Nozomi Networks Releases New Content Pack for ISA/IEC 62443 Compliance Reporting and Security Checks

Posted in Commentary with tags on March 23, 2023 by itnerd

Nozomi Networks, the leader in OT and IoT security, today announced a new content pack for organizations working toward ISA/IEC 62443 compliance and certification. The ISA/IEC 62443 Content Pack [JB1] makes it possible for Nozomi Networks platform users to quickly create custom queries and reports that help confirm their industrial automation and control systems (IACS) meet ISA/IEC 62443 standards. The Content Pack can also be used to assess an IACS’ security posture against ISA/IEC 62443 standards, identifying areas that align with the standards and areas that must be addressed in order to be compliant. 

The ISA/IEC 62443 series of standards, developed by the International Society of Automation 99 committee (ISA99) and adopted by the International Electrotechnical Commission (IEC), provides a framework to address and mitigate current and future security vulnerabilities in IACSs. The committee draws on the input and knowledge of security experts across the globe to develop consensus standards that are applicable to all industry sectors and critical infrastructure.

Nozomi Networks’ Content Packs are owned by Nozomi Networks’ user community and make it possible to export a combination of queries and reports into a single JSON file that can be shared in a completely separate environment. Content Packs do not contain any proprietary information and are safe to share. This allows Nozomi Networks and its customers to quickly share custom reports or queries internally or with the Nozomi Networks user community. The new ISA/IEC 62443 Content Pack covers parts 2-1 (security program best practices) and part 3-3 (definitions for system security requirements and security capabilities levels). 

Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks had this to say:

“Many MSPs work with customers to meet ICA/IEC 62443 practices during all phases of a project, from design, to operations, to cybersecurity monitoring.  This content pack instantly ‘turbo charges’ their ability to offer valuable insight into a customers alignment with 62443, on a continual and timely basis.”

The ISA/IEC 62443 Content Pack is available now. Contact Nozomi Networks Sales to learn more. 

For more information you can read this blog post.

Leave a comment »

Truth Social Continues To Flop As Two Key Execs Quit And Staff Are Downsized.

Posted in Commentary with tags on March 22, 2023 by itnerd

I haven’t written about Truth Social in a while, but I see that it continues to not be a success. I base that on the fact that Reuters is reporting about the departure of two key execs:

The two Southern tech entrepreneurs had the two qualities that Donald Trump’s Truth Social startup needed: tech-industry expertise and a politically conservative worldview aligned with the former president, a rare combination in the liberal-leaning industry centered in San Francisco.

Josh Adams and Billy Boozer – the company’s chiefs of technology and product development – joined the venture last year and quickly became central players in its bid to build a social-media empire, backed by Trump’s powerful brand, to counter what many conservatives deride as “cancel culture” censorship from the left.

Less than a year later, both have resigned their senior posts at a critical juncture for the company’s smartphone-app release plans, according to two sources familiar with the venture.

The departures followed the troubled launch of the company’s iPhone app on Feb. 20. Weeks later, many users remain on a waiting list, unable to access the platform. Trump Media & Technology Group (TMTG) Chief Executive Devin Nunes, a former Republican congressman, said publicly that the company aimed to make the app fully operational within the United States by the end of March.

That’s not all. It also seems that the parent company behind Truth Social is downsizing staff:

Trump Media & Technology Group, Truth Social’s parent company, laid off about half a dozen people, including senior members of its ranks, such as Chief Technology Officer William “BJ” Lawson, according to the people, who asked not to be identified because the information is private. Lawson was the third person to hold the role at the company. Some close to Trump Media estimate it can fund operations through September at present spending levels, according to the people. 

It also doesn’t help that the company is still trying to get their merger with Digital World Acquisition Corp. approved by regulators. At this point, you have to wonder how much longer Truth Social will be around. It honestly sounds like they’re on borrowed time. And you have to wonder if Trump’s legal issues will hasten its demise. Or perhaps give it a new life as that’s a safe space for those who believe in Trump.

Watch this space.

Leave a comment »

ServiceNow Launches Major Platform Expansion with the Utah Release

Posted in Commentary with tags on March 22, 2023 by itnerd

ServiceNow, the leading digital workflow company making the world work better for everyone, today announced a major platform expansion with the Now Platform Utah release. Utah is built to help organizations future‑proof their businesses and drive outcomes faster in the face of continued economic uncertainty. The latest version of the intelligent, end‑to‑end platform for digital transformation includes AI‑powered process mining with robotic process automation (RPA) capabilities, additional search enhancements, expanded Workforce Optimization, and Health and Safety Incident Management, all designed to help increase automation, simplify experiences, and offer greater organizational agility.

According to IDC, spending on digital technology will grow eight times faster than the economy in 2021, and by 2026, 40% of total revenue for G2000 organizations will be generated by digital products, services, and experiences. Even as technology budgets increase, leaders are going through a “great reprioritization” of tech investments based on the need for near‑term organizational impact and time to value.

Accelerating impact with purposeful automation

According to the 2023 Gartner CIO and Technology Executive Survey, 46% of the organizations polled expect to increase spend on application modernization, and 50% will increase their spend on cloud platforms. As organizations increasingly digitize, ServiceNow helps deliver more value by orchestrating work across silos to multiply productivity and accelerate automation, now with new AI‑powered features including:

  • AI Search, now built into ServiceNow’s Next Experience, uses AI and natural language processing to help service delivery workers find the information they need to do their jobs more effectively and resolve customer issues faster. AI Search also includes advanced features like auto‑complete suggestions, exact match, and typo handling – allowing users to go directly to a record, to more quickly identify relevant materials that can help them resolve an issue.
  • Process Optimization has been expanded to support workflows beyond IT Service Management (ITSM) to other workflows within the Now Platform, such as Field Service Management (FSM) and more. With improved, AI‑powered visibility into hidden inefficiencies, organizations can apply those recommendations with ServiceNow’s RPA solution to optimize process efficiencies and performance to help cut costs and improve customer satisfaction. 
  • Workforce Optimization capabilities have been enhanced and expanded to support workflows beyond ITSM and Customer Service Management, into areas like HR Service Delivery and more. For example, Workforce Optimization now also gives HR managers a central place to understand and optimize their employee bases (or teams). Leaders and managers can maximize the quality of work performed by employees, teams, and departments so businesses can perform at the highest level without significantly increasing costs.
  • Document Intelligence allows customers to accelerate and automate AI‑enabled text extraction from documents, saving time and eliminating human errors. The Utah release includes a more streamlined user experience so process owners can easily build, personalize, and monitor document processing. Document Intelligence also can automatically pull massive amounts of data from long tables in documents like invoices and purchase orders to expedite things like payroll, finance, and procurement processes.
  • ServiceNow Impact is the industry’s first solution designed to help customers accelerate the return on their digital transformation investments. Enhancements to performance tools, as well as new Impact accelerators, are available in the Utah release. These additions help platform owners better manage system health and reduce the time it takes to bring critical dashboards online, for better visibility into the status of digital transformation initiatives.

Minimizing operational and security risk with solutions to boost agility

“Globally, the constant barrage of risk events, incidents, and disruptions have become so frequent that the increased level of risk is the ’new normal,’” according to Forrester. To help organizations navigate an increasingly complex threat environment in the hybrid world of work, the Utah release empowers customers to innovate faster, operate with more agility, and manage increasing operational and cyber risk. New capabilities include:

  • Health and Safety Incident Management helps leaders foster a culture of wellness and productivity with tools that make it easier to report and resolve safety incidents and assign corrective and preventative actions for those incidents, while connecting siloes and reducing costs.
  • Security Incident Response Workspace, part of ServiceNow’s Next Experience, allows security analysts to examine incidents within a central workspace, so they can be more efficient in urgent moments and analyze the growing volume of data associated with security incidents. Customers can build assessments and analyze reports within one workspace, and leverage Process Automation Designer to manage multiple workflows with no‑code playbooks.
  • Operational Resilience Workspace, also part of ServiceNow’s Next Experience, provides an enterprise‑wide view of critical risk information, such as issues, vulnerabilities, outages, and failed controls, for greater visibility, fast decision‑making, and improved organizational performance. The new product experience increases productivity and simplifies navigation while a 360‑degree view of dependencies and resilience metrics provides contextual understanding of upstream and downstream impacts across the organization.
  • Log Export Service simplifies security and performance monitoring for Now Platform implementations. Building on ServiceNow Vault – which protects business‑critical applications – this solution seamlessly incorporates ServiceNow system and application logs into enterprise security analytics tools.

Simplifying experiences for smarter ways of working

To succeed in today’s highly competitive environment, organizations must find new ways to realize the full potential of their workforces and maximize engagement and productivity. The Now Platform Utah release introduces more simplified, unified admin and agent experiences across Next Experience, so employees work smarter and get more done, while delivering excellent experiences for customers. It also introduces a better way to create a connected workplace with insights to inform planning and make the most of office space. New capabilities include:

  • Theme Builder allows customers to easily create and manage branded themes via an intuitive interface that helps users create and preview a branded, personalized look and feel. These capabilities help organizations deliver consumer‑grade experiences that work for everyone.
  • Enterprise Architect Workspace allows users to gain control of app redundancy and limit unnecessary spending as organizations look to do more with less. This workspace provides a consolidated user experience for enterprise architects to make smarter decisions across their app portfolios while reducing risk and cost.
  • Workplace Lease Administration arms facility managers with powerful data and insights so they can more effectively track contracts and make informed decisions about office space while controlling costs. As the role of the physical office continues to evolve with the reality of hybrid work, additional enhancements to Workplace Space Management unlock insights for workplace leaders to re‑design workspaces that respond to employee needs.

Availability

The Now Platform Utah release is generally available today.

Additional information:

Leave a comment »

Guest Post: Over 40% of people believe AI will replace their job

Posted in Commentary with tags on March 22, 2023 by itnerd

The rise of artificial intelligence (AI) has sparked both excitement and fear in the workforce.

According to the data presented by the Atlas VPN team, 42% of people believe that AI will replace jobs in their area of work. Despite that, many people have favorable emotions when thinking about AI, while some also express negative feelings towards AI technology.

About 2 out of 5 people (42%) perceive that AI will either replace jobs or perform key aspects of their work. AI tools already help automate tasks, collect and analyze data, create graphic designs, or handle basic customer queries.

However, a similar percentage (39%) of people disagree that AI will overtake their work. Some jobs still require a physical intervention of a person and, at the moment, can not be replaced by AI.

Nearly a fifth (19%) of the respondents felt neutral about AI replacing them in their work. Some people may not be fully aware of the extent to which AI could automate their tasks.

​​Cybersecurity writer at Atlas VPN, Vilius Kardelis, shares his thoughts on AI replacing people’s jobs:

“As AI progresses, there is no denying that it will significantly impact the workforce. As we move forward, it will be crucial to strike a balance between innovation and ethical considerations to ensure that AI is used for the betterment of society.”

More optimism than fear

While some individuals may feel optimistic about the benefits of AI, others may feel anxious.

About two-thirds (67%) of people feel optimistic about the benefits AI can bring to society. In addition, 60% of respondents express excitement about AI technology.

Almost three out of five (57%) people feel relaxed about the future of AI. At the same time, 48% and 47% of respondents express worry or even fear regarding AI’s impact on humanity. Moreover, a quarter (24%) of people are outraged by AI applications.

To read the full article, head over to: https://atlasvpn.com/blog/over-40-of-people-believe-ai-will-replace-their-job

over-40-of-people-believe-ai-will-replace-their-job

Leave a comment »

Nuspire CEO, Lewie Dunsworth, Named to CDO Magazine’s Leading MSSP List for 2023

Posted in Commentary with tags on March 22, 2023 by itnerd

Nuspire, a leading managed security services provider (MSSP), today announced that its CEO, Lewie Dunsworth, has been named to the Leading Managed Security Service Providers in the U.S. List 2023The list is a comprehensive compilation of the top managed security service providers (MSSPs) operating in the United States compiled by Chief Data Officer (CDO) Magazine

The list features leading security service providers with a proven track record of providing innovative security solutions. These organizations manage, monitor and protect networks, devices and data from cyber threats. Each MSSP has been evaluated based on technical capabilities, customer service and industry recognition. 

With the increasing threat of cyberattacks, this list is a must-have resource for businesses, government agencies and other organizations seeking help in keeping their data and systems secure.

CDO Magazine grew out of MIT’s annual CDO and Information Quality Symposium (MIT CDOIQ), led since 2007 by the MIT Sloan School of Management, in partnership with the International Society of Chief Data Officers (isCDO) and ComSpark.

Leave a comment »

Saks 5th Avenue Pwned By Cl0p Ransomware Group

Posted in Commentary with tags on March 22, 2023 by itnerd

The Cl0p ransomware gang claimed responsibility an attack on Saks 5th Avenue by posting stolen Saks data on its Dark Web site. Threat Analyst Brett Calllow posted the ClOp announcement on Twitter on Monday. 

Saks claims it’s all mock customer data used for training purposes but has not detailed whether it includes corporate information or employee PII.

In response to questions about the breach from Bleeping Computer, the company confirmed that the incident was linked to Fortra (formerly HelpSystems), a Saks vendor: 

“Fortra, a vendor to Saks and many other companies, recently experienced a data security incident that led to mock customer data being taken from a storage location used by Saks.”

This attack continues Cl0p’s use of the GoAnywhere MFT server vulnerability, CVE-2023-0669, which allows attackers remote code execution on unpatched system if the admin console is exposed to Internet access. Clop told Bleeping Computer just last month that it had breached 130+ organizations in just 10 days using this same vulnerability.

So far no one has confirmed what data was taken or details of any ongoing ransom discussions.

Al Martinek, Customer Threat Analyst at Horizon3ai had these questions regarding this incident:

What?

“Since the start of the Russo-Ukrainian war, we have seen a sharp increase in Russian cyber activity, especially targeting NATO, US allies, and US critical infrastructure globally. Russian state-sponsored and backed cyber threat actors have used the Ukrainian cyber landscape to hone their skills, as well as their tactics, techniques, and procedures (TTPs). 

“The recent attack on the US-based Community Health Systems (CHS) and large US-based Retailer shows that the Russian-linked ransomware group Cl0p exploited the GoAnywhere MFT zero-day vulnerability (CVE-2023-0669) to gain access and steal data; and has reportedly targeted over 130 organizations worldwide. Although not confirmed, Clop has conducted such attacks in the past with the goal of disrupting daily organizational cyber activity, stealing sensitive data, and finding other opportunistic ways to disrupt or deploy further attacks.

So what?

“Zero-day vulnerabilities will continue to plague organizations and could have severe consequences. Although cyber threat actors generally attack larger organizations, every business regardless of size can be a target for zero-day vulnerabilities. With the continued presence of Russia in Ukraine, we will continue to see Russian state-sponsored and backed groups take responsibility for zero-day attacks, bolstering their credibility while targeting US interests worldwide to gain support. Zero-day threat actors do not fit into a one size fits all category, and attack vectors change from group to group with differing TTPs.

Now what?

“These types of vulnerabilities occur with little to no warning, making them a major cybersecurity threat as they are difficult to predict or protect against. Currently, 3% of Horizon3.ai customers from across different industries and sectors to include energy, retail, medical, and financial use GoAnywhere MFT in their environments. 

“The best way to proactively protect against zero-day vulnerabilities it to ensure all systems and networks devices are updated to the most current software, and by using autonomous penetration testing software, such as NodeZero, to help companies stay ahead of possible vulnerabilities in their cyber environment. Additionally, implementing a regular cadence of pentesting within an environment with NodeZero helps find vulnerabilities and issues quickly, suggests mitigations and fix actions, and allows for instant verification of said fix actions.”

I fully expect more details to come out as Saks needs to explain more than it has to date as simply saying that this was “mock data” really doesn’t quite meet the standard of disclosing the details of this incident. The fact is that there needs to be a very detailed accounting of what was actually taken by the threat actors, and what they will do to make sure that it doesn’t happen again.

Leave a comment »

$36M Supply Chain Attack Detected And Stopped By Abnormal Security

Posted in Commentary with tags on March 22, 2023 by itnerd

Abnormal Security has revealed it recently detected and stopped an attempted VEC attack that targeted an enterprise company in the commercial real estate industry that was cc’d on an email containing an invoice for $36 million

This report details the following:

  • How threat actors manipulated the target using a VIP from a trusted partner company?
  • What was a red flag in this email that differed from what’s typically expected in an invoice?
  • Why was there little reason for immediate concern about the validity of the wire transfer request?

You can read the report here.

Leave a comment »

Guest Post: ESET Research discovers trojanized WhatsApp and Telegram applications stealing crypto funds and with new functionalities

Posted in Commentary with tags on March 21, 2023 by itnerd

ESET researchers have discovered dozens of copycat Telegram and WhatsApp websites targeting mainly Android and Windows users with trojanized versions of these instant messaging apps. Most of the malicious apps we identified are clippers — a type of malware that steals or modifies the contents of the clipboard. All of them are after victims’ cryptocurrency funds, with several targeting cryptocurrency wallets. This was the first time ESET Research had seen Android clippers focusing specifically on instant messaging. Moreover, some of these apps use optical character recognition (OCR) to recognize text from screenshots stored on the compromised devices, which is another first for Android malware.

Based on the language used in the copycat applications, it seems that the operators behind them mainly target Chinese-speaking users. Because both Telegram and WhatsApp have been blocked in China for several years now, with Telegram being blocked since 2015 and WhatsApp since 2017, people who wish to use these services have to resort to indirect means of obtaining them.

The threat actors first set up Google Ads leading to fraudulent YouTube channels, which then redirected the viewers to copycat Telegram and WhatsApp websites. ESET Research immediately reported the fraudulent ads and related YouTube channels to Google, which promptly shuttered them all.

“The main purpose of the clippers we discovered is to intercept the victim’s messaging communications and replace any sent and received cryptocurrency wallet addresses with addresses belonging to the attackers. In addition to the trojanized WhatsApp and Telegram Android apps, we also found trojanized Windows versions of the same apps,” says ESET researcher Lukáš Štefanko, who discovered the trojanized apps.

Despite serving the same general purpose, the trojanized versions of these apps contain various additional functionalities. The analyzed Android clippers constitute the first instance of Android malware using OCR to read text from screenshots and photos stored on the victim’s device. OCR is deployed in order to find and steal a seed phrase, which is a mnemonic code composed of a series of words used for recovering cryptocurrency wallets. Once the malicious actors get hold of a seed phrase, they are free to steal all the cryptocurrency directly from the associated wallet.

In another instance, the malware simply switches the victim’s cryptocurrency wallet address for the attacker’s address in chat communication, with the addresses being either hardcoded or dynamically retrieved from the attacker’s server. In yet another instance, the malware monitors Telegram communication for certain keywords related to cryptocurrencies. Once such a keyword is recognized, the malware sends the full message to the attacker’s server.

ESET Research also found Windows versions of the wallet-switching clippers, as well as Telegram and WhatsApp installers for Windows bundled with remote access trojans (RATs). In a departure from the established pattern, one of the Windows-related malware bundles is not composed of clippers, but of RATs that enable full control of the victim’s system. This way, the RATs are able to steal cryptocurrency wallets without intercepting the application flow.

“Install apps only from trustworthy and reliable sources, such as the Google Play store, and do not store unencrypted pictures or screenshots containing sensitive information on your device. If you believe you have a trojanized version of Telegram or WhatsApp, manually remove it from your device and download the app either from Google Play or directly from the legitimate website,” advises Štefanko. “For Windows, if you suspect that your Telegram app is malicious, use a security solution to detect the threat and remove it for you. The only official version of WhatsApp for Windows is currently available in the Microsoft store.”

For more technical information about the clippers built into instant messaging apps, check out the blog post “Not-so-private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets” on WeLiveSecurity.

Leave a comment »

Approov Names Pearce Erensel Vice President of Sales

Posted in Commentary with tags on March 21, 2023 by itnerd

Approov, the end-to-end mobile app security provider, today named Pearce Erensel vice president of sales, reporting to Approov’s CEO Ted Miracco.

Erensel will have responsibility for Approov’s global sales and support. His focus will be on increasing Approov’s footprint in the mobile app security market by leading a professional sales and business development organization and driving customer-facing processes.

Pearce Erensel is an experienced sales and business development executive noted for meeting or exceeding revenue targets. Most recently, he was employed by Zimperium in its London office after serving as an account executive for whiteCryption, a company acquired by Zimperium. At Zimperium, he was a product expert for its mobile app protection suite working alongside EMEA account executives and training application engineers. At Intertrust Technologies Corporation, a software technology company specializing in trusted distributed computing, Erensel worked as a business development manager and account executive. He began his career in New York City working as a corporate sales trainer for advertising services firm First Reaction Inc.

Erensel is a graduate of Dickinson College in Pennsylvania with a Bachelor of Arts degree in Environmental Studies. He holds a Master of Arts degree in Global Policy from the University of Maine School of Policy and International Affairs (SPIA) in Orono, Maine.

Leave a comment »

New LinkedIn Data Details Why Recruiters Have The Power To Enable Change At Their Organizations

Posted in Commentary with tags on March 21, 2023 by itnerd

With the world of work being reshaped, employers are now rethinking everything including what they look for in candidates, where they find them, and how they attract and retain them. Now more than ever companies need more guidance. 

LinkedIn recently released a data report sharing 17 predictions for the future of recruiting, based on dozens of interviews with global talent leaders, surveys of thousands of recruiting pros, and analysis of billions of data points generated on LinkedIn.  

The data and insights center around five key themes ranging from internal mobility to skills-first hiring to employers remaining committed to DEI despite the current economic uncertainty. 

Key Global Findings Include: 

  • Three-out-of-four of recruiter respondents are saying that DEI hiring is being prioritized. 
  • Recruiters are 25% more likely to search for candidates based on skills than they were just three years ago. And more than 50% of recruiters are more likely to search for skills than by years of experience. 
  • Employees who work at companies with a high internal mobility tend to stay 60% longer than those at companies with a lower internal mobility. 

The full report can be viewed here.

Leave a comment »

« Older Entries
Newer Entries »