KAYAK and OpenTable integrate ChatGPT

Posted in Commentary with tags , on March 23, 2023 by itnerd

Sister brands KAYAK and OpenTable have launched plugins with OpenAI’s ChatGPT to power personalized recommendations for travel and dining. The union is a first-of-its-kind integration, with KAYAK among ChatGPT’s first travel collaborators to enable flight, hotel and rental car recommendations while OpenTable is ChatGPT’s only restaurant tech collaborator at launch, giving ChatGPT users restaurant recommendations and a direct link to book.

Here’s an example of how this works:

[User] “What’s the cheapest flight from New York to London this summer?”

Flight results from KAYAK will populate in a matter of seconds

[User] “I’d love to experience Afternoon Tea while I’m there, where can I get a reservation for 2 people”

Restaurant results from OpenTable will populate in a matter of seconds

The integration brings a fun, engaging and conversational element to the travel, dining and planning experience, so that finding that perfect destination or restaurant is as easy as texting your best friend.

For more information on KAYAK’s integration, see KAYAK’s blog here.

Leave a comment »

Rogers Email Users Who Are Stuck With The Telco’s Ongoing Email Issues Don’t Have The Ability To Forward Their Rogers Email To Another Provider…. WTF?

Posted in Commentary on March 23, 2023 by itnerd

For the last three weeks or more, I’ve been working with clients of mine who had had issues with Rogers email. If you’re coming to this a bit late, here’s how we got here. It started as a general outage, but what has dragged on for weeks is an issue with email. Specifically, anyone who uses Rogers email service (in other words they have a @Rogers.com address) cannot get their email. This is in part due to the fact that Rogers requires users to create  App Specific Passwords via Rogers Member Center on each program or device that an email address is used on. The creation of new app specific passwords doesn’t work and existing app specific passwords appear to have been deleted in many cases. That pretty much breaks your applications that rely on them.

Now there is a  workaround for this that I describe here:

The workaround for this is to open a web browser and go to https://mail.yahoo.com and enter your Rogers email account details there. The password that you should use is the one for Rogers Member Center. This will at least allow you to view and reply to email on the web. And while this is a sub optimal workaround for many, it’s the only workaround that exists right now. 

A secondary issue is that you might have tried to reset your email password under the belief that you were using the wrong password. If that’s you, I have some bad news for you. The only way to truly reset your email password is to dial into Rogers to do that. The good news is that once you hit a human, it doesn’t take long to do that. The bad news is that I am hearing wait times of three hours or more to actually get to a human. And I am also hearing that people are getting disconnected while waiting for a human to come onto the line. Which punts you to the back of the line. 

The problem with this workaround is that it is sub optimal as you’re reliant on a web browser to get your email. Besides not scaling well to devices like tablets and smart phones, seniors for example may have issues adjusting to this workflow. Never mind not being to use the application of their choice such as Outlook or Thunderbird.

This has led a lot of my customers to ask me to help them abandon the Rogers email platform with the goals being:

  • They can get their Rogers email on any device or using the application of their choice.
  • They can tell their contacts that they have moved to a new email provider, which by extension will reduce the amount of email coming in from their Rogers email account.
  • When the level of email coming in from their Rogers email account reaches a point where it’s minimal, they can kill the Rogers email account if they so desire.

So to make a move, you’d have to forward your Rogers Email to your new provider so that you can not only get it on any program or device, but you don’t have to constantly check two email accounts. That sound reasonable does it not? Except that you can’t forward your email from a Rogers email account to another email account.

No seriously, you can’t do that.

Yahoo, who is the provider of Rogers email service apparently makes forwarding an email to another account a paid feature. You can find out all the details about this here:

Upgrade to Yahoo Mail Plus or subscribe to Access + Forwarding to use the email forwarding feature in your Settings. Automatic forwarding sends a copy of incoming messages from your Yahoo Mail account to another email address. 

This move by Yahoo happened in 2021 and this thread from 2022 in the Rogers Community Forums highlights the fact that Rogers was caught up in this move by Yahoo. What that means for the average Rogers user is that they are stuck with having very limited options in terms of how to get and interact with their email. And any sort of move off of the Rogers/Yahoo email platform is going to be painful until Rogers fixes their email issues. And who knows when that might happen as Rogers hasn’t said anything about this issue in public. From a PR perspective, never mind just having any sort of respect for their customers, the fact that Rogers hasn’t bothered to communicate with their customers on this is an #EpicFail.

And to add insult to injury, I can’t seem to find a way for a Rogers customer to pay for this feature. If you can find a way to pay for this feature, please leave a comment as many of my customers are so desperate to dump Rogers/Yahoo as their email provider that they’d hand over their credit cards to do it.

Honestly, Rogers and Yahoo should have forwarding email to another provider as a standard feature. The fact that this is a paid one is mind blowing. It’s almost as if Rogers and Yahoo wants to make it as painful as possible to exit their email service should you choose to. While it highlights the fact that you should never use your ISP’s email service, that means nothing to any Rogers user who is currently trapped in Rogers inability to fix their email platform.

Shame on you Rogers.

Leave a comment »

68% Of Canadian Media & Entertainment Organizations Added New Revenue Streams Last Year: Salesforce

Posted in Commentary with tags on March 23, 2023 by itnerd

Salesforce today released its Media & Entertainment Industry Insights Report that shares key trends from industry decision-makers across seven counties, on how organizations in the streaming/studio, brand advertiser, advertising agency, gaming, and other media and entertainment sectors are evolving amid digital-first customer expectations and economic headwinds. 

Key Canadian insights of this year’s Media & Entertainment Industry Insights Report include:

Despite Economic Headwinds, Customer Experience Remains Paramount. Today’s media and entertainment market is saturated, and many customers are re-evaluating their subscriptions, upping the ante for media and entertainment companies to prove their value. But hurdles make this an onerous task. The top two industry priorities in Canada are ‘improving operational efficiency’ and ‘experience innovations’, while ‘increased costs’ are the top industry challenge.

New Realities Spark Revenue Diversification. Diversified revenue streams are key for media and entertainment companies moving forward as they seek to increase average revenue per user. Sixty-four per cent of media and industry companies in Canada partner with influencers, and 52% have a fully defined Web3 strategy.

A Pursuit of Efficiency Hinges on Automation, Data, and Budgets. With advertising spend forecasted to decrease in the near term, efficiency is paramount to media and entertainment company strategies. Automation, AI, and data integration are seen as key to this pursuit. Employee productivity, closely followed by employee experience, are the top reported automation benefits among media and entertainment companies in Canada.

Methodology

Data in this report is from a double-anonymous survey of industry decision-makers conducted from December 14–29, 2022. The survey generated 350 responses from a range of media and entertainment professionals with a title of director or higher across Australia, Canada, France, Germany, India, the United Kingdom, and the United States. Cultural bias impacts survey results.

For more information:

Leave a comment »

Cleartext credentials can be extracted from Veeam Backup & Data Recovery: Horizon3.ai

Posted in Commentary with tags on March 23, 2023 by itnerd

Horizon3.ai has just published Veeam Backup and Replication CVE-2023-27532 Deep Dive and a new proof of concept (POC) allowing an unauthenticated user with access to the Veeam backup service (TCP 9401 by default) to extract cleartext user names and passwords.

The Veeam platform provides data recovery in the event of ransomware attacks on multi‑cloud infrastructure. Which means that this POC is a huge problem.

Horizon3.ai Exploit Developer James Horseman said:

“CVE-2023-27532 allows an unauthenticated user with access to the Veeam backup service to request cleartext credentials. We have examined the vulnerable port, reverse engineered the Veeam Backup Service, and constructed a WCF client using .NET core. We have also shown how to extract credentials from the Veeam database by invoking the CredentialsDbScopeGetAllCreds and CredentialsDbScopeFindCredentials endpoints.  Finally, we have released our POC on Github, which is built on .NET core and capable of running on Linux, making it accessible to a wider audience. It is important to note that this vulnerability should be taken seriously and patches should be applied as soon as possible to ensure the security of your organization.”

He also notes that others, including Huntress, Y4er, and CODE WHITE, have provided insight into this vulnerability. Horizon3.ai published its post and POC to offer additional insights.

You can read the deep dive here.

Leave a comment »

Google Cloud unveils new AI integration with Shopify

Posted in Commentary with tags , on March 23, 2023 by itnerd

Today, Google Cloud and Shopify announced a first of its kind integration, bringing Google’s leading search, browse and AI capabilities to Shopify retailers using Commerce Components, Shopify’s enterprise retail solution. 

This integration will help create a more seamless, intuitive online shopping experience, increasing customer retention for retailers and keeping Canadians engaged through the purchase journey. New data from Google Cloud found that over 50 per cent of Canadian shoppers are not completing their online purchase journeys because they cannot find what they are looking foramounting to losses of more than $106B each year for online retailers in Canada.

Google Cloud surveyed Canadians on their shopping experiences, finding: 

  • Despite the rise of online shopping, Canadians are not having a seamless experience. 9 in 10 Canadian consumers (89%) say they are more likely to make repeat visits to retail websites that are easy to navigate and browse, and a majority of Canadian shoppers (80%) report hurdles in their product discovery experience when searching online. 
  • Canadians are abandoning their online cart if they can’t find an item. After an unsuccessful search experience using the search function or search box on a retail website, more than half of consumers in Canada (51%) say they typically abandon their entire cart and go elsewhere if there’s at least one item they can’t find on a website.
  • With so much choice, a bad experience online can put brand loyalty in flux. More than 3 in 4 consumers (76%) say they are less loyal to a brand when it’s hard to find what they want on their website. 

This new integration will help to address these challenges, with AI-powered functionalities that deliver better and more personalized results. 

You can read the full press release as well as this blog post for more information. 

Leave a comment »

Hackers Impersonate Microsoft in Latest Phishing Campaign

Posted in Commentary with tags on March 23, 2023 by itnerd

Researchers at Avanan, a Check Point Software Company, have released its newest research discussing how hackers are creating realistic messages to report unusual activity to Microsoft. Instead of sending the message to a legitimate source, the hacker has created a “Mail-to” link that will automatically open up a new email, with the recipient being the hacker. 

In this email, hackers are sending what looks like an “Unusual sign in activity” alert, a common notification that Microsoft sends out when an account has an unusual sign-in. The email encourages the end-user to “report” this activity. Clicking on “Report the User” will open up a new email with the sender address, subject and body already populated. The hacker will reply to the sent message, asking the end-user for log-in information.

You can read the research here.

Leave a comment »

Not That This Is A Surprise, But Here’s Proof That Ransomware Is The New Cool Thing For Threat Actors

Posted in Commentary with tags on March 23, 2023 by itnerd

According to report by ENISA, ransom attacks more than doubled in the EU transportation sector in 2022 v. 2021.  This new report analyzes the cyber security landscape in the EU in relation to aviation, maritime, railway and road transport covering the period of January 2021 to October 2022.

                                                    2021                 2022

        Ransomware Incidents        13%                 25%

        Data breaches/leaks              21%                  9%

        Malware Reports                   11%                   6%

55% of incidents were financially motivated while hacktivists accounted for 23%. DDoS attacks increased from 2% to 13%.

15% of the attacks targeted State-backed entities and were largely aimed at the maritime sector and government transport authorities. European airports, railways and transport authorities were among other victims of those attacks, ENISA said.

ENISA acknowledges that its analysis likely under-represents the reality as the non-disclosed incidents may outweigh those made public. despite mandatory reporting.

Jan Lovmand, CTO, BullWall had this to say:

   “People in the transportation industry and governments should take the recent report by ENISA seriously and make immediate efforts to improve their cybersecurity measures. Attacks are increasing in frequency, and it is important for organizations to take proactive measures to mitigate the risk of a successful attack.

   “Organizations should review their existing cybersecurity programs and assess the effectiveness of their current defenses against ransomware attacks. They should also ensure that all employees are aware of the threat and trained in basic cybersecurity practices, such as keeping software up-to-date and using strong passwords.

   “Cybersecurity measures, such as multi-factor authentication, intrusion detection systems, and advanced threat intelligence and containment systems for detecting and responding to potential threats are table stakes in this threat environment.

   “In addition, governments should collaborate with industry organizations to develop and implement best practices for cybersecurity in the transportation sector. This includes providing guidance on cybersecurity risk assessments, establishing industry standards, and promoting information sharing to help organizations better understand the evolving threat landscape.”

What is clear from these numbers is that ransomware is what all the cool threat actors are doing. No shock there. That means that you have to make sure that you’re not a target of the cool threat actors. That will make these threat actors less cool and the world a safer place.

Leave a comment »

Nozomi Networks Releases New Content Pack for ISA/IEC 62443 Compliance Reporting and Security Checks

Posted in Commentary with tags on March 23, 2023 by itnerd

Nozomi Networks, the leader in OT and IoT security, today announced a new content pack for organizations working toward ISA/IEC 62443 compliance and certification. The ISA/IEC 62443 Content Pack [JB1] makes it possible for Nozomi Networks platform users to quickly create custom queries and reports that help confirm their industrial automation and control systems (IACS) meet ISA/IEC 62443 standards. The Content Pack can also be used to assess an IACS’ security posture against ISA/IEC 62443 standards, identifying areas that align with the standards and areas that must be addressed in order to be compliant. 

The ISA/IEC 62443 series of standards, developed by the International Society of Automation 99 committee (ISA99) and adopted by the International Electrotechnical Commission (IEC), provides a framework to address and mitigate current and future security vulnerabilities in IACSs. The committee draws on the input and knowledge of security experts across the globe to develop consensus standards that are applicable to all industry sectors and critical infrastructure.

Nozomi Networks’ Content Packs are owned by Nozomi Networks’ user community and make it possible to export a combination of queries and reports into a single JSON file that can be shared in a completely separate environment. Content Packs do not contain any proprietary information and are safe to share. This allows Nozomi Networks and its customers to quickly share custom reports or queries internally or with the Nozomi Networks user community. The new ISA/IEC 62443 Content Pack covers parts 2-1 (security program best practices) and part 3-3 (definitions for system security requirements and security capabilities levels). 

Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks had this to say:

“Many MSPs work with customers to meet ICA/IEC 62443 practices during all phases of a project, from design, to operations, to cybersecurity monitoring.  This content pack instantly ‘turbo charges’ their ability to offer valuable insight into a customers alignment with 62443, on a continual and timely basis.”

The ISA/IEC 62443 Content Pack is available now. Contact Nozomi Networks Sales to learn more. 

For more information you can read this blog post.

Leave a comment »

Truth Social Continues To Flop As Two Key Execs Quit And Staff Are Downsized.

Posted in Commentary with tags on March 22, 2023 by itnerd

I haven’t written about Truth Social in a while, but I see that it continues to not be a success. I base that on the fact that Reuters is reporting about the departure of two key execs:

The two Southern tech entrepreneurs had the two qualities that Donald Trump’s Truth Social startup needed: tech-industry expertise and a politically conservative worldview aligned with the former president, a rare combination in the liberal-leaning industry centered in San Francisco.

Josh Adams and Billy Boozer – the company’s chiefs of technology and product development – joined the venture last year and quickly became central players in its bid to build a social-media empire, backed by Trump’s powerful brand, to counter what many conservatives deride as “cancel culture” censorship from the left.

Less than a year later, both have resigned their senior posts at a critical juncture for the company’s smartphone-app release plans, according to two sources familiar with the venture.

The departures followed the troubled launch of the company’s iPhone app on Feb. 20. Weeks later, many users remain on a waiting list, unable to access the platform. Trump Media & Technology Group (TMTG) Chief Executive Devin Nunes, a former Republican congressman, said publicly that the company aimed to make the app fully operational within the United States by the end of March.

That’s not all. It also seems that the parent company behind Truth Social is downsizing staff:

Trump Media & Technology Group, Truth Social’s parent company, laid off about half a dozen people, including senior members of its ranks, such as Chief Technology Officer William “BJ” Lawson, according to the people, who asked not to be identified because the information is private. Lawson was the third person to hold the role at the company. Some close to Trump Media estimate it can fund operations through September at present spending levels, according to the people. 

It also doesn’t help that the company is still trying to get their merger with Digital World Acquisition Corp. approved by regulators. At this point, you have to wonder how much longer Truth Social will be around. It honestly sounds like they’re on borrowed time. And you have to wonder if Trump’s legal issues will hasten its demise. Or perhaps give it a new life as that’s a safe space for those who believe in Trump.

Watch this space.

Leave a comment »

ServiceNow Launches Major Platform Expansion with the Utah Release

Posted in Commentary with tags on March 22, 2023 by itnerd

ServiceNow, the leading digital workflow company making the world work better for everyone, today announced a major platform expansion with the Now Platform Utah release. Utah is built to help organizations future‑proof their businesses and drive outcomes faster in the face of continued economic uncertainty. The latest version of the intelligent, end‑to‑end platform for digital transformation includes AI‑powered process mining with robotic process automation (RPA) capabilities, additional search enhancements, expanded Workforce Optimization, and Health and Safety Incident Management, all designed to help increase automation, simplify experiences, and offer greater organizational agility.

According to IDC, spending on digital technology will grow eight times faster than the economy in 2021, and by 2026, 40% of total revenue for G2000 organizations will be generated by digital products, services, and experiences. Even as technology budgets increase, leaders are going through a “great reprioritization” of tech investments based on the need for near‑term organizational impact and time to value.

Accelerating impact with purposeful automation

According to the 2023 Gartner CIO and Technology Executive Survey, 46% of the organizations polled expect to increase spend on application modernization, and 50% will increase their spend on cloud platforms. As organizations increasingly digitize, ServiceNow helps deliver more value by orchestrating work across silos to multiply productivity and accelerate automation, now with new AI‑powered features including:

  • AI Search, now built into ServiceNow’s Next Experience, uses AI and natural language processing to help service delivery workers find the information they need to do their jobs more effectively and resolve customer issues faster. AI Search also includes advanced features like auto‑complete suggestions, exact match, and typo handling – allowing users to go directly to a record, to more quickly identify relevant materials that can help them resolve an issue.
  • Process Optimization has been expanded to support workflows beyond IT Service Management (ITSM) to other workflows within the Now Platform, such as Field Service Management (FSM) and more. With improved, AI‑powered visibility into hidden inefficiencies, organizations can apply those recommendations with ServiceNow’s RPA solution to optimize process efficiencies and performance to help cut costs and improve customer satisfaction. 
  • Workforce Optimization capabilities have been enhanced and expanded to support workflows beyond ITSM and Customer Service Management, into areas like HR Service Delivery and more. For example, Workforce Optimization now also gives HR managers a central place to understand and optimize their employee bases (or teams). Leaders and managers can maximize the quality of work performed by employees, teams, and departments so businesses can perform at the highest level without significantly increasing costs.
  • Document Intelligence allows customers to accelerate and automate AI‑enabled text extraction from documents, saving time and eliminating human errors. The Utah release includes a more streamlined user experience so process owners can easily build, personalize, and monitor document processing. Document Intelligence also can automatically pull massive amounts of data from long tables in documents like invoices and purchase orders to expedite things like payroll, finance, and procurement processes.
  • ServiceNow Impact is the industry’s first solution designed to help customers accelerate the return on their digital transformation investments. Enhancements to performance tools, as well as new Impact accelerators, are available in the Utah release. These additions help platform owners better manage system health and reduce the time it takes to bring critical dashboards online, for better visibility into the status of digital transformation initiatives.

Minimizing operational and security risk with solutions to boost agility

“Globally, the constant barrage of risk events, incidents, and disruptions have become so frequent that the increased level of risk is the ’new normal,’” according to Forrester. To help organizations navigate an increasingly complex threat environment in the hybrid world of work, the Utah release empowers customers to innovate faster, operate with more agility, and manage increasing operational and cyber risk. New capabilities include:

  • Health and Safety Incident Management helps leaders foster a culture of wellness and productivity with tools that make it easier to report and resolve safety incidents and assign corrective and preventative actions for those incidents, while connecting siloes and reducing costs.
  • Security Incident Response Workspace, part of ServiceNow’s Next Experience, allows security analysts to examine incidents within a central workspace, so they can be more efficient in urgent moments and analyze the growing volume of data associated with security incidents. Customers can build assessments and analyze reports within one workspace, and leverage Process Automation Designer to manage multiple workflows with no‑code playbooks.
  • Operational Resilience Workspace, also part of ServiceNow’s Next Experience, provides an enterprise‑wide view of critical risk information, such as issues, vulnerabilities, outages, and failed controls, for greater visibility, fast decision‑making, and improved organizational performance. The new product experience increases productivity and simplifies navigation while a 360‑degree view of dependencies and resilience metrics provides contextual understanding of upstream and downstream impacts across the organization.
  • Log Export Service simplifies security and performance monitoring for Now Platform implementations. Building on ServiceNow Vault – which protects business‑critical applications – this solution seamlessly incorporates ServiceNow system and application logs into enterprise security analytics tools.

Simplifying experiences for smarter ways of working

To succeed in today’s highly competitive environment, organizations must find new ways to realize the full potential of their workforces and maximize engagement and productivity. The Now Platform Utah release introduces more simplified, unified admin and agent experiences across Next Experience, so employees work smarter and get more done, while delivering excellent experiences for customers. It also introduces a better way to create a connected workplace with insights to inform planning and make the most of office space. New capabilities include:

  • Theme Builder allows customers to easily create and manage branded themes via an intuitive interface that helps users create and preview a branded, personalized look and feel. These capabilities help organizations deliver consumer‑grade experiences that work for everyone.
  • Enterprise Architect Workspace allows users to gain control of app redundancy and limit unnecessary spending as organizations look to do more with less. This workspace provides a consolidated user experience for enterprise architects to make smarter decisions across their app portfolios while reducing risk and cost.
  • Workplace Lease Administration arms facility managers with powerful data and insights so they can more effectively track contracts and make informed decisions about office space while controlling costs. As the role of the physical office continues to evolve with the reality of hybrid work, additional enhancements to Workplace Space Management unlock insights for workplace leaders to re‑design workspaces that respond to employee needs.

Availability

The Now Platform Utah release is generally available today.

Additional information:

Leave a comment »

« Older Entries
Newer Entries »