New LinkedIn data shares 31.7% of Canadian job seekers in Toronto, Ont. are the most likely to apply for hybrid work positions

Posted in Commentary with tags on August 2, 2023 by itnerd

A recent study conducted by LinkedIn’s Economic Graph research teamunveils job seekers’ preferences in the Greater Toronto Area for remote and hybrid work.  According to the data, Torontonians display the lowest interest in applying for fully remote positions among major metropolitan areas. However, despite their reluctance for fully remote roles, Torontonians lead the way in Canada’s big metro areas in applying for hybrid work opportunities.  Key findings from the report include: 

  • 28.5% of job applications from Toronto are interested in fully remote positions. 
  • Although Torontonians show less enthusiasm for fully remote positions, 31.7% of job applications from Toronto were interested in positions that involve a combination of remote and in-office work. 

 The findings are based on an analysis of more than 12 million remote job applications on LinkedIn from May 2022 to May 2023.  If you’d like to learn more you can read the report in full here

Methodology 

LinkedIn analyzed more than more than 12 million and 11 million applications to paid remote and hybrid job postings in Canada, respectively, between May 2022 and 2023. To be included, postings either were explicitly labeled as “remote” or “hybrid,” or contained keywords such as “work from home.” Only metros with a 12-month average population of 100,000 or more LinkedIn members were included as large metros.   

Leave a comment »

BlackFog State of Ransomware Report For July 2023 Is Out

Posted in Commentary with tags on August 2, 2023 by itnerd

BlackFog today released the State of Ransomware Report for July 2023. BlackFog releases this monthly report containing pertinent information regarding both publicly and non-publicly disclosed cyber attacks. The report also includes statistics on the most attacked countries and industries, as well as prevalent threat groups and attack methods.

 Dr. Darren Williams, CEO and Founder, BlackFog, has also provided commentary on July’s ransomware trends and statistics:    

“This month we continue to see a large volume of attacks, culminating in the highest July in 4 years, with 38 publicly disclosed and 390 undisclosed attacks. This represents a 10-fold difference between unreported versus reported attacks, as we continue to see the effects of the MOVEit exploit.

The most notable change saw healthcare overtake education as the most targeted sector, with a 29% increase in attacks. Education came a close second with 56 reported attacks, while the Government saw a 19% increase from last month. Other sectors remained largely unchanged.

BlackCat and LockBit remain the two dominant variants with 18.4% and 16.8% respectively. As we predicted last month, we saw CLOP overtake BlackCat in the number of unreported attacks due to the MOVEit exploit. We expect this to continue in the coming months as the full extent of this exploitation is realized.

Lastly, exfiltration continues to be the primary weapon of choice for attacks. Leveraging data for extortion contributes to this quarter’s all-time record, with an average payout of US$740,144. China continues to be the main destination for data loss at 41% with Russia at 9%.”

The full report is linked here: https://privacy.blackfog.com/wp-content/uploads/2023/08/BlackFogRansomwareReport-Jul-2023.pdf

Leave a comment »

New Research Finds BEC Attacks Increased by 55% 1H 2023 & Third Party App Integration in Email Saw 128% increase

Posted in Commentary with tags on August 2, 2023 by itnerd

Abnormal Security has released the company’s 1H 2023 revealing how email attacks have increased in both sophistication and volume since the start of the year.

  • BEC attacks increased by 55% over the previous six months, and nearly half (48%) of all organizations received at least one VEC attack during that same time frame.
  • There is a 90%+ chance of receiving at least one BEC attack and a 76% chance of receiving at least one VEC attack each week for organizations with 5,000+ mailboxes.
  • Abnormal’s research showed that the average organization integrates 379 third-party apps with email—a 128% increase since 2020. And for large enterprises with 30,000+ employees, the number of integrated third-party apps shoots up to 3,973, on average.

Here is the report for your reading pleasure:  https://abnormalsecurity.com/about/news/h2-2023-threat-report

Leave a comment »

Cyber Expert Jason Keirstead Joins Cyware as VP of Collective Threat Defense

Posted in Commentary with tags on August 2, 2023 by itnerd

Cyware, leading provider of threat intelligence management, security collaboration, and cyber fusion solutions, today announced that security expert and industry leader Jason Keirstead has been appointed Vice President of Collective Threat Defense.  

Keirstead is a distinguished cybersecurity authority with more than 20 years of industry experience – 13 of which he spent at IBM, leading the technical direction of an extensive portfolio of software and security products.  

Keirstead is also co-chair of the Open Cybersecurity Alliance, where he driven to create straightforward, intuitive solutions that effectively address complex security challenges. This, along with his passion for shaping the future of cybersecurity standards, makes Keirstead an ideal fit for Cyware and this role. 

Jason Keirstead will be an instrumental leader at Cyware, guiding the expansion of our solutions and playing a critical role in building our strategic roadmap. His industry expertise is both broad and deep when it comes to building security architecture, understanding threat trends and ecosystems, and connecting the dots between disparate tools, teams, and tactics.

Leave a comment »

Veridas Facial Biometrics Receives LenelS2 Factory Certification under the LenelS2 OpenAccess Alliance Program

Posted in Commentary with tags on August 2, 2023 by itnerd

Veridas, a Spanish technology company specializing in digital identity biometrics, today announced that it has received LenelS2 factory certification and joined the LenelS2 OpenAccess Alliance Program (OAAP). Veridas Facial Biometrics Access Control interfaces with the OnGuard® access control system to provide an improved customer access and visitor management experience through touchless and seamless entry.    

About Veridas Facial Biometric Access Control   

Veridas facial biometric visitor access control management platform makes it easy for visitors and employees to self-register remotely or at the reception desk by capturing their ID card and selfie.  

The system verifies the visitor’s identity and generates a private and non-transferable biometric access credential.   

Once the visitor reaches the installation, they approach the Veridas biometric terminal at the entrance and show their faces and/or biometric QRs. The terminal authenticates them in less than a second and allows them to enter, thanks to the connection with the LENEL access system.  

Learn more at www.veridas.com

Leave a comment »

SynSaber OT/ICS Vulnerabilities Report For 1H 2023 Is Out

Posted in Commentary with tags on August 2, 2023 by itnerd

New data from client SynSaber in association with The CS Advisory Project identifies and evaluates trends in Common Vulnerabilities and Exposures (CVEs) showcasing what OT and ICS asset owners need to be aware of.  

A couple key findings from the report include: 

  • For the CVEs reported in the first half of 2023, about 1/3 have no patch or remediation currently available from the vendor (significantly up from the first half of 2022)
  • Critical manufacturing (37.3% of total reported CVEs) and Energy (24.3% of the total reported) sectors are the most likely to be affected
  • Forever-Day vulnerabilities remain an issue – six CISA Advisories identified for ICS vendor products that reached end of life with “critical” severity vulnerabilities have no update, patch, hardware/software/ firmware updates, or known workarounds.

You can read the report here.

Leave a comment »

People Who Subscribe To Twitter Blue Can Hide Their Checkmarks…. Out Of Embarrassment Perhaps?

Posted in Commentary with tags on August 2, 2023 by itnerd

This is a sure sign that having a blue checkmark on Twitter isn’t in the interest of people who are dumb enough decide to pay Elon Musk $8 a month for Twitter Blue. According to The Verge, Twitter Blue subscribers can now hide their checkmarks:

Twitter Blue, which Elon Musk is currently rebranding to X Blue, now includes the option to hide the notorious blue checkmark. Twitter Blue subscribers recently started noticing the “hide your blue checkmark” option on the web and in mobile apps, offering the ability to hide that they’re paying for Twitter and avoid memes about how “this mf paid for twitter.”

“The checkmark will be hidden on your profile and posts,” notes a Twitter support article. “The checkmark may still appear in some places and some features could still reveal you have an active subscription. Some features may not be available while your checkmark is hidden.”

The only reason why this is a thing is that clearly the checkmark has no value on Twitter. That’s because Elon destroyed any value it had. And it’s likely become a source of embarrassment for those who have one because they are dumb enough decided to pay for Twitter. The fact that Elon has to come up with something like this to keep whatever people who are dumb enough decided to pay him $8 a month from cancelling their subscriptions illustrates how much he’s hurt Twitter.

Leave a comment »

The r/law Subreddit Bans Links To Twitter

Posted in Commentary with tags on August 2, 2023 by itnerd

You might recall that Elon Musk stepped in to reinstate the Twitter account of someone who posted child porn. Well, Elon’s decision to do that has knock on effects. And in a move that I suspect is a sign of things to come, r/law, a popular subreddit about the law announced last week that it was completely banning links to Twitter:

Since Musk took control of Twitter, he mostly eliminated the Trust and Safety group and stopped paying the vendor that scans for CSAM. As a result, CSAM (child sexual abuse material) has apparently been circulating on Twitter recently (from what I’ve read elsewhere, the same notorious video that the feds found on Josh Duggar’s hard drive).

Musk also recently reinstated the account of someone who posted CSAM content.

As a result, we’ll be removing any content here that leads to Twitter, or, as he now calls it, X. Whether it’s an embed link or a direct link to a tweet. Don’t care what outlet is doing it. If you’re a reporter or editor, stop embedding links to Twitter in any of your content.

DO NOT: Under any circumstances post any link that leads directly to CSAM. We will ban you immediately and report you to the admins. If it looks like you broke the law—which borders on strict liability for this stuff—we will do everything in our power to report you to the feds and send you to jail.

What they’re basically suggesting is that the media, such as yours truly, stop embedding links to Twitter. At least in r/law. The problem with that is that I can see this sort of thing spreading to other places on Reddit. And then other places outside of Reddit. I’m not sure that this is a viable course of action. Though I can see why one might take that course of action. Because Elon by not going after posters of child porn made Twitter the Wild West where you might become collateral damage if you post something that you didn’t completely sanity check. This is another one of those things that illustrates why you should leave Twitter if you haven’t already.

Leave a comment »

HYAS EyeSpy POC – First Polymorphic, Intelligent Fully Autonomous AI Malware

Posted in Commentary with tags on August 2, 2023 by itnerd

Today HYAS Infosec, whose adversary infrastructure platform provides unparalleled visibility, protection and security against all kinds of malware and attacks, today announced their EyeSpy proof-of-concept (PoC), an entirely new type of polymorphic, fully autonomous malware. The malware uses artificial intelligence to make informed decisions and synthesize its capabilities as needed to conduct cyberattacks and continuously morph to avoid detection.  

  • EyeSpy reads its target environment, autonomously determines available attack vectors, generates, and tests and adapts malware until it achieves attack goals. 
  • It reasons on its own, picks the best tools and techniques to use in a given moment, then strategizes and executes an attack, assesses and fixes code failures in-memory to align with its changing attack objective, and continuously evades detection.
  • Security Mindsets Analyst Charles Kolodgy said in part: “I have seen EyeSpy demoed. The nightmare scenario where malware can autonomously respond to its environment is reality. With EyeSpy, HYAS is getting into the adversarial mindset on what’s coming in the future and is able to be more predictive on what we’ll be facing.”​​​​​​​​​​​​​​​​​​
  • Todd Graham, Managing Partner, M12 (Microsoft’s venture capital fund), said in part: “There is no doubt this is the next threat landscape and the new theater of war.”

 The development of EyeSpy is part of HYAS Infosec’s ongoing research and will ensure that the company’s protection platform extends to the future of malware as well. As part of its continuing research, HYAS recently pioneered AI-synthesized, polymorphic malware with its BlackMamba PoC.  

Using the current early versions of generative AI, EyeSpy is capable of:

  1. Selecting its intended victim independently or through a threat actor’s specification
  2. Assessing the target environment, platform, applications and environmental footprint
  3. Identifying optimal vectors to extract information
  4. Writing malware on the fly – for example, if a target is on a specific video conference app, it will compose, test & validate the malware for that app 
  5. Executing the attack
  6. Analyzing the QA result
  7. Self-repair and continued attack iteration until it has achieved the attacker’s goals

EyeSpy catapults HYAS even further into a future where such intelligent, autonomous entities will be part of the cyber warfare landscape. EyeSpy represents a significant milestone in the potential evolution of adversary capabilities. Observers note that EyeSpy malware isn’t merely a program – it is an adaptive entity with evolving strategies, making its class of malware an ever-present, dynamic threat that evades detection.

HYAS Labs threat research is accelerating work on technology capable of remediating this emerging class of AI-synthesized, polymorphic malware both to ensure its award-winning HYAS Protect, HYAS Confront, and HYAS Insight solutions provide the superb protection that the market urgently needs, and also to advance the sector’s understanding of and response to new generations of threats.

Learn more about the EyeSpy PoC.

Leave a comment »

Cado Security Labs Releases Inaugural 2023 Cloud Threat Findings Report 

Posted in Commentary with tags on August 2, 2023 by itnerd

Cado Security, provider of the first cloud forensics and incident response platform, today announced the release of Cado Security Labs 2023 Cloud Threat Findings Report. The report reveals noteworthy discoveries about the evolving cloud threat landscape, shedding light on the heightened risk of cyberattacks due to the rapid adoption of cloud-focused services.

Cado Security Labs is the internal threat research division within Cado’s engineering team. Responsible for conducting industry-leading threat intelligence and cloud security research, the team proactively monitors the latest cloud attack trends and Tactics, Techniques, and Procedures (TTPs). Since its inception, Cado Security Labs have discovered numerous novel cloud-based malware and threat techniques. One such example being Denonia, the first publicly-known case of malware specifically designed to execute in an AWS Lambda environment.  

Cado Security Labs researchers operate honeypot infrastructure to collect cloud attacker telemetry across services known to be targeted by cloud-focused threat actors. Findings are examined in real time and novel attack patterns are identified, reported on, and distributed to the security community. 

As organizations increasingly embrace cloud technologies and inherently expose themselves to new and evolving risks, understanding emerging cloud trends on a deeper level is critical. In this report, Cado equips the security community with knowledge that will help them better protect against the latest threats. 

Key findings from the report include:

  • Botnet agents are the most common malware category, representing around 40.3% of all traffic. Use of botnets has been especially relevant in the context of the Russia-Ukraine war, where they have been leveraged by hacktivists on both sides to conduct DDoS attacks on strategic targets.
  • SSH is the most commonly targeted service accounting for 68.2% of the samples seen, followed by Redis at 27.6%, and low Log4Shell traffic at a mere 4.3%, indicating a shift in threat actor strategy no longer prioritizing the vulnerability as a means of initial access.
  • Further, in an overwhelming majority, nearly all (97.5%) opportunistic threat actors scan for vulnerabilities in only one “single” specific service to identify vulnerable instances deployed in the wild. This could be due to the fact that attackers are aware of a specific vulnerability in a particular service or they have development experience in that area. 

From the attacker telemetry analyzed, Cado Security Labs has derived several projections and recommendations. The team anticipates attacks leveraging serverless functions will increase in severity and sophistication, ransomware groups will develop more non-Windows ransomware, and threat actors will continue to exploit cloud services to aid in phishing and spam campaigns. 

In light of these predictions, Cado Security experts advise organizations to understand the AWS shared responsibility model, ensure access to relevant evidence, limit the exposure of services like Docker and Redis, check public repositories for cloud credentials, and apply the principle of least privilege.

To download the full report, please visit: https://offers.cadosecurity.com/cado-security-labs-2023-threat-findings-report.

Leave a comment »

« Older Entries
Newer Entries »