Flashpoint has published its July 2023 Cyber Threat Intelligence Index. Here are some numbers from July:
The Index also deals with Insider Threats and the state of malware. You can read it here.
Fisker Inc. has today released additional details on its Fisker Alaska pickup truck. Fisker revealed the Alaska at its Product Vision Day on August 3.
The Fisker Alaska is the company’s “everything” vehicle: sporty handling and driving dynamics combined with luxury SUV comfort and everything that discerning buyers in the booming pickup-truck market expect. But Fisker also intends to make the Fisker Alaska the world’s most sustainable pickup when deliveries commence in 2025.
The company is also innovating with the vehicle, particularly when it comes to the bed, which is designed to expand from 4.5 to 7.5 feet thanks to a Houdini partition behind the rear seats that can be electronically lowered into space created by the battery layout of the FM31 platform. The Houdini door will be protected by a flip-up panel. With the powered liftgate dropped and rear seats lowered, the bed expands to 9.2 feet. When the rear seats are folded down and the Houdini is lowered, the rear seats are protected by fold up panels including a panel folding up behind the front seats. Beyond that, Fisker aims for the Fisker Alaska to be the world’s lightest electric pickup and feature extra storage in an insulated front trunk.
The Fisker Alaska will be offered with two battery packs — 75 kWh and 113 kWh — that will offer range of 230-340 miles; the 0-60mph time will range from 3.9 to 7.2 seconds. The vehicle will be 17.4 feet in length and entice owners with a big gulp cupholder, the world’s largest, a cowboy hat holder, cockpit storage for work gloves, a large center armrest with storage for flashlights and pens, and a passenger tray with a tablet holder. Wheels will be available in 20- and 22-inch sizes.
Production of the Fisker Alaska is expected to start in Q1 of 2025. Interested customers can reserve the vehicle at Fiskerinc.com for $250 for their first Alaska and fully refundable $100 for the second.
No sooner did I post this story about Bell customers having issues with their cell phone service did someone ping me to ask if I was having issues with my iPhone on the TELUS network as it is not a secret that I am a TELUS customer. I did a couple of tests and I don’t appear to have any issues. But DownDetector paints a different picture:
I then when to the TELUS Service Status page and it says that there is an active outage affecting their cell phone users:
This really isn’t a surprise as Bell and TELUS apparently share infrastructure. But what is interesting is that issues with TELUS appear to have started much later than the issues Bell. I’m honestly not sure how widespread this is as I have no issues with my iPhone at the moment over 5G. But just like I said in my story about Bell, if you’re having issues using your phone on TELUS, it’s them and not you.
UPDATE: The TELUS Service Status page now shows that there are no outages. Thus I am guessing that whatever happened is resolved. If you have a different experience with TELUS, please let me know.
It appears that Bell has an issue that is impacting their cellular customers at the moment. Here’s a look at what DownDetector sees:
Whatever issues Bell is having, it started earlier this morning and got worse just before 1PM. At least Bell has admitted to issues in the Toronto area on Twitter:
But to be honest, I am not sure if these issues extend beyond Toronto. But the bottom line is that if you’re having issues making a phone call on your Bell cell phone, it’s them and not you.
UPDATE: Bell is now saying that the issue is resolved:
If you’re seeing something different, please let me know.
It’s been a while since I’ve written about someplace banning TikTok. But one of the biggest cities out there has just joined the bandwagon:
New York City is banning TikTok from city-owned devices and requiring agencies to remove the app within the next 30 days.
The directive issued Wednesday comes after a review by the NYC Cyber Command which a city official said found that TikTok “posed a security threat to the city’s technical networks.” Starting immediately, city employees are barred from downloading or using the app and accessing TikTok’s website from any city-owned devices.
“While social media is great at connecting New Yorkers with one another and the city, we have to ensure we are always using these platforms in a secure manner,” a NYC City Hall spokesperson said in a statement to The Verge Wednesday. “NYC Cyber Command regularly explores and advances proactive measures to keep New Yorkers’ data safe.”
The city cited US Office of Management and Budget guidelines discouraging TikTok’s use on government devices as well as federal legislation banning the app passed earlier this year.
TikTok really has an issue here as they have been unable to come up with any argument that stops places from banning the social media app. Until they do that, this will keep happening. And at some point, TikTok will have to do something different before the narrative simply becomes “TikTok is evil.”
Leading tech research organization Omdia, part of Informa Tech, has launched the Channel Partner Strategies Intelligence Service, a channel-focused market research product. The service has been designed to help channel-focused vendors and technology suppliers accelerate growth and gain a deeper understanding of the key trends shaping the tech landscape. It offers a particular focus on the shift in technology consumption due to the evolution of managed services and insights into new and innovative solution providers.
First announced in May at the 2023 Channel Partners Conference & Expo, the Channel Partner Strategies Intelligence Service comes from the Omdia Channel Research and consulting team. The team is led by Devan Adams, Principal Analyst, and Debbie Kane, Principal Consultant.
Reports available from the new service will provide technology vendors and suppliers with expert channel research, analysis and actionable insights into the key market trends, technology innovations and strategies shaping the evolving channel ecosystem.
The first two major reports, available now, are the “Managed Service Provider (MSP) 501 Survey Insights – 2023” and the “Fastest-Growing Managed Service Providers (MSPs) Survey Insights – 2023.”
“Managed Service Provider (MSP) 501 Survey Insights – 2023”analyzes the results from the industry’s most comprehensive global survey and ranking of MSPs, the Informa Tech Channel Futures MSP 501. The report provides key insights from the global survey, including insight into revenue-producing services, markets served, technology adoption, managed service offerings, customer segments and M&A. For the first time, the report offers a view into the profitability of the managed services market.
Key insights include:
“Fastest-Growing Managed Service Providers (MSPs) Survey Insights – 2023”examines data obtained from theNextGen 101, fast-growing businesses on the verge of making the Channel Futures MSP 501 ranking. The report provides market insights from the unique perspective of fast-growing partner businesses that are owned mainly by a younger generation of individuals and which exemplify the future of the channel.
Key insights include:
More content as part of the Channel Partner Strategies Intelligence Service will be released later this year. The first “Quarterly Market Outlook Survey Insights” report is scheduled for release by the end of September.
Four additional new analyst reports are expected to publish by the end of this year:
For more information about the new Omdia Channel Partner Strategies Intelligence Service, head to the product page on the Omdia website.
You might recall that I spoke about the one useful tool that Twitter had to monitor multiple Twitter accounts was going behind a paywall in terms of it would require you to pay Elon Musk $8 a month. That tool is TweetDeck which is now called XPro which is in line with the rebranding efforts by Elon Musk of Twitter to X. It now appears that the paywalling of TweetDeck/X Pro has begun as there are reports of TweetDeck/XPro users being prompted to pay Elon $8 a month when they try to use TweetDeck/X Pro. I personally haven’t seen this, but I have to imagine that it’s only a matter of time before I do.
TweetDeck made Twitter usable for people like me who not only had to juggle multiple Twitter accounts, but to track individual issues that are trending in the world. Having to pay for this given Twitter’s declining relevance in the world makes no sense to me. And likely for many others. Thus I really question what the take up in terms of new Twitter subscriptions will be on this move. My guess is that it will be really low, but I am free to be surprised.
Recently, the DHS has announced a investigation into cloud security:
“Organizations of all kinds are increasingly reliant on cloud computing to deliver services to the American people, which makes it imperative that we understand the vulnerabilities of that technology,” said Secretary of Homeland Security Alejandro N. Mayorkas. “Cloud security is the backbone of some of our most critical systems, from our e-commerce platforms to our communication tools to our critical infrastructure. In its reviews of the Log4j vulnerabilities and activities associated with Lapsus$, the CSRB has proven itself to be ready to tackle and examine critical and timely issues like this one. Actionable recommendations from the CSRB will help all organizations better secure their data and further cyber resilience.”
Ani Chaudhuri, CEO, Dasera had this to say:
The recent announcement by the Department of Homeland Security regarding the Cyber Safety Review Board’s (CSRB) upcoming review on cloud security highlights the criticality and urgency of bolstering defenses in our modern digital landscape. Cloud environments have become ubiquitous, supporting myriad facets of public and private sector activities. Given this backdrop, we can go into the questions presented.
Significance/Implications for Cloud Providers:
Implications for Cloud Customers:
The Outcome of the Review and Potential Changes:
The DHS’s initiative, steered by the CSRB, couldn’t be more timely. In a world where our reliance on cloud infrastructure is deepening, such proactive measures herald a shift from merely responding to threats to preemptively identifying and plugging vulnerabilities. This is not just about technology; it’s about trust and ensuring the cloud remains a haven for innovation and growth.
Seeing as “the cloud” is central to businesses, this is a good move by the DHS. Because everyone needs to make sure that whatever infrastructure that people use are safe and secure 100% of the time.
Last week I reviewed a titanium watch band for the Apple Watch Ultra from Infinity Loops. If you missed that review, you can read it here. Today I am reviewing another one of their bands. The band in question is The Geometric Prepster. An interesting name for an interesting looking band:
While I do have an interest in Apple Watch bands, I don’t recall ever seeing a band that looks like this. And I’m not talking just about the design of the band which is unique and has a bit of a retro vibe being a woven band with a very interesting pattern. Now if this pattern doesn’t work for you, there are 9 others to chose from. The other side of the band is made of leather which is stiff when you get it, but will loosen up over time. That should make the band very comfortable to wear.
All the lugs and the other metal hardware is not only top shelf in terms of quality, but they don’t have any play in them. And all the stitching is well done with no loose threads or anything like that. There’s nothing at all to complain about when it comes to the quality of the band. My only complaint has nothing to do with the band as such. My wife has tiny wrists, and as a result even with the band on the very last hole that the band offers, this band is too loose for her. The reason why that is an issue for her is loose fitting Apple Watches deliver inaccurate health data such as heart rate tracking. I provided this feedback to Infinity Loops and they will “update the description so the size is immediately available.” Given that my wife is a bit of an “edge case” it’s great that Infinity Loops is willing to do that.
The Geometric Prepster goes for $48 CAD and I’d recommend to all but those with wrists like my wife’s. It’s a quality band that has a unique look from my perspective. Which means that it will attract positive attention wherever you go.
Mass Exploitation Campaign Backdoors Almost 2000 Citrix NetScalers
Posted in Commentary with tags Citrix, Hacked on August 17, 2023 by itnerdA hacking group has exploited a critical vulnerability in Citrix NetScaler servers to compromise close to 2,000 servers in a massive campaign, before patches could be applied.
As of 8/14 Fox-IT researchers report that of some 31,127 vulnerable servers, more than 1,900 remain “backdoored” and of those found, 1,248 had already been patched, but were never checked for signs of successful exploitation.
The vulnerability, tracked as CVE-2023-3519, allows hackers to execute arbitrary code on the servers without authentication allowing them to do anything they want on the servers, including steal data, install malware, or disrupt operations.
Main Takeaways:
David Mitchell, Chief Technical Officer, HYAS had this to say:
“Unfortunately, this is far from the first time this has happened in recent memory. In previous campaigns, attackers gained footholds within F5, Fortinet and VMware appliances through exposed management interfaces in order to avoid detection by EDR software.
“Regardless if the exploit is already in the wild, customers are expected to monitor their devices for the IOCs before and after the patch is applied — which is obviously not at an acceptable level. The reason for this gap may be education, outsourced managed devices or division of security labor within an organization, but I do not expect attacks on network devices to stop anytime soon.”
Clearly simply patching everything isn’t enough. You also have to make sure that the bad guys aren’t already in. Which means that you need to take more rigorous steps to make sure that you’re not on the wrong end of a headline.
Leave a comment »