Geotab Publishes Their Sustainability and Impact Report

Posted in Commentary with tags on March 30, 2023 by itnerd

Geotab Inc., a global leader in connected transportation solutions — today released its 2022 Sustainability and Impact Report, titled “Unlocking the power of data for a sustainable future,” which outlines the company’s environmental, social and ethical impact, and highlights how data intelligence is a key driver of success in the carbon reduction journey. The report also includes examples of how organizations in the transportation sector are starting and managing carbon reduction initiatives using data intelligence to inform their decision-making and transition.

Accelerating decarbonization in the transportation industry

With over 3.2 million connected vehicles around the world, Geotab is uniquely positioned to help accelerate decarbonization in the transportation sector by providing a full suite of data-driven tools and insights to support fleets on their sustainability journeys (including the EV Suitability Assessment (EVSA) and Green Fleet Dashboard), scaling electrification and technology innovation through education (such as the Geotab Fleet Electrification Knowledge Center), and collaborating on research projects.

Fleet sustainability is a win-win

For many fleets, sustainability is proving to have financial advantages. Electrification studies featured in the report show the potential to save millions of dollars through lower fuel and maintenance costs while reducing CO2 emissions. A recent Geotab survey of U.S. fleet professionals found that 63% of respondents confirmed that their fleet sustainability data helped their organization reduce operating costs in the past year. 

Driving forward on our own sustainability journey

With a target of net zero emissions by 2040, Geotab is on its own sustainability journey, minimizing the environmental footprint of its operations and supply chain across all three scopes and developing sustainability-focused products and solutions for fleets. Geotab is developing a supplier program to increase supply chain sustainability. At the end of 2022, 50% of Geotab’s top 10 suppliers (by spend) were reporting their environmental data to CDP. Geotab’s goal is to have 100% of its top 10 suppliers make a public commitment to reduce greenhouse gas (GHG) emissions by 2030.

2022 Report highlights: 

  • In September 2022, Geotab was the first dedicated telematics company to receive validation from the Science Based Targets Initiative (SBTi) for its emissions reduction targets.
  • Geotab was awarded a Bronze medal from EcoVadis, ranking in the top 50% of companies scored by EcoVadis according to their criteria.
  • Geotab joined the UN Global Compact, the world’s largest corporate sustainability initiative.
  • Scope 2 emissions were reduced by 34% compared to our 2019 baseline.
  • Updated Geotab GO Recycle Program providing take-back services for customers in North America and the EU. 
  • Research collaborations demonstrating the potential of electrification and accelerating EV adoption at scale, including the North American fleet electrification study and Profitable Sustainability: The Potential of European Fleet Electrification
  • Next-generation STEM program with over 200 participants in the company’s Internship and Co-op programs.

View the full report at: https://www.geotab.com/about/corporate-sustainability/

Leave a comment »

Wozniak, Musk & More Call For AI Development Pause

Posted in Commentary with tags on March 29, 2023 by itnerd

There’s an open letter signed by over 1200 people who are asking for an immediate six-month halt on AI technology more powerful than ChatGPT-4. The open letter was created by an organization called the Future of Life Institute. The aim of this organization is to “steer transformative technology towards benefitting life and away from extreme large-scale risks.” Among those who signed are Steve Wozniak who co-founded Apple, Elon Musk the clown prince of tech and the guy who runs Twitter, SpaceX, and Tesla among other companies. This does bring up all sorts of questions about AI and how it should be used.

I have a number of comments on AI in general and specifically this open letter. The first is from Baber Amin, COO, Veridium:

Thoughts on AI development and application:

“For great leaps in technology, we often need to establish safety measures and regulations – for example, when we split the atom to harness nuclear power. While nuclear energy has provided many advantages in fields like medicine and energy, it has also given rise to the terrible threat of nuclear weapons. However, the difficulty of accessing and managing nuclear materials has provided a natural form of protection.

“AI model development and training, on the other hand, lack these same natural barriers, making it easier to develop without appropriate safety measures in place. That’s why it’s important to take a step back and create responsible systems that are accurate, transparent, trustworthy, and potentially even capable of self-regulation.

Risks for companies using the OpenAI API.

      “As organizations turn to OpenAI’s API for their artificial intelligence needs, it’s important to keep in mind the following considerations:

  1. Data Privacy: OpenAI’s models are trained on large amounts of data, which until recently could have included sensitive information from organizations. Starting March 1, OpenAI will no longer use customer data submitted via API to train their models without explicit consent. However, the data will still be kept for 30 days for monitoring purposes.
  2. Bias: OpenAI’s training data comes from the real world, which means it may contain biases that are reflected in their models. Organizations using OpenAI should be aware of this possibility and take corrective measures.
  3. Misinformation and Fake Data: OpenAI’s generative models can create text that is indistinguishable from real data, which could be used to generate fake news or blog posts. Organizations need to be cautious of inadvertently spreading misinformation.
  4. Phishing Attacks: OpenAI’s generative models can also be used to create sophisticated phishing attacks or deepfakes, which could lead to propaganda and possible slander.
  5. Spam: Lastly, OpenAI’s generative AI can be used to generate spam, resulting in unsolicited emails or social media posts, causing reputational damage to an organization

     “By keeping these considerations in mind, organizations can use OpenAI’s API effectively and responsibly.

      “For security protections, looking at OpenAI, they do have the following security controls in place, which all seem very reasonable.  

  • Data encryption at rest and in transit.
  • Access control around data and models.
  • Monitoring for suspicious activity.
  • Patching for latest security patches.
  • Auditing of access to data and models.

Matt Mullins, Senior Security Researcher, Cybrary is next:

   “There are a number of benefits to AI and its applications that are being explored. While there are a great deal of efficiencies created there, other non-beneficial aspects arise. The disruption of a number of industries being the most profound, in ways that were not easily predictable. Things associated (typically) with “human-ness” are being found to be more vulnerable than other aspects.

   “For example… art, music, essays, and other things that were an established trope of human creativity as normality are significantly being destabilized as AIs are able to quickly ingest, seed, and innovate in ways that were not previously predicted.

   “Aside from these disruptions, the potential for attacks on baseline ‘truth’ have been established as well. Consider the modification of voice, visual imagery, and video which can all be done so effectively that a zoom call could potentially be spoofed. The ramifications of such realistic mimicry have direct threats to establishments of truth and sub sequentially democratic process itself.

Overall, AI is presenting a removal of entry level aspects to IT and security. Beyond this entry level the veil seems to be easy to pierce with a critical eye for understanding code. The bigger issues presented are the capabilities that AI presents to disrupt how we see the world.”

David Maynor, Senior Director of Threat Intelligence, Cybrary has this to add:

Addressing major tech calling for a 6 mo. AI moratorium:

   “It is funny that technologist that have been disruptive to industries and use mantras like “fail fast” are aligning against AI research. While conspiracy theories point to worrying about a Skynet like AI turning on humans I personally feel that AI availability will disrupt the disruptors and make their fiefdoms ripe for replacement.”

It will be interesting to see how this play out. I for one do not see the AI arms race as I call it stopping anytime soon unless governments get interested in terms of slowing down AI development.

UPDATE: Dr. Chenxi Wang (she/her), Founder and General Partner, Rain Capital added this comment:

A pause in the AI fever is needed, not just from the business standpoint, but also from the point of view of security and privacy. Until we understand how to assess data privacy, model integrity, and the impact of adversarial data, continued development of AI may lead to unintended social, technical, and cyber consequences. 

1 Comment »

Lumen Technologies Gets Pwned. Installs “Enhanced Security Software” And Discovers Another Attack

Posted in Commentary with tags on March 29, 2023 by itnerd

On Monday, Lumen Technologies filed two cybersecurity incidences with the SEC, both of which occurred within a week of each other. 

Last week Lumen discovered that a malicious actor had installed ransomware in on its servers, degrading the operations of a “handful of our enterprise customers.” Additionally, the company’s installation of “enhanced security software,” allowed them to discover that a separate intruder had accessed a number of their internal systems, conducted reconnaissance, installed malware and extracted data.

Based on the ongoing investigation, Lumen said it does not believe the incident will have a material impact on its financials, operations or ability to serve customers.

Dave Ratner, CEO, HYAS had this comment:

   “The unfortunate truth in today’s world is that everyone will be breached. It’s clear today, now more than ever, that visibility into any and all anomalous communication across both IT and OT environments needs to be a critical part of a modern security architecture. Since malware and other nefarious intrusions must communicate with their external adversary infrastructure, real-time visibility and early detection into any and all anomalous communication can be the difference between rapid containment and true business resiliency or data exfiltration and costly business impacts.”

I’d love to know what this “enhanced security software” was that Lumen installed as it allowed them to find another intruder in their internal systems. Whatever it is, maybe other companies should copy what Lumen has done to keep themselves safe and secure.

Leave a comment »

HP Unveils Bold New Offerings and Partner Program Updates at Amplify Partner Conference

Posted in Commentary with tags on March 29, 2023 by itnerd

HP has another announcement from its Amplify Partner Conference today. The theme of the carbon-neutral event – Future Ready, Together We Win – invites partners to join HP to take advantage of opportunities across high-growth segments including gaming, hybrid work, workforce services, security, and sustainability.

The key highlights are (with links to more detailed announcements):

  • Doubles Down on Partner Growth with Groundbreaking Program Enhancements: As of November 1, all HP products, solutions and distribution across its vast portfolio will be integrated into the HP Amplify Program, delivering one global platform as the foundation for partner engagement.
  • Debuts Advanced Sustainable Printing Solutions Designed for Growing Businesses: Launched the new HP Color LaserJet 4200/4300 and the HP Color LaserJet Enterprise 5000/6000 and X500/X600 printing solutions for businesses of all sizes. All new HP Color LaserJet series printers are powered by HP’s next generation sustainable toner, which delivers up to 27% reduced energy use and up to 78% less plastic in the packaging.
  • Leads in Hybrid Work with Future-Ready Portfolio: HP today announced new products and solutions to usher in the next era of hybrid work for everyone with the world’s most comprehensive set of computing solutions for hybrid flexibility.
  • Expands Boundaries for Remote PC Management through HP Wolf Connect: Wolf Connect, an IT management connectivity solution that provides a highly resilient and secure connection to remote PCs, enabling IT to manage devices even when powered down or offline. Using a cellular-based network, HP Wolf Connect’s robust connectivity helps ensure IT teams can readily manage a dispersed hybrid workforce.
  • Boosts Gaming Solutions for Awe-Inspiring Experiences: The new OMEN Transcend 16 Laptop, OMEN 16 Laptop, Victus 16 Laptop, and a vast range of stunning OMEN monitors offer casual, hobbyist, lifestyle, and hardcore gamers the power and flexibility to play and work hard. To bring everything together, new enhancements in OMEN Gaming Hub offer a variety of performance and personalization features.

Leave a comment »

Trend Micro Details How Cybercriminals Use LinkedIn to Victimize Users and Companies

Posted in Commentary with tags on March 29, 2023 by itnerd

Trend Micro has put out research on how LinkedIn has become a great target for cybercriminals.

LinkedIn is considered the largest platform catering to professionals and companies’ information with approximately 875 million users in over 200 countries.

As in other social networks, sharing data is the principal activity done on this platform, and this opens people to threats targeting all kinds of users – from a cybercriminal perspective, LinkedIn is an optimal platform to gather information on potential targets and for initial reconnaissance given its large user base and business orientation.

From utilizing AI-generated headshots to create real-looking profiles to using LinkedIn messaging to target marketing and HR professionals, threat actors have found new ways to exploit the platform’s information to build sophisticated attacks that could result in personal, professional, social, and organizational damage.

To learn more about how data is been stolen and used against users and organizations you can read the full report here: A Growing Goldmine: Your LinkedIn Data Abused For Cybercrime

Leave a comment »

HP Wolf Connect expands PC management to help close security gaps

Posted in Commentary with tags on March 29, 2023 by itnerd

Today at its Amplify™ Partner Conference, HP Inc announced HP Wolf Connect, an IT management connectivity solution that provides a highly resilient and secure connectionto remote PCs, enabling IT to manage devices even when powered down or offline. 

Using a cellular-based network, HP Wolf Connect’s robust connectivity helps ensure IT teams can readily manage a dispersed hybrid workforce. It can reduce the time and effort needed to resolve support tickets, secure data from loss or theft to mitigate a potential breach and optimize asset management.

HP Wolf Protect and Trace with Wolf Connect is the world’s first software service capable of locating, locking and erasing a PC remotely, even when it’s turned off or disconnected from the Internet. This capability protects sensitive data on the move and helps lower IT costs by reducing the need for PC remediation or replacement.

Securing and managing the hybrid workforce is a top priority for organizations. New global research from HP Wolf Security found 82% of security leaders operating a hybrid work model have gaps in their organization’s security posture. The global study of 1,492 security leaders found:

  • 61% say protecting their hybrid workers will get harder in the year ahead.
  • 70% say that hybrid work increases the risk of lost or stolen devices.

Securing the endpoint is ground zero for attacks on hybrid workers

Beyond PC loss and theft, the endpoint i.e., laptops, PCs or printers – continue to face serious threat from ransomware and is ground zero for attacks on hybrid workers. This requires the creation of new cybersecurity strategies and innovative security tools in response to changing employee behaviors.

  • 84% of security leaders say the endpoint is the source of most security threats and where the most business-damaging security threats happen.
  • 66% say the greatest cybersecurity weakness is the potential for hybrid employees to be compromised; with phishing, ransomware, and attacks via unsecured home networks cited as the top risks.
  • 65% say it is challenging to update their threat detection measures (e.g., Endpoint Detection & Response and Security Information and Event Management tools) to reflect the behavior of hybrid employees, making it harder to spot attacks.
  • Three-quarters (76%) of security leaders agree application isolation is key to protect hybrid worker devices, but only 23% are benefiting from using it at present; with 32% planning to deploy in the next 12 months.

Hybrid work security is a key focus for 2023

HP’s new hybrid security research details how security teams are prioritizing securing the hybrid workplace:

  • Four-in-five (82%) security leaders have increased their cybersecurity budget specifically for hybrid workers. 71% expect this hybrid investment focus to increase further in 2023.
  • 80% have deployed a different set of tools and policies to protect hybrid employees.
  • 70% are limiting network access of people working remotely to minimize the risk of a breach.

To learn more, download HP Wolf Security’s latest report for IT decision makers and for Security Leaders.

Methodology

HP surveyed more than 1,492 IT and security leaders in hybrid organizations globally across 5 markets (US, UK, France, Germany, and Japan) in July-August 2022. All are decision makers for endpoints, network, cloud, or privacy management, and oversee or manage a cybersecurity operations team and/or IT hardware and software within their organization.  Hybrid organizations are defined as having a range of employees who either work in the office, work remot

Leave a comment »

StrikeReady Wins AI Excellence Award For Natural Language Processing For The Second Consecutive Year

Posted in Commentary with tags on March 29, 2023 by itnerd

StrikeReady, an AI-driven security company, has won the Business Intelligence Group’s Artificial Intelligence Excellence Award in the Natural Language Processing category for the second consecutive year. Out of 52 product winners, StrikeReady was the only company in the cybersecurity industry to be recognized for demonstrating excellence and innovation in using AI. 

The most recognized security product and service industry-wide with over 60 awards and honors, StrikeReady CARA stood out with its innovative AI-based Virtual Security Assistant, which provides context-based responses and actions by leveraging underlying embedded technologies, such as threat intelligence platform (TIP), breach and attack simulation (BAS), SOAR, and more. StrikeReady has always envisioned that conversational AI is the foundation for empowering cybersecurity analysts. With ChatGPT coming into the limelight, it has reinforced their belief that AI-based assistance will be the biggest disruption in cybersecurity. They are the only company offering this solution.

The Artificial Intelligence Excellence Awards honor companies that have demonstrated excellence, innovation, and leadership in using AI to improve their products and services. Winners are selected by an independent panel of judges who evaluate the nominees based on their AI technologies and their contributions to the AI industry.

Leave a comment »

Rapid7 Says That An IBM Aspera Vulnerability Has Been Used To Install Ransomware

Posted in Commentary with tags on March 29, 2023 by itnerd

Security researchers with Rapid7 have disclosed threat actors are exploiting a critical vulnerability in an IBM file-exchange application to install ransomware on servers. The IBM Aspera Faspex critical vulnerability, tracked at CVE-2022-47986, was patched by IBM in January.

Sylvain Cortes, VP of Strategy at Hackuity had this comment:

     “It is unsettling to note that for the same vulnerability (CVE-2022-47986) many cyber security companies have their own information that remains fragmented. It is important to be able to unify this information from several vendors in order to maximize its defense operations and trigger the right response. Solutions that aggregate vulnerability-related data from vulnerability scanners, EDRs or even service practices provide organizations with the critical visibility they depend on.”

This reminds me of the  GoAnywhere file transfer solution vulnerability that has led to multiple organizations being pwned by the Cl0p ransomware group. Except that we haven’t seen threat exploit this to the same degree that Cl0p has. If you use IBM Aspera, you should be applying these patches ASAP, assuming you haven’t already so this doesn’t turn into another GoAnywhere situation.

Leave a comment »

Guest Post: Apple overtook Samsung with the most smartphone users

Posted in Commentary with tags on March 29, 2023 by itnerd

In today’s world, smartphones have become essential to our daily lives. From checking emails to browsing social media, we rely on these devices for communication, entertainment, and information.

According to the data analyzed by the Atlas VPN team, Apple overtook Samsung as the most popular smartphone in the first months of 2023. It is a significant shift in the global smartphone market, as Samsung has been the dominant player for several years. However, is this change part of a bigger tendency or only a short-term trend?

Nearly through all of 2022, Samsung had the highest market share of all smartphones.

In October, Apple surpassed Samsung’s market share by 0.2%. Despite that, Samsung regained its position at the top the next month, claiming 28.33% of the market share. Apple’s market share in November and December stayed just slightly behind, with 27.48% and 26.98%, respectively.

At the start of 2023, two months in a row, iPhones are now the leading smartphone. In January, Apple made up 27.6%, while Samsung had 27.09% of the market share. Next month, Apple’s share dropped slightly to 27.1%, and so did Samsung’s to 26.75%.

Currently, the world has about 6.84 billion smartphone users, of which 1.85 billion are using iPhones and 1.82 billion have chosen a Samsung. However, it is essential to note that these numbers are just estimates, as some people might have multiple phones and use both Apple and Samsung devices.

Xiaomi phones comprised 12.29% of the market in February, while Oppo had a 6.86% share. Huawei’s smartphones have declined for the past 6 months and reached a market share of 4.84% last month.

​​Cybersecurity writer at Atlas VPN, Vilius Kardelis, shares his thoughts on Apple overtaking Samsung as the most popular smartphone:

“While it is impossible to predict the future with certainty, Apple’s success will likely continue due to its strong brand image, customer loyalty, and effective marketing. While Samsung is undoubtedly a formidable rival, it will need to innovate and differentiate itself to catch up to Apple.”

To read the second part and the full article, head over to: https://atlasvpn.com/blog/apple-overtook-samsung-with-the-most-smartphone-users

apple-overtook-samsung-with-the-most-smartphone-users

Leave a comment »

Homey Bridge Smart Home Hub Now Shipping in US, UK and Canada

Posted in Commentary with tags on March 29, 2023 by itnerd

Athom, makers of privacy-first smart home solutions, today announced the public launch and began shipping Homey Bridge, an easy-to-use, affordable smart home hub to the U.S., U.K., Canada, and other countries. Previously available only in beta and Europe, Homey Bridge supports more than 50K smart home devices from more than 1,000 different brands, and works in tandem with the Homey App (iOS, Android and web browser), enabling users to customize and automate their smart home based on their unique habits and preferences. Homey Bridge retails for $69 USD, £69 GBP or $99 CAD,  and can be purchased on the Homey website, or at Amazon.com and Amazon.co.uk. View a short video about Homey Bridge here.

The elegant and functional design of Homey Bridge forms a perfect centerpiece of a user’s smart home and makes it easy for users to connect all of their smart home devices due to its compatibility with six wireless technologies — Zigbee, Z-Wave Plus, Wi-Fi, Bluetooth, Infrared and 433MHz (UK only). Homey Bridge pairs with the Homey App and enables users to easily connect up to five smart home devices. Upgrading to Homey Premium ($2.99 USD,  £2.99 GBP or $3.99 CAD per month) allows users to connect an unlimited amount of smart home devices, and also provides access to additional advanced automation features and Homey Insights. Additionally, the Homey app can be used to control smart home devices as an app-only solution without the need of Homey hardware, with the same subscription pricing structure.

American, British and Canadian households continue to connect a wide array of smart home devices — from TVs, speakers, electrical plugs, lights, thermostats, sensors, home appliances, EV chargers, and more. The volume of connections and devices presents a challenge, however: up to a quarter of respondents in a 2022 Deloitte survey said they “feel overwhelmed by devices and more than half are worried about the security and privacy of their smartphones and devices in their home.” Built privacy-first, Homey Bridge is unique in that it doesn’t listen in or sell any customer data, or use any of its customers’ personal information to create user profiles or targeted advertisements. The result is a streamlined and safeguarded smart home where people can take advantage of technology instead of worrying about who has their personal information or being bombarded with ads.

Homey Bridge is packed with features — including Homey Flow, Insights and Energy — developed over the past eight years for the Homey Pro smart home hub in the European market. Features include: 

  • Homey Flow enables users to create a series of automated rules that tie their devices together,  independent of brand and technology — and help to run their smart homes most efficiently and conveniently, e.g. “Always dim lights in the bedroom when the drapes close” or “Automatically lower the thermostat, turn off the lights and enable the alarm when I lock the front door”. Flows can also be started using voice assistants, such as Google, Alexa and Siri Shortcuts, and via widgets for mobile and Apple Watch.
  • Homey Insights allows users to analyze their smart home usage via visual, easy-to-read graphs and charts. For example, users can track trends such as the temperature levels of their homes and thermostat over time, or how much energy their refrigerator uses in summer compared to winter. Homey Insights requires an active Homey Premium subscription —  $2.99 USD,  £2.99 GBP or $3.99 CAD per month.
  • Homey Energy allows users to see their home’s energy usage in real-time, so they can make changes to increase their home’s sustainability. For example, users can see how much energy their washing machine uses on ‘hot’ versus ‘warm’ wash cycles, how much energy their solar panels generate right now, and which rooms and devices use the most electricity.

HOMEY BRIDGE SPECIFICATIONS:

  • Wireless Communication Technology Compatibility: Homey Bridge contains six wireless technologies: Wi-Fi, Bluetooth Low Energy 4.0 (BLE), Zigbee, Z-Wave (Plus, S2), Infrared and 433MHz RF (UK only), to connect local devices to the Homey app. Homey Bridge automatically switches its Z-Wave frequency with a unique multi-antenna design, based on Homey Bridge’s geographical or country location. Additionally, transmitting 433 MHz is automatically enabled in eligible regions, such as Europe and Asia.
  • What’s in the Box: Homey Bridge, USB power adapter, USB power cable and a Quick Start Guide
  • Device Dimensions: 5.04” inches in diameter x 1.4” inches in height
  • Weight: 1.2 lbs (including packaging)
  • Supported Devices: 50,000+ smart devices from more than 1,000 brands
  • Control Options: controlled via the Homey App: iOS (v11 or higher), Android 5.0 or higher or a web-based browser
  • Price: $69 USD, £69 GBP or $99 CAD
  • Where to Buy: Online at Amazon.com, Amazon.uk, Amazon.ca,, Best Buy and the Homey website
  • Manufacturer Warranty: Two years
  • Certifications: FCC and CE

HOMEY APP SPECIFICATIONS:

  • Homey App Availability: iOS (v11 or higher), Android (5.0 or higher) or a web-based browser
  • Device Agnostic: Homey App connects devices across a wide range of brands and technologies. The app is available in two versions:
    • Free: Users can connect, control and automate up to five smart devices. Devices can be either cloud-connected or be connected via Homey Bridge.
    • Premium: A $2.99 monthly subscription per household includes an unlimited number of devices, and also provides access to Homey Insights and more advanced automation features like Homey Logic. Devices can be connected via Homey Bridge or the cloud.
  • Voice Assistant Compatibility: Google Assistant, Amazon Alexa and Siri Shortcuts
  • Control Options:
    • Smartphone or Tablet: iOS and Android
    • PC, Mac, Linux: Universal web app
    • Other: Apple Watch, iOS and Android widgets, voice assistants (Google Assistant, Amazon Alexa and Siri Shortcuts)

Leave a comment »

« Older Entries
Newer Entries »