Time To Deploy Ransomware Down… Successful Ransomware Prevention Up: IBM

Posted in Commentary with tags on February 22, 2023 by itnerd

According to IBM, ransomware prevention saw massive improvements in 2022, while ransomware time to deploy (TTD) dopped by 94%, just two findings derived from billions of datapoints collected in 2022 from network and endpoint devices by IBM and reported on in their “X-Force Threat Intelligence Index 2023.” This is a wide-ranging report with excellent stats:

  • 27% – Percentage of attacks included extortion – 30% aimed at manufacturing
  • 21% – Share of incidents that saw backdoors deployed – the top action on objective
  • 17% – Ransomware’s share of attacks (down from 21% in 2021)
  • 41% – Percentage of incidents involving phishing for initial access
  • 26% – Exploited public-facing applications
  • 100% – Increase in the number of thread hijacking attempts per month

Top impacts 2022

  • 21% – Extortion
  • 19% – Data theft
  • 11% – Credential harvesting
  • 11% – Data leak
  • 9% – Brand reputation

This is a bit of mixed bag. But at least the fact that ransomware is being stopped is good news.

Morten Gammelgaard, EMEA, co-founder of BullWall had this to say:

   “It is excellent news that ransomware prevention is improving, if for no other reason than it diverts cybercriminals away from executing attacks to developing new tactics, which they will. With extortion, data theft, data leaks and brand reputation being the top 4 out of 5 ways ransomware impacted organizations in 2022, organizations cannot rely solely on prevention and need to also consider active defense/containment strategies to catch the attacks that bypass prevention-based tools. When an active attack is unable to encrypt or exfiltrate data, organizations are given time to respond, eliminating 80% of the potential impact to their business.”
 

David Maynor, Senior Director of Threat Intelligence at Cybrary followed up with this:

“There are three kinds of lies: lies, damn lies, and ransomware stats. For the last couple of months depending on who you ask ransomware attacks and becoming less of a problem or they are increasing. If your risk model is based on arbitrary thresholds like at 20% we don’t address it but we take it seriously at 21% of attacks seen…you have already lost and a ransomware actor is probably watching you read this.”

Hopefully when this report comes out in 2024, we see more ransomware being stopped which means by extension that ransomware is less profitable for the people behind ransomware.

Leave a comment »

Guest Post: Car Theft Is Out Of Control Right Now…. Here’s Some Tips From ESET Canada In Terms Of How You Can Protect Yourself

Posted in Commentary with tags on February 22, 2023 by itnerd

The technology in our cars is advancing by leaps and bounds, but as far as vehicles have come with automated features and expanded entertainment options, thwarting the car thief has proven to be an elusive endeavor. 

York Regional Police recently reported more than 2,000 vehicles have been stolen in their jurisdiction over the past year, and they are noting the criminals are using technology to their advantage. They start by identifying high-end vehicles in public places — like a shopping mall parking lot — and place an “AirTag” tracking devices discreetly on the vehicle. This allows them to follow the vehicle to the owner’s house where they use more technology — an electronic device used to reprogram a car’s factory setting — to hack into a car’s computer and re-program it to accept the key they brought with them. 

The car thieves then simply drive the car away. 

Car thieves have also been known to steal a car by relaying the signals of the contactless key to give them a method to gain access to and start the car without having the key present. Two thieves work in tandem — one uses a transmitter in close proximity to the car key and the other has a receiver beside the car. If a vehicle owner stores their keys just inside the front door (quite a common practice), the transmitter will pick up that signal and relay it to the accomplice at the car, allowing them to get the door open and start the vehicle without causing it any damage.

“These acts may seem like technological voodoo, but they can actually be quite easy for criminals to pull off,” says Tony Anscombe, Chief Security Evangelist with ESET Canada. “All it takes is the right equipment, which is easily accessible, and as technology advances, this equipment becomes cheaper and cheaper.”

Car owners are not powerless against this, but interestingly enough many of the solutions against these high-tech crimes are decidedly low-tech: 

  • Protect your keys. Key to thwarting the thieves is to deny them access to the signal from your key fob. This can be accomplished with something as simple as a tin box for storing keys, or storing your keys away from the front door of your home. A secure faraday pouch or bag will also block theft of the fob’s signal, especially if you are out and about. 
  • Conceal your vehicle. It is a wise idea to store your expensive car in a locked garage. 
  • Secure your vehicle. If a garage is not an option, simply locking your doors will not be enough of a deterrent for a determined criminal. An alarm system helps, and a steering wheel lock is not only effective, but it is also a visual deterrent from even trying to steal your car. 
  • Lock the data port. The car’s OBD data port is where thieves will access your car’s computer. A simple lock can be purchased online that will protect this port from being accessed by unauthorized folks. 
  • Get it on video. Surveillance cameras trained on your driveway will record any activity there. Today’s systems are advanced elements of your smart home, and many allow remote access so you can keep an eye on your property from a far. 

Leave a comment »

Activision Has Been Pwned As It Were A N00b Playing Call Of Duty

Posted in Commentary with tags on February 22, 2023 by itnerd

It appears that video game company Activision has been pwned by hackers. And this hack is really bad. Here’s a quick synopsis:

  • Sunday 2/19 – Cybersecurity research group vx-underground Tweeted screenshots of data purportedly stolen from Activision, including a content release schedule for Call of Duty.  “Activision did not tell anyone.”
  • Monday 2/20am – Insider Gaming said it confirmed the Activision data breach after obtaining “the entirety” of the stolen data (not published by vx-underground).
  • Monday 2/20pm – Nothing to see here: “Following a thorough investigation, we determined that no sensitive employee data, game code, or player data was accessed.” Activision confirmed to Bleeping Computer that their systems were breached through an SMS text phishing attack on an HR employee, gaining access to their Slack on December 2 and tried to trick other employees into clicking malicious links..
  • However, Insider Gaming claims to have reviewed the entirety of the stolen data, saying the data also contained sensitive employee information, including full names, emails, phone numbers, salaries, places of work, and more.

And seeing as they are being purchased by Microsoft, this could not have come at a worse time for the company. And Activision’s response to this has been, shall we say, sub-optimal.

David Maynor, Senior Director of Threat Intelligence at Cybrary had this to say:

   There is no one “SOP” for breaches. This timeline shows a typical public reaction to a breach. Some entity, in this case VX-Underground, notices something on a market and tells the world about it. Reporters that follow VX-Underground use it as a tip and suddenly the victims switchboard/email server gets loaded with requests for comment. 

   “There is also the fog of war effect where different people have different parts of a puzzle and make assumptions. This leads to different hot takes contradicting each other.

   “From the trial last year of the Uber CISO, Joseph Sullivan, we know that big corps can handle breaches differently. What I can say from personal experience is that the responses to questions as well as public statements are approved by if not written by a crisis communications team. The default response is deescalate, deflect, then deny. This is why the infosec community values technically insightful Root Cause Analysis (RCA) from a victim.”

Tim Morris, Chief Security Advisor, AMER at Tanium follows up with this:

   “There is conflicting information on this one. Specifically, about what was accessed /stolen. Regardless, the initial attack vector was a social engineered phishing/smishing attack, obtaining access via SMS / 2FA. Proving once more that SMS / 2FA isn’t the most robust form of authentications and other, stronger MFA methods should be used.

   “Also, training of users is still needed. Users should treat SMS messages with the same scrutiny as email phishing scams. Be wary of phone calls from “IT Support”. Unless initiated by the user, they should be suspect. Either ignore or call back to a known number. For SMS, ignore and never give out any 2FA codes sent via text.

   “Principle of least privilege needs to be implemented, so that if/when an employee’s account credentials are stolen the “blast radius” is small, i.e. what the attacker has access to is minimized. Threat hunting, good incident response, and monitoring are key to find these intrusions quickly, and limit their reach.

   “Have a good PR plan on what to do when a breach happens. This successful attack happened two and a half months ago, and is only public now because some leaked data was published on vx-underground.”

Given the profile of Activision who makes the Call Of Duty franchise, and their relationship with Microsoft, a lot of eyes are going to be on this one. If I were Activision, I’d be working very hard to find out what happened, what was stolen, and how to stop this from happening again. Then I would put all of that out in the public domain as quickly as possible. Because right now, Activision look like a bunch of n00bs.

Leave a comment »

Guest Post: Social media used AI to create the new big tobacco. So, what’s next?

Posted in Commentary with tags on February 22, 2023 by itnerd

By Bill Ready, CEO at Pinterest

AI has been advancing rapidly over the last 10 years, doubling every 6 months. Until recently, the advancements have mostly been behind the scenes from a consumer perspective. But in the last few months a next generation of AI has been made available to the public and captured the attention and imagination of many. In fact, two of the largest providers of search, Google and Microsoft (with OpenAI), are showing significant advancements in AI that appear set to create a next major step forward in how search works. I’m excited about that, as are countless others. I’m also very glad to see that it has sparked a broader dialog about the appropriate use of AI and the ethical issues it raises. It’s encouraging that Microsoft and Google have been directly speaking to how they are attempting to address those issues—even though many questions remain.  

What’s missing is a discussion of the other major use of AI in our world today: social media. Social media used AI to create the new big tobacco. It has addicted all of us—but especially young people—over the last decade. But laced with a now evermore powerful AI, it’ll only get worse for our mental health. What comes next is a choice. What will social media do with this next generation of AI? Calls for change have come from parents, researchers, whistle-blowers, regulators, and lawmakers for years. But the call needs to come from within social media as well. 

What happened? 

Remember when social media first came into broad use? It helped reconnect us with old friends, share family updates with relatives, and meet and connect with neighbors. It gave us hope that we could create a more curious, connected, and compassionate world. 

That feels like a distant memory. Today, social media has made us more distracted, more depressed, and more divided. It has turned us against our neighbors and focused us on our differences rather than our commonalities. 

That’s because social media companies put AI in charge of what we see and they asked it to maximize view time. AI quickly figured out that people were more likely to view something for longer when it triggered their basest instincts: fear, anger, envy, greed. 

The points of view that would get the most engagement were the most extreme rather than the most sensible. The more you were enraged, the more you would engage. With each refinement of social media apps, users are less and less in control of what they see and more and more vulnerable to an increasingly powerful AI that is tuned to keep them viewing, no matter the cost to their wellbeing.  

To give a simple metaphor of how this works, let’s take an experience we’ve all had: You’re sitting in a traffic jam and there’s an accident up ahead. You know you shouldn’t look. You know it won’t make you feel good. But…there’s an urge to look anyway. If you ask people afterwards whether they’d like to see another car crash, almost everyone would say no. And fortunately, we don’t have to encounter these situations every day in the real world. But in the world of social media,  the AI is going to show you another car crash. And you can’t help but glance at that one, too. So it shows you another and another, until eventually all you see are car crashes. 

Defenders of social media will say they are simply giving users what they want. But do we really think this is what people want: more fear, more anger, more envy, more violence, more hate speech, more trolling? A world where all we see are car crashes? That people want to feel worse about themselves and the world around them?

Social media may not have initially understood the unintended consequences of telling AI to maximize view time, but those consequences are overwhelmingly clear now. Even worse, these choices have become deeply ingrained in the business model of much of social media. 

As CEO of Pinterest, I’m writing this because I believe it to be one of the most important societal issues of our time. We must build a more positive place online. And it is possible. 

To that end, we’ve made a particular set of choices.

From implicit to explicit signals 

First, we train our AI models to prioritize explicit intent signals. That could include what people pin to our platform in the first place (say, an amazing brunch recipe), what they might search for once they are here (bold summer makeup), or what they save to their boards to act on later (clever ideas to decorate a dorm room).

When you tune AI on those more conscious, explicit actions, you get very different outcomes than when you optimize for views alone. In that environment, additive rather than addictive content wins, largely because the user is playing a more deliberate role in choosing. 

So far, it’s working. And we know this because of our next choice.

From tactics to outcomes

Second, we’re committed to holding ourselves accountable to more positive wellbeing outcomes. There’s no shortage of tactics that social media companies could implement or propose that seem like they ought to help. But unless they result in demonstrably better wellbeing outcomes,those efforts will always be woefully inadequate. In order to build a better internet for our better selves, emotional wellbeing has to be a real, measurable result—and should become the standard for the entire industry. 

A recent study we ran with UC Berkeley’s Greater Good Science Center found that 10 minutes a day of active engagement with inspiring content on Pinterest by Gen Z users buffers against rising burnout, stress and social disconnectedness. We replicated similar findings across the UK, Canada, Australia, Germany, France, Brazil, and Japan. More than a dozen studies over the last five years—commissioned and not—show that positive spaces like Pinterest have a wide range of benefits for users.

It’s still early and we don’t profess to have all the answers. We have had our own regrettable moments in which our AI models have served negative or damaging content to users. But we’re committed to better outcomes and bolstered by these early studies that show it’s possible.  

A more positive internet is possible.

We got here by making different choices about AI. By placing our users’ wellbeing over their view time. And by holding ourselves accountable for more positive outcomes on mental health—not simply empty tactics. We’ve seen the effects of what social media has been asking AI to do for the last decade. My question is this: what will social media companies ask this new, more powerful generation of AI to do next?

What comes next is a choice.

A choice that leaders must make, a choice that users deserve and should participate in, and a choice that the good of society depends on. Pinterest is committed to using our platform—and the AI that powers it—to create more positive wellbeing outcomes.

We’re making our choice and our intentions clear. 

Read more on our research withGreater Good Science Center at University of California Berkeley.

Read more about what Pinterest is doing to support emotional wellbeing and create a better internet for our better selves.

Leave a comment »

Is Antivirus Software Still Relevant? Report Shows Americans Say “Yes” And Rely On Free Over Paid Programs

Posted in Commentary with tags on February 22, 2023 by itnerd

Even as Apple and Microsoft invest billions in protecting their own devices, 85 percent of American adults are continuing to rely on third-party antivirus software, up from 77 percent a year ago.

That is one finding of Security.org’s annual report on the antivirus market:

Security.org’s latest report also found:

  • Nearly three-in-four Americans still strongly believe computers need antivirus to protect their devices
  • More than half (61 percent) of antivirus users rely on free programs, such as Microsoft Defender, which comes installed on their PCs
  • Only eight percent of free antivirus users experienced a breakthrough virus in the past year, compared to 10 percent of paid users
  • An estimated 33 million households pay for antivirus software, many of which include popular features that boost internet security, such as VPNs, password managers, or secure browsers
  • Seven percent of people in the study – an estimated 16 million Americans – will be in the market for antivirus software in the next six months

You can read the full report here. I will say that this mirrors a lot of the experience that I have with my home/SMB clients which makes this report worth reading.

Leave a comment »

Uber Is Renewing Their Commitment To The Canadian Black Chamber Of Commerce

Posted in Commentary with tags on February 22, 2023 by itnerd

In 2021, the Canadian Black Chamber of Commerce (CBCC) and Uber Canada announced the nationwide launch of Black Business Direct, the newest national digital directory to help even more Black-owned businesses be discovered. Today, Uber Canada is renewing its commitment to the CBCC and Black Business Direct for another two years.

Black Business Direct is a free, easy-to-access resource for Canadians to search and support local Black-owned businesses across the country. Over the last two years, Black Business Direct has grown to over 1000 listings with new additions every day. CBCC has also made the directory bilingual, introducing a French version of the site. 

You can get more details on their website here.

Leave a comment »

New Salesforce Study: Data Is Doubling, But Data Skills Are Struggling To Keep Up

Posted in Commentary with tags on February 22, 2023 by itnerd

New Salesforce research that reveals while companies agree about the advantages of using data to make decisions, there’s a clear disconnect from how they’re using it in practice.

Salesforce’s Untapped Data Research published today, surveyed nearly 10,000 global business leaders. Here are some key findings below:

  • Companies do agree data can help drive decisions73% of business leaders agree that data helps reduce uncertainty and make more accurate decisions in business conversations.
  • Data is doubling, but data skills are struggling to keep up: 41% of business leaders cite a lack of understanding of data as a barrier to entry.
  • Companies are struggling to put data into practice as leaders can’t make sense of it: 8 in 10 (80%) business leaders say data is critical in decision-making at their organization, but 1/3 of business leaders cite the lack of ability to generate insights from data.

Please see here for the Untapped Data Research newsroom post.

Leave a comment »

Telstra Incorporated Earns Great Place to Work Certification

Posted in Commentary on February 22, 2023 by itnerd

Telstra Incorporated, the U.S.-based entity of Telstra, was recently certified as a Great Place to Work® in recognition of its ongoing efforts to create an extraordinary employee experience. 

As a result of a company-wide survey, 94 percent of employees said Telstra is a great place to work, compared to just 57 percent of employees at a typical U.S.-based company. This honor highlights Telstra’s demonstrated track record of consistently fostering a supportive and fully inclusive work environment for all employees, with a focus on workplace culture, collaboration, empowerment, and career development and mentorship.

To earn the prestigious certification, Telstra employees were asked to take a confidential survey administered by Great Place to Work and focused on how they view their workplace, including questions about diversity and inclusion, management, work/life balance, and professional development. Highlights from the survey include:

  • Nearly 100 percent of employees believe people are treated fairly, regardless of their sexual orientation, race, age, or gender
  • 99 percent of employees believe management trusts people to do a good job without watching over their shoulders
  • 97 percent of employees feel they are encouraged to balance their work life and their personal life
  • 96 percent of employees believe management is approachable and easy to talk with
  • 96 percent of employees are proud to tell others they work at Telstra
  • 96 percent of employees feel good about the ways Telstra contributes to the community
  • 95 percent of employees feel they are offered adequate training or development to further themselves professionally

Additionally, according to research from Great Place to Work, job seekers are 4.5 times more likely to find a great boss at a Great Place to Work certified workplace. Employees at certified workplaces are also 93 percent more likely to look forward to coming to work, and are twice as likely to be paid fairly, earn a fair share of the company’s profits and have a fair chance at promotion.

In addition to providing valuable perspectives on the employee experience, Great Place to Work certification has been shown to help job seekers identify which companies genuinely offer a great company culture. Certification also gives employers a recruiting advantage by providing a globally recognized and research-backed verification of a great employee experience.

Check out Telstra’s careers page to find open positions.

Leave a comment »

Deepwatch Announces $180 Million in Investments And Appointment Of New CFO

Posted in Commentary with tags on February 22, 2023 by itnerd

Deepwatch, the leader in advanced managed detection and response (“MDR”) security, today announced a total of $180 million in equity investments and strategic financing from Springcoast Capital Partners, Splunk Ventures and Vista Credit Partners, a subsidiary of Vista Equity Partners and strategic credit and financing partner focused on the enterprise software, data and technology markets. The combined capital will enable Deepwatch to accelerate platform innovation and product development while expanding its partner ecosystem to meet the growing demand for managed security services.

Deepwatch MDR protects businesses from an ever-increasing volume of cyber threats. The company delivers an always-on cybersecurity platform backed by experts who work as an extension of customer teams. With many leading global brands as customers, Deepwatch is uniquely positioned to deliver advanced, cloud-based cybersecurity solutions that serve the stringent needs of the most demanding enterprise environments.

Deepwatch experienced 100 percent year-over-year sales growth in 2022, with more than two-thirds of customers expanding their service. The company introduced new offerings and advancements to the Deepwatch security operations platform to speed the detection and containment of threats across the enterprise.  This included the release of its Threat Analytics App 2.0 bolstered by its innovative Threat Probability Value ML backed software and managed extended detection and response (MXDR) for endpoint and identity.  The company was also named to the 2022 Forbes list of America’s Best Startup Employers and received A Great Place to Work certification. The new investment provides the capital and resources for Deepwatch to further advance its platform and meet record customer demand while further establishing its leadership position in managed security.

The new investors join ABS Capital and Goldman Sachs who have backed Deepwatch’s rapid growth over the last four years.

The company also announced the appointment of Mel Wesley as Chief Financial Officer (CFO). Wesley is a seasoned finance executive with over 25 years of experience in financial planning, analysis, and operational finance, with a proven track record of driving growth and building high-performance finance teams. For the past 18 years, he has served as CFO for publicly traded and private technology companies. As Deepwatch’s CFO, Wesley will support the Company during hyper-growth while overseeing finance, legal and corporate development.

In the last ten years as a CFO, Wesley supported three companies through financial transactions and exits totaling nearly $3 billion. As CFO, he has managed investor relations, directed IPO-readiness efforts and raised significant equity and debt.

Wesley remains on the Board of Directors of Cofense, Inc. (formerly PhishMe, Inc.), where he previously served as the CFO before joining Deepwatch. During his tenure as CFO, he supported the Company’s growth initiatives and IPO-readiness efforts, and steered the Company through a significant sale for $400 million.

Before that, Wesley held multiple CFO positions. During his tenure at comScore, Inc. (NASDAQ: SCOR), the Company purchased and merged with another public company. During his tenure at Mandiant Corporation, the Company was sold to FireEye, Inc. (NASDAQ: FEYE) for over $1 billion. Wesley remained at FireEye as CFO of Global Services and Cloud Solutions, supporting integration efforts. During his tenure at OPNET Technologies (NASDAQ: OPNT), the Company’s revenue grew from $50 million to $175 million before the company sold for over $1 billion.

Leave a comment »

US & EU E-Commerce Websites Put Payment Data at Risk Via JavaScript

Posted in Commentary with tags on February 22, 2023 by itnerd

Jscrambler, a leading security solution for JavaScript protection and real-time webpage monitoring, has released research findings on the top US and EU e-commerce websites which are under risk of data skimming attacks due to unprotected JavaScript running on the payment page.  

Payment pages on websites are flooded with third party JavaScripts. Jscrambler found that 60% of analyzed websites in the US have more than 10 different vendors on their payment pages. 

Unless these sites find a way to identify, monitor and control the behavior of these third-party scripts, the attack surface will remain vast and unchecked.  

With British Airways recently falling victim to a £20m fine after the data of 400,000 customers was leaked through JavaScript vulnerability, these risks are not only costly for the customer, but pose a large financial burden on the business as well. 

The external risk and high-value placed on e-commerce in users’ daily lives shows the vital importance in having visibility and control over the pages which enable payments. 

You can read the research here.

Leave a comment »

« Older Entries
Newer Entries »