Nyriad 2023 NAB Showcase to Highlight How Creatives Can Optimize Resources

Posted in Commentary with tags on April 11, 2023 by itnerd

Nyriad has announced that it will showcase its UltraIO data storage solution at the upcoming 2023 NAB Show, the ultimate gathering of media, entertainment, and technology professionals, highlighting the latest innovations and trends shaping the industry. In addition, during the event taking place April 16-19 at the Las Vegas Convention Center, Nyriad will be joined by strategic partners DigitalGlueRED Digital Cinema and ATTO Technology, to demonstrate the seamless interoperability and the enhanced capabilities of their joint end-to-end solutions.

NAB attendees visiting the Nyriad Booth #N1029 will see first-hand how its cutting-edge, GPU-accelerated technology, the UltraIO storage system, empowers creative professionals to edit high-resolution video (8K and higher) seamlessly, eliminating the need for time-consuming transcoding, proxy creation, or file transfer across the network. This not only saves precious time and money but also enhances the overall efficiency of creative workflows, contributing to the company’s bottom line. By streamlining the editing process, the UltraIO storage system empowers creatives to work more effectively, producing exceptional results and driving business success.

In addition, Nyriad Booth #N1029 will also feature interoperability demos with DigitalGlue which will feature its creative.space platform that is purpose-built to simplify how creatives work and collaborate, both onsite and remotely; RED, provider of the most powerful and versatile lineup of cinema cameras in the industry; and ATTO Technology, a global leader in network and storage connectivity and infrastructure solutions for the most data-intensive computing environments.

The joint demo will showcase the capabilities of a RED V-RAPTOR 8K VV camera with a Canon XJ22 Digi-super studio lens, which will be located in Nyriad’s booth along with the UltraIO storage system, creative.space, and ATTO network solutions. The camera will capture video footage, which will then be ingested by a creative.space ROGUE PRO system where it can be utilized onsite. The footage will be replicated seamlessly to a creative.space system that is integrated with a multi-petabyte Nyriad UltraIO data storage system, located in a remote data center in the Bay Area and accessed by ATTO-powered workstations. Attendees will see how the joint solution delivers an efficient and effective end-to-end process for ingesting footage on-location, replicating it to an off-site target, collaborating easily, and facilitating seamless editing across multiple geographically dispersed locations. 

In addition, the demonstrations will show:

  • Performance – 8K video editing and high-performance networking to increase productivity, from anywhere, at anytime
  • Efficiency – optimize resources, eliminate costly delays in post-production, and deliver great content on deadline and on budget
  • Resilience – data protected and available in the studio, on location, in post-production houses, and remote editing facilities 
  • Simplicity – edit while capture; streamlined workflows enable increased quality outcomes and speed time-to-release

To learn more about the 2023 NAB Show and to register to attend, please visit: https://nabshow.com/2023/.

Please join Nyriad, DigitalGlue and RED Digital for a hosted Cocktail Reception during the show, on Monday, April 17, 4:00 pm – 6:00 pm in the Nyriad Booth N1029. Register to attend here: https://www.nyriad.io/cocktail-hour-at-nab-show-2023/.

Leave a comment »

Armorblox 2022 Email Security Report Reveals Dramatic Increase of BEC Attacks by 72% Year-Over-Year

Posted in Commentary with tags on April 11, 2023 by itnerd

Armorblox has released its second annual 2023 Email Security Threat Report, documenting the significant increase in targeted attacks, trends across a broad range of attacks, and highlights the use of language to bypass existing email security controls. 

The report, based on data gathered from analyzing over 4 billion emails and stopping 800,000 threats every month, tracks email attacks across threat types such as vendor compromise, business email compromise (BEC), financial fraud, phishing attacks, impersonation attacks, account compromise, and graymail. Findings revealed that in 2022, BEC attacks have increased dramatically by 72% compared to 2021.

Key Highlights in the report also included:

  • 58% of account compromise attacks targeted SMBs
  • Vendor fraud and supply chain attacks are on the rise – and 53% of these targeted technology organizations
  • Security teams can find themselves spending upwards of 27 person hours a week manually sorting and deleting graymail across inboxes
  • Education was the leading industry targeted by BEC attacks in 2022, with over 40,000 attacks

You can read the report here.

Leave a comment »

Is Apple Is About To Terminate Access To Some Apple Services By Older Apple OSes?

Posted in Commentary with tags on April 10, 2023 by itnerd

Let’s get to the key point of this article. If you believe this rumour, Apple will disable iCloud, Music, TV, Siri, Maps and other cloud services on older versions of the OSes. Specifically these versions:

  • iOS 11.0 – 11.2.6
  • macOS 10.13.0 – 10.13.3
  • watchOS 4.0 – 4.2.3
  • tvOS 11.0 – 11.2.6

This comes from “Stella Fudge” on Twitter who has proven to be a reliable source of this sort of information in the past:

Now it makes sense why Apple would do this. Simply put, they don’t have to take into account an OS that was current 5 or 6 years ago that may not have the functionality to support any changes that they make in their back end. Nor do they have to do any “bodges” to make something on their back end work on an older OS. Which means that the back end becomes a whole lot more stable.

Let’s assume that this is true for a moment. It means that users in the best case should upgrade to the most recent OS that their device supports. Or if the iDevice in question is simply too old to get a newer update, then you’ll have to buy a new iDevice. Hopefully, Apple has some sort of official notification that this is happening in the form of a prompt on your iDevice urging you to upgrade, or a support document of some sort. In the meantime, I’ll be keeping an eye on this to see if is fiction or fact.

Leave a comment »

Elon Musk Has Found A New Way To Screw Over Substack Users

Posted in Commentary with tags on April 10, 2023 by itnerd

The ongoing war between Elon Musk’s Twitter and Substack seems to have taken another turn. You’ll recall that Elon was effectively blocking Tweets that contained links to Substack, and the way he explained it was at best dubious. That now appears to be resolved:

However, Elon is still suppressing Substack on Twitter. If you search for “Substack” using the Twitter app or the Twitter web page, this is what you will find. Or rather won’t find:

  • You won’t find Tweets from the official Substack Twitter account. Nor will you find any Tweets referring to Substack.
  • You won’t find Substack in the people tab.
  • The only way to find anything Substack related is to search for “Substack Newsletter”

This is a pretty scumbag level move by Elon. It’s pretty clear that Elon is doing this because he sees Substack as some sort of threat. After all, Twitter is very likely bleeding cash like a gunshot victim because of Elon’s inability to run the company. And Substack threatens to take more of it via Notes which is their Twitter competitor. So I can see Elon reacting in this way. Though it’s a pretty dumb move by him as all it does is generate even more negative press about him, which is not what I would expect that he wants. Not to mention that it pretty much puts to bed the theory that he’s any sort of free speech absolutist as the only free speech that he wants is the free speech that fits his world view.

Leave a comment »

The Way The Elon Musk Explains His Side Of The Story About Substack Links Being Blocked By Twitter Is Misleading At Best

Posted in Commentary with tags on April 9, 2023 by itnerd

Yesterday, I posted news that Twitter blocking links to competitor Substack. That’s a pretty dumb move by Elon. That led to Matt Taibbi who is best known for his reporting on the so called “Twitter Filesto dump Twitter:

“Of all things: I learned earlier today that Substack links were being blocked on this platform. When I asked why, I was told it’s a dispute over the new Substack Notes platform,” Taibbi tweeted Friday. 

He continued. “Since sharing links to my articles is a primary reason I come to this platform, I was alarmed and asked what was going on. I was given the option of posting articles on Twitter instead. I’m obviously staying at Substack, and will be moving to Substack Notes next week.”

That quickly got the attention of Elon. Who said this:

Well. Let’s go down the rabbit hole shall we? Let’s look at what you get when you go to a Tweet with a Substack link:

That sure looks like links to Substack are being blocked to me. Let’s take a look at the this message in full:

Okay, so this does have the option to “Ignore this warning and continue”. But the way this message is written, it sure looks like Elon is trying to make sure that you don’t click on the link by claiming that it is dangerous. That would be enough for a lot of users not to click on the link. So while he is technically correct that links aren’t being blocked as you can still click through, at best he’s being misleading. And it’s one of those stupid moves by Elon that will really come back to bite him.

1 Comment »

There Is A Desjardins Phishing Email #Scam That You Need To Be Aware Of

Posted in Commentary with tags on April 8, 2023 by itnerd

Yesterday I came across a new phishing email that targets customers of Desjardins which is a financial services group here in Canada. It starts with this email hitting your inbox:

So let’s dissect this a bit. There’s the usual hallmarks of a scam email which is that something that you might use is being disabled or restricted. And there’s a call to action to make you do what the scammers want you to do. In this case you need to act within 24 hours to avoid “full online suspension.” The quality of the English is sketchy, but not not the worst that I have seen in scam emails. However, the key thing that says that this is a scam is this:

This isn’t a Desjardins email address as Desjardins.com is how their emails addresses end.

So what is the scam? It’s a phishing scam to grab your banking credentials along with some other information. Let me illustrate:

If you click on “Verify Now” which by the way you should never ever do, you are presented with a CAPTCHA and the thing is, it works:

I actually spent some time playing with this and if you select anything other than the pictures that it wants you to pick, it won’t let you in. That suggests to me that someone spent a lot of time and effort to make this as convincing as possible. But if you’re paying attention to the URL, this should make you run in the other direction:

Clearly this isn’t a Desjardins website. And like I said, that should make you run in the other direction and close your browser. But since I spend my time writing about these scams, I am going further down the rabbit hole:

You’re next taken to a login page which has you enter your banking credentials. The threat actors behind this part didn’t even try to validate if the credentials are accurate. And you cannot change to English which implies that the threat actors couldn’t be bothered to create an English version of this page, or they are strictly targeting French speaking people as Desjardins is based in Quebec which is a French speaking part of Canada. Once you enter your credentials, you’re presented with this:

So not only do the threat actors want your banking credentials, but they seem to either want your security questions too, or they want to continue to make this phishing website as convincing as possible. The thing is that they don’t stop there:

The threat actors now want to grab your personal information. Perfect for an identity scam or two. But they’re not done yet:

They want to snag your debit or credit card too. I have to admit that the threat actors have put in a lot of work into this. While I wasn’t able to go beyond this point because the threat actors actually try to validate this information, I think you get the point. This is a decently executed phishing scam. But I’ll be informing Desjardins about this and hopefully they can shut this down. In the meantime, if you get this email in your inbox, delete it and move on with your life.

2 Comments »

Elon Musk Screws Over Substack Users By Not Allowing Tweets With Substack Links In Them

Posted in Commentary on April 8, 2023 by itnerd

First, let me explain what Substack is. Substack is a website that lets independent writers and podcasters publish directly to their audience and get paid through subscriptions. And that apparently is some sort of threat to Elon Musk for reasons I will get to in a moment, because if you like, reply, or retweet to tweets that contain links to Substack posts, none of those will work:

After those reports surfaced, between Thursday night and Friday morning, Twitter apparently began to restrict promotion and visibility for tweets with links to Substack posts. New tweets linking directly to Substack.com can still be tweeted, but trying to retweet or like those tweets via Twitter’s website results in an error message saying, “Some actions on this Tweet have been disabled by Twitter,” while doing the same from within its apps or TweetDeck appears to work while failing silently.

Here’s why this is a threat to Elon:

The unfortunate situation comes on the heels of Substack announcing Notes, a Twitter competitor.

Yep. Once again Elon hasn’t got the stones to compete straight up with anything Twitter competitor. Instead he just simply disables the ability to do Tweets with links to another company in the Tweet. What a loser he is. At some point, this sort of behaviour is going to come back to bite him. It’s a matter of when, not if that happens.

2 Comments »

Google Joins Apple In Requiring Apps To Allow Android Users Data Deletion Options

Posted in Commentary with tags on April 7, 2023 by itnerd

Starting in early 2024, Google has announced a new Play Store data deletion policy that will require Android developers to provide users the ability to delete their accounts and in-app data both within the app and on-line.
 
Every store listing will display links in the “Data deletion” area where developers will provide an in-app account deletion experience as well as a web-based option so users do not have to re-install the app. Developers will be required to delete the data associated with the account deletion. Finally, users are also provided with more options such as the ability to delete specific data while maintaining account. Google acknowledged that some developers may be legally required to retain certain data.
 
Developers may request an extension, but non-compliant apps will no longer be able to publish new apps or release app updates and may face removal from Google Play.
 
This announcement follows Apple’s move requiring developers of apps with an account creation option to also provide the users with a way to delete their accounts from within the apps starting June 2022.

Ted Miracco, CEO of Approov had this comment:

   “It is important for companies like Google and Apple to prioritize user privacy and security, and this new policy is a step in the right direction. The new Play Store data deletion policy is a positive development from a mobile security perspective and can help reduce the risk of data breaches by giving users more control over their personal data. In the event of a data breach, the ability to delete specific data and account information can be critical in preventing further damage and protecting sensitive information. With this new policy, users will have more control over their data and will be able to delete it in a more efficient and effective way, which can help reduce the risks associated with a data breach. App developers still need to do more to secure their apps and make sure they cannot be tampered with, and consumers should only install apps from legitimate app marketplaces.”

I like this as my data belongs to me. Thus I should have control over whom I share it with including if I no longer want to share it with a third party. Good on Google for doing the right thing for a change.

Leave a comment »

MSI Has Possibly Been Pwned By A Ransomware Gang And They Want To Get Paid

Posted in Commentary with tags on April 7, 2023 by itnerd

The news is out that computer maker MSI might have been pwned by a new group called the Money Message ransomware gang. And the gang is looking for a big payday:

Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as “Money Message,” which claims to have stolen source code from the company’s network.

MSI is a global hardware giant that makes motherboards, graphics cards, desktops, laptops, servers, industrial systems, PC peripherals, and infotainment products, with an annual revenue that surpasses $6.5 billion.

The threat actor has listed MSI on its data leak website and posted screenshots of what they claim to be the hardware vendor’s CTMS and ERP databases and files containing software source code, private keys, and BIOS firmware.

Money Message now threatens to publish all these allegedly stolen documents in about five days unless MSI meets its ransom payment demands.

The gang wants $4 million from MSI, and it isn’t clear if the gang will, or is even able to follow through on its threats. But Kevin Bocek, VP Ecosystem and Community at Venafi had this comment on the news:

“It’s early days, but if these claims are true, this theft could have severe ramifications for MSI. By stealing source code, a group can modify it and create their own variations, eventually helping form the foundation for developing their own ransomware variant and laying the seeds for future attacks.

“But the potential theft of private keys and exposure of machine identities is the biggest issue. Private keys are used to enable the encryption that secures machine identities – authenticating and securing communication between machines. The keys stolen could be code signing TLS machine identities. If so, these would allow the Money Message’s nefarious code to masquerade as MSI’s trusted code, opening the door for further exploitation.”

“If these keys are confirmed to be compromised, it’s essential that MSI acts quickly to understand which systems have been impacted and rotate any impacted keys. A machine identity control plane can play a vital role in achieving this, by helping manage the life cycle of all machines on a network and providing visibility into existing identities.”

I guess we will see in the coming days if this claim is true or not. If it is true, it could have massive ramifications for users of MSI hardware, or perhaps even beyond.

Leave a comment »

Western Digital Got Pwned…. And Customers Cannot Access Their Data In Western Digital’s Cloud

Posted in Commentary with tags on April 6, 2023 by itnerd

Something that I tell clients all the time is that “the cloud” is just someone else’s computer. Which means it is subject to all the problems that one can have with a computer. Including the fact that it can get pwned by threat actors. A case in point is the fact that hard drive manufacturer Western Digital has been pwned by threat actors three days ago. Though they might have been pwned earlier:

On March 26, 2023, Western Digital identified a network security incident involving Western Digital’s systems. In connection with the ongoing incident, an unauthorized third party gained access to a number of the Company’s systems.

Upon discovery of the incident, the Company implemented incident response efforts and initiated an investigation with the assistance of leading outside security and forensic experts. This investigation is in its early stages and Western Digital is coordinating with law enforcement authorities.

The Company is implementing proactive measures to secure its business operations including taking systems and services offline and will continue taking additional steps as appropriate. As part of its remediation efforts, Western Digital is actively working to restore impacted infrastructure and services. Based on the investigation to date, the Company believes the unauthorized party obtained certain data from its systems and is working to understand the nature and scope of that data.

While Western Digital is focused on remediating this security incident, it has caused and may continue to cause disruption to parts of the Company’s business operations.

And as a result of that pwnage, a bunch of Western Digital services were shut down. You can see the list here. There’s currently no word on when these services may come back up. But that’s not the worst of it. From what I can tell, thousands of people are without their files and Western Digital’s customer service department isn’t keeping its customers updated about what is happening or the progress.

You can read more about what people are experiencing here. But here’s the bottom line this isn’t a good look for Western Digital.

I personally have recommended their hard drives for years. They’re reliable and they haven’t caused myself or any of my clients issues. Their cloud service on the other hand is something I have never recommended. Instead, I direct people towards a service like Blackblaze which is purpose built for backing up your data off site. And I do that because I have never been 100% convinced that what Western Digital is offering would be safe and robust. I believe that I might have been proven right on that front. That’s not to say that Backblaze couldn’t get pwned as well. I guess what I am saying that I have a lot more trust in Backblaze than I do with Western Digital.

1 Comment »

« Older Entries
Newer Entries »