Trend Micro joins the Canadian Cyber Threat Exchange

Posted in Commentary with tags on June 28, 2023 by itnerd

Trend Micro, a global leader in cybersecurity solutions, has joined the Canadian Cyber Threat Exchange (CCTX) to contribute knowledge assets and threat insights and to help support cyber resilience across the country. The CCTX is Canada’s national cyber threat sharing and collaboration hub. 

By becoming a CCTX member, Trend Micro is joining forces with a diverse community of organizations, professionals, and government institutions to collaborate, share, and discuss useful information regarding cyber threat actors, their campaigns, TTPs (tactics, techniques, and procedures), trends, research, and processes. Collaborating on current risks and exchanging best practices, techniques, and insights is critical to increasing preparedness and developing security responses that can protect organizations across multiple fronts.

Building cyber resilience is an important focus area considering a recent Trend Micro report showed Canadian organizations struggle to profile and defend their expanding attack surface. Over the past year, 56 percent of Canadian organizations have had customer records compromised at least once. Moreover, another report found the average total cost of a data breach for Canadian companies was $4.50 million (USD).

The CCTX was created to build a secure Canada where all organizations, both private and public, collaborate to increase cyber resilience using a two-pronged approach: 

  • CCTX Collaboration Centre is a trusted forum for cyber professionals to solve problems by exchanging best practices, techniques, and insights.
  • The CCTX Data Exchange compiles, analyzes and shares cyber threat information to provide actionable cyber threat intelligence to its cross sectoral membership. Data is received from its members, the Canadian Centre for Cyber Security and other Canadian and international cyber threat sharing hubs.

As a leading global voice in the fight against cybercrime, Trend Micro is proud to support collaborative hubs, partnerships, and law enforcement internationally by sharing strategic and tactical threat intelligence with different countries worldwide, including Canada.

To learn more about Trend Micro please visit: www.TrendMicro.com

To learn more about CCTX, please visit: https://cctx.ca/

Leave a comment »

Rezilion Report Finds World’s Most Popular Generative AI Projects Present A High Security Risk

Posted in Commentary with tags on June 28, 2023 by itnerd

Rezilion, an automated software supply chain security platform, today announced a new report, “Expl[AI]ning the Risk: Exploring the Large Language Models (LLM) Open-Source Security Landscape,” finding that the world’s most-popular generative artificial intelligence (AI) projects present a high security risk to organizations.

Generative AI has surged in popularity, empowering us to create, interact with, and consume content like never before. With the remarkable advancements in LLMs, such as GPT (Generative Pre-Trained Transformers), machines now possess the ability to generate human-like text, images, and even code. The number of open-source projects that integrate these technologies is now growing exponentially. By way of example, since OpenAI debuted ChatGPT seven months ago, there are now more than 30,000 open-source projects on GitHub using the GPT-3.5 family of LLMs. 

Despite the booming demand for these technologies, GPT and LLM projects present various security risks to the organizations that are using them, including trust boundary risks, data management risks, inherent model risks, and general security concerns.

Rezilion’s research team investigated the security posture of the 50 most popular generative AI projects on GitHub. The research utilizes the Open Source Security Foundation (OSSF) Scorecard to objectively evaluate the LLM open-source ecosystem and highlight the lack of maturity, gaps in basic security best practices, and potential security risks in many LLM-based projects.

The key findings highlight concerns, revealing very new and popular projects with low scores:

  • Extremely popular, with an average of 15,909 stars 
  • Extremely immature, with an average age of 3.77months
  • Very poor security posture with an average score of 4.60 out of 10 is low by any standard. For example, the most popular GPT-based project on GitHub, Auto-GPT, has over 138,000 stars, is less than three months old, and has a Scorecard score of 3.7.

The following best practices and guidance is recommended for the secure deployment and operation of generative AI systems: educate teams on the risks associated with adopting any new technologies; evaluate and monitor security risks related to LLMs and open-source ecosystems; implement robust security practices, conduct thorough risk assessments, and foster a culture of security awareness. 

An alarming amount of time is dedicated to security – especially when it comes to software. Rezilion’s automated software supply chain security platform helps customers to manage their software vulnerabilities efficiently and effectively. Maintaining a detailed and current database on the latest software vulnerabilities and the strategies to mitigate them remains paramount to customers’ success in navigating this complex security landscape. Rezilion provides its users with the same OpenSSF scorecard insights as part of the product offering for customers to make more informed decisions regarding adopting and managing any open-source project. 

I also got some commentary Yotam Perkal, Director of Vulnerability Research at Rezilion who authored this report.

What was the most concerning finding from the survey and why? 

The most concerning finding from the survey is the inadequate maturity and security posture of the open-source ecosystem surrounding LLMs. As these systems gain popularity and adoption, it is inevitable that they will become attractive targets for attackers, leading to the emergence of significant vulnerabilities. This finding raises concerns about the overall security of LLMs and highlights the need for improved security standards and practices in their development and maintenance.

What should organizations know about LLM risk before integrating Gen AI tools? 

Organizations should be aware that integrating Generative AI tools, including LLMs, comes with both unique challenges and general security concerns. They need to address the specific risks associated with LLMs, such as data privacy, protection against attacks on the models, and securing the infrastructure involved in their deployment. Additionally, organizations must consider broader security implications and ensure that industry security standards are followed to promote ethical and responsible use of generative AI technology.

How can they prepare for this risk and who is responsible for this? 

Organizations can prepare for LLM risks by adopting a secure-by-design approach when developing Generative AI-based systems. They should leverage existing frameworks like the Secure AI Framework (SAIF), NeMo Guardrails, or MITRE ATLAS™ to incorporate security measures into their AI systems.  It is also imperative to monitor and log LLM interactions and regularly audit and review the LLM’s responses to detect potential security and privacy issues and update and fine-tune the LLM accordingly. Responsibility for preparing and mitigating LLM risks lies with both the organizations integrating the technology and the developers involved in building and maintaining these systems.

What are some other risks GPT and LLMs can pose to organizations? 

The risks associated GPT and LLMs can pose are varied and can affect all aspects of the CIA triad (Confidentiality, Integrity and Availability). These risks can lead to bypass of access controls, unauthorized access to resources, system vulnerabilities, ethical concerns, potential compromise of sensitive information or intellectual property and more.

How will this risk through LLM to organizations evolve in the next 12-18 months?

Over the next 12-18 months, the risk through LLMs to organizations is expected to evolve as the popularity and adoption of these systems continue to grow. Without significant improvements in the security standards and practices surrounding LLMs, the likelihood of targeted attacks and the discovery of vulnerabilities in these systems will increase. Organizations must stay vigilant and prioritize security measures to mitigate evolving risks and ensure the responsible and secure use of LLM technology.

To download the full report, please visit: https://info.rezilion.com/explaining-the-risk-exploring-the-large-language-models-open-source-security-landscape

1 Comment »

Guest Post: Microsoft Edge hits nearly 300M users after ChatGPT integration

Posted in Commentary with tags on June 28, 2023 by itnerd

Web browsers serve as our virtual entryway in the vast landscape of the digital world, allowing us to explore the internet easily.

According to the calculations by the Atlas VPN team, the Microsoft Edge browser is closing in on a total of 300 million users. The browser’s number of users grew by 50 million months after ChatGPT was implemented. Despite that, Google Chrome and Safari continue to dominate the browser market share.

Google Chrome has nearly 3.4 billion users and stands firmly as the most popular browser. Chrome’s success is due to its strong features, user-friendly interface, and seamless integration with Google services.

Apple’s Safari browser reached over 1 billion users last year and this year continued to grow to 1.1 billion users. Since April 2022, the Opera browser has grown its user number by 40%, from 109 million to 152 million users.

Firefox’s browser user number stands at about 150 million. Samsung Internet browser has a user base of nearly 135 million people.

​​Cybersecurity writer at Atlas VPN, Vilius Kardelis, shares his thoughts on browser market share:

“The growth of Microsoft Edge has sparked a wave of innovation among its competitors. A notable example is Google’s integration of its Bard AI into Chrome, a clear response to Edge’s success. Such a competitive environment promises a bright future for web browsing.”

To read the full article, head over to:

https://atlasvpn.com/blog/microsoft-edge-hits-nearly-300m-users-after-chatgpt-integration

Leave a comment »

Diana Initiative & We Open Tech Merge to Support Marginalized Security/Tech Persons

Posted in Commentary with tags on June 27, 2023 by itnerd

We Open Tech (WOT), the cybersecurity and tech community formed to elevate and support people of marginalized genders for the last two years, announces its merger with and into the Diana Initiative, the belonging-driven organization and popular annual conference committed to helping all underrepresented people in Information Security which hosted their first event in 2016. 

The 2023 Diana Initiative Conference will take place Monday August 7, 2023, In-Person, at The Westin Las Vegas Hotel & Spa. This year’s theme is “Lead the Change.”

We Open Tech Co-Founder Chloé Messdaghi said: “Our missions have been aligned with one another since WOT was founded. Today more than ever, marginalized persons need and deserve the best and most possible opportunities for mentoring relationships, professional development, career opportunities and support, and we are delighted to join forces with Diana Initiative and work together to expand its events and community support.”

Although some segments of the technology community have moved to become more inclusive to diverse talents, challenging headwinds and the current political climate continue to impede the participation of those of marginalized.

The consolidation comes at a time when “gatekeeping” is contributing to the ongoing cybersecurity talent shortage, and represents barriers to building better security teams and stronger leaders. 

This year’s Diana Initiative Conference features sessions such as: 

  • Speakers
  • Career Fair
  • Career Village
  • Lockpick Village
  • Maker Village
  • Hands-on workshops

For a full list of sessions, visit: https://www.dianainitiative.org/event/event-schedule/

Leave a comment »

The Effects Of Petro Canada’s Parent Company Getting Pwned Continue With No ETA For Resolution

Posted in Commentary with tags on June 27, 2023 by itnerd

This is now day 5 of Suncor Energy being the victim of some sort of cyberattack. I first wrote about this on Sunday where Petro Canada gas stations were unable to accept payment by debit or credit card. On top of that, Petro Canada’s app which allows you to collect “Petro Points” for things like free gas and gift cards isn’t working either. On Monday led to Suncor admitting that it was dealing with a cyberattack. But as I type this, there’s no ETA as to when all of this will be resolved. And what makes things worse is that there is likely more going on than we know based on this report:

Ian L. Paterson, CEO of Vancouver-based cybersecurity company Plurilock Security Inc., said these public-facing issues could be “just the tip of the iceberg.” He added that as early as Friday, he was also hearing about Suncor employees being unable to log in to their own internal accounts.

“All of these things put together seem to suggest that there could be a sizable cyber incident that’s taking place,” Paterson said, cautioning that much is still unknown about the current situation.

“I think that this actually could be the Canadian Colonial Pipeline, just in the sense that Suncor is such a large part of the economy.”

If this is an attack as big as Colonial Pipeline, then this event is as non-trivial as it gets for Canada as Petro Canada is “the” gas station for many parts of the country.

Carol Volk, EVP, BullWall starts off the commentary: 

    “A company as large as Petro-Canada would most likely have had a plethora of security tools in place to prevent attacks like this. We are never going to stay one step ahead of motivated bad actors. A new approach that layers on active attack containment is the new frontier for cyber security.” 

Stephen Gates, Principal Security SME, Horizon3.ai follows with this:

   “Although the details of the cyber incident are few, this sounds like a targeted attack against the point-of-sales systems since the organization is unable to accept and process credit/debit card transactions. If a ransom-related campaign is the culprit, then this may indicate a new attack path and outcome.

   “Most occurrences of ransomware lock up workstations and data stores but rarely target what most would consider to be IoT. But on the other hand, many gas pumps run commonly used operation systems (like Windows CE) which could make them a considerable target to ransom since an outage could cause untold consumer pain.”

Finally I have a comment from Roy Akerman, Co-Founder & CEO, Rezonate:

   “This is an example of how cyber risk has a direct impact on business continuity. We often see that when an organization settles for compliance checks rather than a robust security program. Organizations should not invest only in preventative and cyber readiness actions, but also in recovery and response. As more information unfolds, we can further evaluate actions taken and the cause for business disruption.”

You would have thought that after the Colonial Pipeline incident, that companies overall would be better prepared. But that appears not to be the case and that doesn’t surprise me. Companies need to get serious about cybersecurity or they will end up like Suncor.

Leave a comment »

NanoLock Secures Critical Infrastructure with Zero-Trust OT Protection and Expansion to U.S. Market

Posted in Commentary with tags on June 27, 2023 by itnerd

NanoLock Security, a leading provider of device-level, zero-trust OT protection for industrial manufacturing, food and beverage, chemical, pharmaceutical, and critical infrastructure industries, today announced the general availability of OT Defender for North American customers.

NanoLock’s OT Defender is an industrial cybersecurity solution that protects the integrity of industrial manufacturing companies and Operational Technology (OT) assets from unauthorized access and changes, whether it’s by outsiders, insiders, third-parties or human errors.

Cyberattacks on OT/ICS (Industrial Control Systems) in U.S. critical infrastructure are rapidly increasing in numbers, frequency and sophistication. Multi plant operations are especially at risk as these facilities manage complex distributed networks in different locations, operate a combination of legacy and new equipment, and may have technicians with remote access privileges and a large number of third party providers.

The alarming rise in attacks has led to an urgent need for zero-trust cyber protection at the device level and ushered in new OT/ICS regulations and guidance specific to industrial devices used in critical infrastructure and industrial operations. The National Institute of Standards and Technology has called for the “protection of individual OT components [devices] from exploitation” in recent guidance. According to Gartner® “through 2026, 75% of organizations with a formal zero trust strategy will explicitly exclude their CPS in production or mission-critical environments.”

OT Defender is designed to protect production environments from external and internal cyber incidents. It protects the operational integrity of production lines by preventing unauthorized and unauthenticated access, change requests, or update attempts of a Programmable Logic Controller (PLC). It has no impact on performance and functionality and future proofs industrial organizations from new and upcoming regulations involving device-level zero-trust protection. OT Defender is already used by some of the world’s largest manufacturers, automotive as well as pharma companies.

Expanding Presence in the US Market with Appointment of Jay Smilyk as GM of the Americas

To launch the general availability of OT Defender in North America and expand NanoLock’s footprint across the region, the company has hired Jay Smilyk as GM of the Americas. With over two decades of experience in bringing cybersecurity solutions to the U.S. market, Jay will drive sales and establish strategic partnerships that contribute to the growth and success of the organization. Mr. Smilyk will focus on identifying opportunities for expansion of the OT Defender solution among industrial, manufacturing, and utilities companies and has already started building the U.S. team to support these objectives.

Leave a comment »

Trend Micro Details How Cybercriminals Use Residential Proxies and CAPTCHA-solving Services to Carry Out Credential Stuffing Attacks

Posted in Commentary with tags on June 27, 2023 by itnerd

Today, Trend Micro released  a report titled, “AGENTS OF ABUSE: Residential Proxies and CAPTCHA-Solving Services,” to spotlight how cybercriminals use residential proxies and CAPTCHA-solving, proxies and configurations to carry out credential stuffing attacks.

Different markets and industries, including e-commerce, social media, fintech, airline and travel, and online ticket services, are losing billions of dollars each year because of fake web traffic generated by illicit scrapers, fake accounts, robot buyers, carders, and stuffers

Data revealed that 47.4 per cent of all Internet traffic in 2022 came from bots.

While CAPTCHA services and IP reputation feeds are used to counter this type of e-commerce fraud and account takeover, it has been found abusers have developed tools to counter these defensive measures.

Below are some stats worth highlighting around fake web traffic:

  • 25% of newly registered accounts are fake
  • 20% of login attempts are attacks
  • 86% of all attacks are carried out by bots

Based on the data gathered using the Trend Micro™️ Smart Protection Network™️ from January to August 2022, business websites from different industries, including social commerce, online gaming, cryptocurrency, and travel, were affected by CAPTCHA-solving services.

You can also read the full report HERE.

Leave a comment »

Connect&GO and Adyen partner up

Posted in Commentary with tags , on June 27, 2023 by itnerd

Connect&GO, a world leader in RFID and integrated attractions management technology, announces the launch of Konnect Mobile point-of-sale in partnership with Adyen. Combining the flexibility of Connect&GO’s all-in-one management platform (Konnect) with Adyen’s S1F2 all-in-one Android devices, the new integration will create a unified experience for operators that helps drive revenue and create frictionless experiences at attractions around the world. 

With Konnect Mobile point-of-sale (POS), attractions operators can now sell or fulfill orders from anywhere in their park through a single mobile device that includes an integrated payment terminal. Operators can check the content of a guest’s digital wallet at any time by scanning the guest’s RFID wristband. Guests can then reload cashless balances or purchase tickets from the very same team member.

The new integration promises to boost spending at attractions around the world, and will be deployed this summer at several waterparks across the United States leveraging Connect&GO’s innovative cashless solution for the first time.

Konnect Mobile POS is the latest in Connect&GO’s product enhancements that help operators leverage groundbreaking RFID technology to help solve the problems of legacy technology while unlocking powerful growth opportunities. The Konnect all-in-one management platform seamlessly integrates eCommerce, point-of-sale, cashless payments, F&B and access control using proprietary Virtual Wallet technology to create a unified experience with real-time data.

Connect&GO recently announced its AI prediction engine for the attractions market as well as an $8 million extension to its Series A funding. 

Leave a comment »

Cradlepoint Introduces Zero Trust Solution for Cellular IoT Deployments 

Posted in Commentary with tags on June 27, 2023 by itnerd

Cradlepoint, the global leader in cloud-delivered LTE and 5G wireless network edge solutions, today announced the launch of the S700, a multipurpose IoT router designed to provide a rich zero trust security service to enterprise customers. Coupled with Cradlepoint NetCloud Exchange Secure Connect, the S700 provides a comprehensive cloud-managed network solution to safeguard IoT devices as today’s attack surface expands and adversaries increasingly target connected devices.  

There are an estimated 41.76 billion IoT devices that exist globally in 2023. With shipments of these devices expected to grow at 18 per cent annually, IoT solutions are driving device sprawl despite not being equipped to use modern security methods. As today’s attack surface expands and cybercriminals become more sophisticated, it’s clear that many organizations are not prepared to address IoT security needs. For IT teams to effectively manage distributed IoT networks, organizations need an efficient zero trust approach to security. This includes easing the setup and maintenance of IoT solutions, while enabling advanced fine-grained policies to allow access for third-party management of devices.  

The S700 and NetCloud Exchange from Cradlepoint delivers a robust zero trust solution for IoT that removes deployment complexity and is ideal for enterprise lean IT scenarios. Key benefits include:  

  • Connect-and-go ZeroTrust: Any IoT device connected to the router is immediately dark to public scans and other internal sites. Access policies are easily defined so IoT devices communicate only with their authorized resources on a least-privilege basis.  
  • Efficient WAN creation: Orchestrated with only a few clicks through a cloud-based management system, the S700 removes deployment and management complexity and easily builds effective zero trust encrypted tunnels over cellular and wired links. 
  • Small Router with Big Security: IoT devices connected to a small router can still have access to full modern security services including zero trust. The S700 adds simplicity by offloading the security processes to a services gateway, which holds the security policies, manages router updates (including security patches), and orchestrates processes.  
  • Third-party access protection: Over 60 per cent of WANs are now serving outside customers and suppliers, so protecting third-party access to IoT equipment has broad implications. With the Cradlepoint solution, fine-grained policies can be added to the zero-trust services gateway allowing third-party access to all or part of the management system of an IoT device behind the Cradlepoint router. 

As a multipurpose IoT router designed for the enterprise, the S700 connects light industrial, smart city, IoT and portable devices over cellular, Wi-Fi and wired links. Offering a wide variety of connectivity options through LTE, two Gigabit Ethernet ports for wired connections and dual band Wi-Fi 6 options, the S700 also adds advanced features, such as active GNSS/GPS for asset tracking, GPIO pins to control and monitor external sensors. 

The Cradlepoint S700 will be available for purchase widely on July 12, 2023. For more information, please visit https://cradlepoint.com/product/endpoints/s700-series/.  

Leave a comment »

François Ribeiro Appointed as CEO of Infinite Reality Europe

Posted in Commentary with tags on June 27, 2023 by itnerd

Infinite Reality (iR), a leading provider of cutting-edge immersive virtual experiences, is pleased to announce the appointment of François Ribeiro as CEO of its European division.

Ribeiro brings extensive experience in the sports and entertainment industry, having previously served as the Head of Discovery Sports Events at WBD Sports. In this role, he played a pivotal role in delivering captivating sporting events to audiences worldwide. Now leading Infinite Reality’s European operations, Ribeiro will utilize his visionary approach to drive the company’s innovative fan and audience engagement strategy.

This appointment comes at a critical juncture, with immersive experiences, the Metaverse, and Web3 garnering unprecedented interest. As digital interaction enters a new dimension, Infinite Reality is perfectly positioned to capitalize on this transformative phase, creating captivating and interactive experiences that resonate with global audiences.

Ribeiro himself recognizes the potential of immersive digital experiences in various sectors, given the concentration of global sports rights holders and industry leaders in Europe. He highlights how investing in virtual reality can diversify and expand revenue streams for event organizers by monetizing remote digital experiences of real-life events, catering to fans unable to attend physically. Moreover, the interactive capabilities of this technology elevate online sales standards to provide a first-class interactive retail experience and transform streaming into a shared moment. Ultimately, digital immersive experiences offer brands the opportunity to engage directly with consumers, gain insight into their customers, establish transactional spaces, and convert audiences into loyal users.

Leave a comment »

« Older Entries
Newer Entries »