work well. They also need strong data. Trend Micro’s global threat research and work in communities through its Zero Day Initiative, is helping to accelerate incident response times by 30 per cent, reduce incident reporting by up to two hours per report, and drive more complete attack containment – providing valuable insights to security teams.

Leave a comment »

AI Regulation In Canada: New Report Offers Strategies For Policymakers

Posted in Commentary with tags on November 27, 2023 by itnerd

 The rapid evolution of digital technologies, in particular Artificial Intelligence (AI), is showing no sign of slowing. Digital technologies can boost productivity, support innovations in medical care, and even help tackle our climate crisis. But earlier this year, technology experts called for a temporary pause in the development of advanced AI systems due to the risks they pose to society. In this charged environment, policymakers in Canada and globally are faced with the challenge of balancing innovation while introducing effective regulatory frameworks for digital technologies such as AI that safeguard the public interest. 

To support policymakers as they navigate these complex issues, the CSA Public Policy Centre and Digital Governance Councilhave published a new report, Ahead of the Curve: A Roadmap for Regulating Digital Technologies. The report provides an overview of the regulatory challenges posed by digital technologies – offering AI, 3D printing and blockchain as case studies – and outlines important considerations for policymakers as they navigate this evolving landscape. 

The report highlights a range of promising tools and methods, each with the potential to lead to quicker, more targeted, and effective regulation of digital technologies. While the challenges posed by digital technologies are numerous, policymakers should consider a multi-faceted approach as they seek to establish regulations. These include: 

  1. Enhancing existing frameworks by establishing core principles, shifting from reactive to proactive approaches, and developing strategies to put people first in a data-rich world.  
  2. Investing in the public sector by improving intergovernmental cooperation, enhancing skills, capacity, and knowledge, and establishing a Digital Centre of Excellence. 
  3. Using complementary tools such as risk-based approaches (e.g., certifications, audits, and inspections), standards-based solutions, and legal frameworks. 

To learn more and download Ahead of the Curve: A Roadmap for Regulating Digital Technologies, visit CSA Group’s website

Leave a comment »

Instagram Joins Twitter In Having Advertisers Halt Ads Due To Placement Next To Problematic Content

Posted in Commentary with tags on November 27, 2023 by itnerd

Elon Musk and Twitter are apparently not the only platform who is struggling with having advertisers halt ad campaigns due to those ads being placed next to content that is objectionable. Meta owned Instagram has is having problems with ads being placed next to sexually explicit images:

Instagram’s system served jarring doses of salacious content to those test accounts, including risqué footage of children as well as overtly sexual adult videos—and ads for some of the biggest U.S. brands.

The Journal set up the test accounts after observing that the thousands of followers of such young people’s accounts often include large numbers of adult men, and that many of the accounts who followed those children also had demonstrated interest in sex content related to both children and adults. The Journal also tested what the algorithm would recommend after its accounts followed some of those users as well, which produced more-disturbing content interspersed with ads.

As a result of this report, this happened:

After the Journal contacted companies whose ads appeared in the testing next to inappropriate videos, several said that Meta told them it was investigating and would pay for brand-safety audits from an outside firm.

Following what it described as Meta’s unsatisfactory response to its complaints, Match began canceling Meta advertising for some of its apps, such as Tinder, in October. It has since halted all Reels advertising and stopped promoting its major brands on any of Meta’s platforms. “We have no desire to pay Meta to market our brands to predators or place our ads anywhere near this content,” said Match spokeswoman Justine Sacco.

Robbie McKay, a spokesman for Bumble, said it “would never intentionally advertise adjacent to inappropriate content,” and that the company is suspending its ads across Meta’s platforms.

Charlie Cain, Disney’s vice president of brand management, said the company has set strict limits on what social media content is acceptable for advertising and has pressed Meta and other platforms to improve brand-safety features. A company spokeswoman said that since the Journal presented its findings to Disney, the company had been working on addressing the issue at the “highest levels at Meta.”

Walmart declined to comment, and Pizza Hut didn’t respond to requests for comment.

Now this is bad. But what I will say is this. Meta and its CEO Mark Zuckerberg will fix this because frankly, they don’t want to lose the advertising revenue, nor do they want to be seen in the same way that Twitter is seen. So I would expect some rapid action on this front in the coming days.

Leave a comment »

Best Buy Pulls Select Casetify Cases Related To The dBrand Lawsuit

Posted in Commentary with tags , on November 27, 2023 by itnerd

 Let’s recap what’s happened with the dBrand vs. Casetify fight:

  • YouTuber JerryRigEverything and dBrand are suing Casetify for blatantly ripping of the Teardown skins that JerryRigEveryting and dBrand co-created. 
  • Casetify responded by posting a really, really bad statement that promptly and deservedly got roasted by Twitter. Along with that they pulled their cases from their website. 
  • It was then discovered by dBrand that Casetify had been ripping stuff off from iFixit as well. Then iFixit called them on it.

As part of this, the cases in question from Casetify were still available at Best Buy stores as pointed out by dBrand:

That appears to have changed based on this:

https://twitter.com/mangopurade/status/1728890273965670653

I guess that Best Buy doesn’t want to be in the middle of this. Thus they pulled the cases in question from sale. That’s more pain for Casetify. At this point, it’s hard to feel sorry for Casetify as they brought this upon themselves. Perhaps they should find a way out of this that acknowledges what they’ve done and make restitution for it? Just a thought.

Leave a comment »

Casetify Gets Called Out By iFixit For Stealing Their Stuff

Posted in Commentary with tags , on November 26, 2023 by itnerd

The issues for Casetify when it comes to ripping off other companies designs are mounting. To recap:

  • YouTuber JerryRigEverything and dBrand are suing Casetify for blatantly ripping of the Teardown skins that JerryRigEveryting and dBrand co-created.
  • Casetify responded by posting a really, really bad statement that promptly and deservedly got roasted by Twitter. Along with that they pulled their cases from their website.
  • It was then discovered by dBrand that Casetify had been ripping stuff off from iFixit as well.

At the time that the iFixit discovery was made, I said this:

I’m watching to see how iFixit responds to this. As in do they sue Casetify and add to their misery. But the bottom line is that this not a good look for Casetify if this is accurate. Even if it isn’t (and to be frank, I don’t know how it can’t be accurate), the bad press that this has created means that Casetify is likely heading toward oblivion. To paraphrase Tony Stark from “The Avengers” there is no scenario where Casetify comes out on top of this situation.

Well, iFixit has posted this response on Twitter:

At this point, it isn’t clear if iFixit will sue Casetify. But if I were iFixit I would as this is going to be the easiest case to win as Casetify literally has no defence that they can mount seeing how blatant their actions were.

If I were Casetify, they should throw themselves on the mercy of dBrand and iFixit, along with whomever else they’ve stolen stuff from. Because they are going to get destroyed in court. But not before they get destroyed in the court of public opinion. And neither of those are things that they can recover from.

Leave a comment »

Microsoft Discovers Diamond Sleet’s Supply Chain Attack

Posted in Commentary with tags on November 25, 2023 by itnerd

The North Koreans are up to no good again. Microsoft is reporting that they have discover a supply chain attack by a group of threat actors named Diamond Sleet who are using a malicious variant of a legitimate CyberLink application installer that has been modified to include malicious code that downloads, decrypts, and loads a second-stage payload:

Microsoft Threat Intelligence has uncovered a supply chain attack by the North Korea-based threat actor Diamond Sleet (ZINC) involving a malicious variant of an application developed by CyberLink Corp., a software company that develops multimedia software products. This malicious file is a legitimate CyberLink application installer that has been modified to include malicious code that downloads, decrypts, and loads a second-stage payload. The file, which was signed using a valid certificate issued to CyberLink Corp., is hosted on legitimate update infrastructure owned by CyberLink and includes checks to limit the time window for execution and evade detection by security products. Thus far, the malicious activity has impacted over 100 devices in multiple countries, including Japan, Taiwan, Canada, and the United States.

Microsoft attributes this activity with high confidence to Diamond Sleet, a North Korean threat actor. The second-stage payload observed in this campaign communicates with infrastructure that has been previously compromised by Diamond Sleet. More recently, Microsoft has observed Diamond Sleet utilizing trojanized open-source and proprietary software to target organizations in information technology, defense, and media.

 Ken Westin, Field CISO, Panther Labs had this to say:

North Korean APT groups continue to target the software supply chain because it’s proven to be successful repeatedly, instead of targeting individual systems, they infect software upstream giving them potential access to a larger number of systems. They continue to increase the level of sophistication in these attacks with strong knowledge of the tooling and techniques of modern DevOps teams. Most organizations are not monitoring their DevOps processes for these types of attacks and lack mechanisms to detect when code may be compromised. I predict more threat groups will follow this approach to infect a larger number of systems downstream as well as improve methods to bypass rudimentary security measures.

I encourage you to read the full report as it has a lot of detail as to what you can do to protect yourself from this threat actor. Because this group of North Koreans clearly mean business.

Leave a comment »

Elon Musk Is Going To Israel To Convince You That He Isn’t Antisemitic

Posted in Commentary with tags on November 25, 2023 by itnerd

News filtered out last night that Elon Musk is going to make a trip to Israel. Here’s the details as we know them:

Mr Musk will meet Israeli Prime Minister Benjamin Netanyahu and President Isaac Herzog, and travel to the settlements that were attacked during last month’s Hamas invasion, according to local reports.

Sound like he’s on a bit of an apology tour to try and show that he’s not an antisemitic jerk. Despite the fact that he’s endorsed antisemitic conspiracy theories. Why has he decided to do this? I am going to guess that it has something to do with this:

X, the social media company formerly known as Twitter, could lose as much as $75 million in advertising revenue by the end of the year as dozens of major brands pause their marketing campaigns after its owner, Elon Musk, endorsed an antisemitic conspiracy theory this month.

Internal documents viewed by The New York Times this week show that the company is in a more difficult position than previously known and that concerns about Mr. Musk and the platform have spread far beyond companies including IBM, Apple and Disney, which paused their advertising campaigns on X last week. The documents list more than 200 ad units of companies from the likes of Airbnb, Amazon, Coca-Cola and Microsoft, many of which have halted or are considering pausing their ads on the social network.

The documents come from X’s sales team and are meant to track the impact of all the advertising lapses this month, including those by companies that have already paused and others that may be at risk of doing so. They list how much ad revenue X employees fear the company could lose through the end of the year if advertisers do not return.

On Friday, X said in a statement that $11 million in revenue was at risk and that the exact figure fluctuated as some advertisers returned to the platform and others increased spending. The company said the numbers viewed by The Times were either outdated or represented an internal exercise to evaluate total risk.

The advertising freezes come during the final three months of the year, which is traditionally the social media company’s strongest quarter as brands run holiday promotions for events such as Black Friday and Cyber Monday. In the last three months of 2021 — the last year the company reported fourth-quarter earnings before Mr. Musk took over — the company recorded $1.57 billion in revenue, of which nearly 90 percent came from advertising.

In other words, he’s hurting for cash and needs to make this go away as quickly as possible if he can. The fact is that nobody should be fooled by this apology tour. Elon isn’t going to change who he is. And we’ll be talking about some other Elon related controversy soon enough.

The best things that we can all do is to first, ignore Elon when he makes this trip. Second, we should ignore Twitter as it’s a dying platform which is a cesspool of hate and misinformation.

Leave a comment »

« Older Entries
Newer Entries »