Samsung adds zero-click attack protection to Galaxy S23

Posted in Commentary with tags on February 21, 2023 by itnerd

Samsung announced on Friday it has developed a new security system to protect Galaxy S23 owners from image-based, zero-click exploits using a new virtual quarantine feature called Message Guard. These images require no interaction from the user to compromise the device.

Message Guard works by automatically placing any image file your phone receives into a virtual quarantine, otherwise known as a “sandbox” and “automatically neutralizes any potential threat hiding in image files before they have a chance to do you any harm,” explains Samsung.

Eventually, this protection will become a standard feature across the entire range of Samsung’s Galaxy devices.

David Maynor, Senior Director of Threat Intelligence, Cybrary had this to say:

   “I am a fan of the forward-thinking Samsung does in their products, like DeX. DeX turns your phone into a desktop computing environment just by plugging in a monitor and keyboard. This means that Samsung’s mobile devices could face not just mobile attacks but the same attacks as any laptop/desktop user depending on installed software.

    “Samsung already has Knox on mobile devices. Knox creates separate workspaces for a users personal data and a different one for work data. Message guard works in concert with Knox by attempting to detect attacks in each workspace by attackers looking to exploit zero-click exploits like those used by the NSO Group’s CNE software Pegasus.

   “I use a Samsung Galaxy Fold 4 as both a personal and work phone and can’t wait for Message Guard to come to my platform.”

I have to admit that this is a cool feature that I hope not only appears in other Android phones, but makes its way over to iOS as zero click threats are the “holy grail” of threats as they don’t require any user interaction to execute. And the sooner that day comes, the better off we all will be.

Leave a comment »

Cradlepoint successfully demonstrates SD-WAN and 5G network slicing for distributed enterprises at Ericsson D-15 Labs 

Posted in Commentary with tags on February 21, 2023 by itnerd

Cradlepoint today presented a real-world implementation of 5G Standalone (SA) network slicing. The demonstration highlights how 5G network slicing will allow enterprises to take advantage of end-to-end performance guarantees over 5G Wireless WANs, similar to the SLAs available with MPLS. This will entice more enterprises to adopt wireless as critical WAN infrastructure for their business-critical applications. 

Cradlepoint performed the demonstration at the Ericsson D-15 Labs, a state-of-the-art innovation centre located in the heart of Silicon Valley. Leveraging Ericsson’s 5G SA core and Radio Access Network (RAN), combined with Cradlepoint’s NetCloud Exchange Service Gateway and E3000 Series Enterprise Routers, the demonstration shows how video applications are protected from congestion when steered across an ultra-reliable low latency slice. Using such a high-priority slice ensures an optimal quality of experience across distributed sites, vehicles, IoT and remote work environments. 

With an estimated 30 per cent of potential 5G use cases requiring network slicing as an enabler, 5G Standalone networks represent a significant inflection point for the next generation of wireless. As 5G SA deployments accelerate, cellular-optimized SD-WAN will play a key role in enterprises adopting network slicing as part of their essential Wireless WAN infrastructure, allowing organizations to recognize, classify, and steer applications to the appropriate slice.  

Cradlepoint’s NetCloud Exchange is the industry’s first 5G-optimized SD-WAN solution. It is uniquely designed to optimize traffic over LTE, 5G non-standalone networks, 5G SA network slices, broadband, and Wi-Fi as WAN. NetCloud Exchange, an extension of the Cradlepoint NetCloud Service, allows for integrated 5G SD-WAN and zero-trust security services to be deployed across Wireless WANs, enhancing resiliency, security, and quality of experience. For more information on Cradlepoint’s NetCloud Exchange SD-WAN solution, please visit: https://cradlepoint.com/products/sd-wan/.     

The network slicing demonstration will also be on display at Mobile World Congress Barcelona from February 27 – March 2, 2023, at booth 2L20. For more information on the event, visit: https://www.mwcbarcelona.com/exhibitors/cradlepoint

Leave a comment »

Angry At Netflix Regarding Their Password Sharing Crackdown? Here’s How You Cancel Your Subscription

Posted in Commentary with tags on February 21, 2023 by itnerd

Everywhere I turn, people are mad about Netflix’s attempt to crack down on password sharing. I even went out to dinner with my wife last week and got into a discussion about it with a couple who was mad about this due to the fact that their son at university would be affected by this. So clearly this has created a whole lot of noise that Netflix likely didn’t want, and it will likely spur people to cancel their subscriptions. But before I tell you how to cancel your subscription, some background for you.

Under Netflix’s password-sharing rules, it’s fine for multiple people to use and share one account provided they live together. But in certain countries (I’ll post the list of countries in a moment), that’s about to change. In those countries, if you don’t all live together then you’re no longer going to be allowed to do share your Netflix account. Well, not for free anyway. When this rolls out to your region, you’ll be asked to set a “primary location”. Netflix hasn’t given a whole lot of detail about how they will enforce this. That’s likely because they don’t want people to figure out how to circumvent it once it rolls out.

Once this primary location is set, people who don’t live at it will have three options.

  • Option 1: Cancel Netflix 
  • Option 2: Sign up for their own private Netflix account 
  • Option 3: Pay an additional fee and become an “extra member” to the existing account 

The list of countries that are affected by this currently are:

  • Canada
  • Chile
  • Costa Rica
  • New Zealand 
  • Peru
  • Portugal
  • Spain 

And this rolls out to Canada today. While the U.S. isn’s subject to this as I type this, you can bet it’s going to be at some point.

So, if you’re mad about this and you want to cancel your Netflix account as a result, here’s how you do it. Let’s start with the Netflix app:

  • Open the Netflix app
  • Tap on your profile icon on the top right.
  • Tap on ‘Account’
  • Tap on ‘Cancel Membership’

You will then be asked to confirm the cancellation, with your current subscription ending on the day of plan renewal. Tap on ‘Finish Cancellation’ to confirm.

And if you’re doing it via a web browser, here’s what you need to do:

  • Go to www.netflix.com/browse and log in to your account.
  • Hover over your profile icon on the top right of the screen and click on ‘Account.’ Under ‘Membership and Billing’
  • Click on ‘Cancel Membership,’ and then ‘Finish Cancellation’ to confirm.

I get why Netflix is doing this. But I really think that this has been handled badly by the company. We are in a day and age where companies are winning marketshare by being “frictionless” and easy to use. Thus it is beyond comprehension that Netflix would do such a stupid thing. I say that because I have an Apple TV+ subscription and I can watch what I want where I want and Apple doesn’t seem to care. I assume other streaming services are the same way, though I am free to be corrected on that front. In any case, Netflix has seriously shot itself in the foot by doing this by destroying a lot of good will with their customer base. And I seriously doubt that they will get that good will, along with those customers back as a result.

Leave a comment »

John Paul Cunningham Joins Silverfort As CISO

Posted in Commentary with tags on February 21, 2023 by itnerd

Silverfort, a leader in Unified Identity Protection, today announced the appointment of John Paul Cunningham as Chief Information Security Officer. With over 24 years’ experience managing cyber risk at Fortune 100 companies – and another 8 years in the Fortune 1000 – John Paul will work with customers and partners to build an understanding of the strategic benefits of modern identity protection. In addition, he will also design and implement Silverfort’s own cybersecurity program. 

In his previous role as CISO at Bank of Hope, John Paul was responsible for working with the board to build operating models designed to reduce cost and cyber risk, while also adhering to rigorous compliance standards. Prior to this, he held similar positions at Docupace, Ares Management and J.P. Morgan Asset Management building information security, risk management, and security operations programs from scratch.      

Silverfort extends modern identity security to the sensitive resources targeted by attackers, including those which couldn’t be protected previously, such as legacy applications, command line interfaces, service accounts and more.   For more information, visit www.silverfort.com

“His experience operating at a senior level within large organizations will help us as we continue pushing into a greater number of enterprise environments. John-Paul’s background building risk management programs will also be invaluable as we scale our own security operations.”   

Leave a comment »

Russia Threat Researcher Recaps Role of Telegram in Ukraine Conflict A Year Later

Posted in Commentary with tags on February 21, 2023 by itnerd

Dov Lerner, Head of Threat Research of global threat intelligence firm, Cybersixgill, has released a report that delves into the major role Telegram played in the last year of the Ukraine conflict. 

According to Dov, chatter on Telegram tended to follow events in the war. War-related posts in Russian or Ukrainian peaked at over 122,000 per week in mid-October, coinciding with the strike against the Crimean bridge and subsequent Russian missile attacks.

You can read this fascinating report here.

Leave a comment »

Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs published by Horizon3.ai

Posted in Commentary with tags on February 21, 2023 by itnerd

Horizon3ai’s Chief Attack Engineer Zach Hanley and the Horizon3.ai Red Team have just published Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs, with indicators of compromise and a link to the team’s proof of concept on GitHub.

FortiNAC is Fortinet’s network access control solution that “enhances the Fortinet Security Fabric with visibility, control, and automated response for everything that connects to the network. FortiNAC provides protection against IoT threats, extends control to third-party devices, and orchestrates automatic response to a wide range of networking events,” Fortinet’s website notes.

The FortiNAC CVE-2022-39952 allows an unauthenticated attacker to write arbitrary files on the system and as a result obtain remote code execution in the context of the root user.

You can read the deep dive here: https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/

Leave a comment »

Guest Post: VPN Usage in Russia increased by 167% in 2022

Posted in Commentary with tags on February 21, 2023 by itnerd

Russian authorities have attempted to isolate their nation’s internet from the rest of the world since the start of the war in Ukraine on February 24, 2022. Hundreds of websites have already been blocked, including two major social media platforms – Instagram and Facebook. 

Russians are turning to VPNs to bypass the country’s tightening internet controls. 

The recently updated VPN Adoption Index by Atlas VPN reveals that VPN downloads in Russia grew from 12.59 million in 2021 to 33.54 million in 2022, representing a YoY growth of 167%. 

In 2020, only 4.9 million downloads originated from Russia, which put the VPN adoption rate at 3.37%, ranking the country at the 55th spot globally. 

While last year, nearly a quarter (22.98%) of the country’s population installed VPN services on their devices, with Russia becoming the 8th most popular market for VPNs

The most significant wave of VPN installs from Russia began on March 11, 2022, when the Russian government’s communication agency announced it would block Instagram and Facebook after finding Meta Platforms Inc. “extremist.”

On March 14, 2022, the number of VPN installs originating from Russia increased by 11,253% above the norm. 

To read the full article, head over to: https://atlasvpn.com/blog/vpn-usage-in-russia-increased-by-167-in-2022

Leave a comment »

TELUS launches Critter Comforts Playlist

Posted in Commentary with tags on February 20, 2023 by itnerd

The research speaks for itself – animals have a profound impact on Canadians’ wellbeing. From this study that shows watching images and videos of animals for just 30 minutes positively affects blood pressure, heart rate, and anxiety, or this study that shows those who engaged in a 10-minute interaction with a live animal reported higher levels of contentment, it’s clear we look to critters for comfort and joy. 

TELUS has launched the Critter Comforts video playlist on YouTube and Optik TV, providing Canadians with a healthy dose of relaxation and delight watching their favourite TELUS critters. Watching the playlist won’t just help viewers feel good, it will also do good for animals and the charities that support them: for every view of the Critter Comforts playlist on YouTube, TELUS will give $1, up to $100,000, through the TELUS Friendly Future Foundation, to charities that support service animals, wildlife rehabilitation and animal therapy across the country. 

Similar to the fireplace channel or calming musical playlists, the TELUS Critter Comforts playlist is designed to boost Canadians’ well-being with a warm combination of calm and joy in a convenient, digital way, featuring TELUS’ iconic critters who Canadians have come to know and love. 

To further examine the human-animal bond, and just how much critters mean to us – whether in our homes, on our screens, or in our natural environments – TELUS conducted an online survey (between January 20-27, 2023) surveying a nationally representative random sample of 2,114 Canadians adults. 

Below are the top survey findings. 

Canadians feel that simply watching animal content online has a positive affect on their mood: 

  • 63% of Canadians said that videos like TELUS’s Critter Comforts Playlist content improved their mood and made them feel happy (58%), relaxed (48%), and joyful (41%).
  • Those who consume animal content online are more likely to feel happiness (80%).
  • Top Animal Video Content for Canadians are baby animal videos or photos (52%), pet rescues (51%), or touching and wholesome animal stories (50%). 
  • And some believe their pets enjoy entertainment too! 56% of Canadians leave the TV or other entertainment on for their pet when they go out so they don’t feel alone. 

In general, Canadians feel pets are good for their wellbeing: 

  • 6-in-10 Canadian households (59%) currently have a pet. 
  • Two-thirds of Canadians have a dog, and half of Canadians are cat owners. Other pets include fish, birds, reptiles, farm animals, and squirrels.
  • Even non-pet owners agree that having a pet, or interacting with any animal has a positive impact on health and overall wellbeing (83%) with seven-in-ten Canadians noting they spend time in nature to support their mental health (69%). 
  • 70% of Canadian pet owners were motivated to get a pet to help with their anxiety and/or depression, to battle their loneliness, or to reduce their stress levels. 
  • 94% of Canadian pet owners agree that pet ownership has positively impacted their life, and nearly all pet owners agree that animals have a positive impact on all people’s health and wellbeing. 
  • 78% of parents said they were motivated to bring a pet home to their children to help with their children’s loneliness, to help with their anxiety, or to help boost their children’s self-esteem and confidence. 

How regional locations stack-up on all-things-critters: 

  • 63% of Canadians said that videos like TELUS’s critter content improved their mood and made them feel happy (58%), relaxed (48%), and joyful (41%). 
    • Quebecers reported to feel happy the least (48%), while Atlantic Canadians felt happy the most (68%). 
  • Those living in the Atlantic provinces (63%) and the Prairies (63%) currently have a pet – higher than the national average (59%). 
  •  62% of Atlantic Canadians leave the TV or other entertainment on for their pet when they go out. 
  • Atlantic Canadians like to watch TV with their pets (77%). 
  • Atlantic Canadians are most likely to look to their pets for comfort on emotionally challenging days (77% compared to national average of 66%), with Quebecers least likely to seek solace from their pets (60%). 
  • 70% of Canadian pet owners were motivated to get a pet to help with their anxiety and/or depression, to battle their loneliness, or to reduce their stress levels. 
    • Higher in Atlantic – To help with my anxiety and/or depression (27%).
    • Higher in Quebec – Battling loneliness (23%). 
    • Higher in Ontario – To reduce stress levels (35%). 
  • British Columbians were more likely to both celebrate their pets ‘gotcha day’ and to take their pet on a play-date to meet other pets, versus any other province (63% and 51% respectively, compared to national averages of 55% and 40% respectively).

Leave a comment »

Let’s Walk Through This Phishing #Scam Using Norton’s Name To See Why It’s A Scam And Why It’s Dangerous

Posted in Commentary with tags on February 20, 2023 by itnerd

It’s been a while since a scam email has hit my inbox. But, I have a new one that is pretty interesting to me. Let’s start with the email in question

So this scam leverages the Norton brand to do its dirty work. That makes sense as you’re more likely to respond to a scam if it purports to be from someone whose name you recognize. But what is interesting is that there’s nothing for you to click on such as a link to a website for example. We’ll get to that part of the scam in a moment. But let’s dissect this to understand why this is a scam. You’ll note that the English in this email is really bad as evidenced by phrases like “In sympathy” and “please contact us as soon as possible to avoid the recent transaction dispute”. But there’s one other hint that this is a scam. When I check the email address, this is what I see:

Norton is owned by Broadcom which is a massive billion dollar company. Billion dollar companies don’t use Gmail. Ever. So if you see an email from a billion dollar company, or a million dollar company for that matter that uses Gmail or any public email service, it’s a scam and you should delete the email in question.

So, let’s get back to the fact that the email doesn’t have you click on any links. The clear intention the email is to get you to phone into the scammer. Presumably to get you to let some person take control of your computer to do who knows what to it. Or to gain your confidence to allow them to do something like take over your bank account. Which reminds me of this case where a client of mine almost lost a pile of money to a scam like this.

In the interest of finding out what this scam is all about, I called the number, WHICH YOU SHOULD NEVER DO, and got a very bad connection to someone who was clearly in India based on the accent. This person had me “verify” the payment number at the top of the email and put me on hold. There was actually hold music playing until he accidentally disconnected me. I called back and got the same guy which implies that this is a small operation. Though I did hear other people in the background which might imply that he was in a call centre of some sort. In any case, he then claimed that a “David from Ohio” had purchased Norton Antivirus and if I was him. When I said that I wasn’t, he claimed that someone had gotten my “financial details” and he needed to walk me through the process to cancel the software. That’s when he directed me to TeamViewer.com. I hung up at that point as I got everything that I needed. What this scammer was going to do was get access to my computer, then likely walk me to a fake website, then use that as a means to get to my bank account so that they could drain it. In other words, it is a similar scam to the one that I linked to in the paragraph above.

So, what is the take away from this? If you get an email from a company that you don’t have any services with, delete the email as falling for a scam like this never ends well.

UPDATE: A reader correctly points this out:

Leave a comment »

Microsoft Outlook Spam Filtering Appears To Be Broken Right Now

Posted in Commentary with tags on February 20, 2023 by itnerd

So far this morning, I’ve had four clients call me to ask if I can “fix” their email. And by “fix” I mean to stop a flood of spam from coming in. All the clients have one thing in common. They’re using Microsoft’s Outlook email service which used to be knows as Hotmail. And in researching this, it seems that spam filtering is completely broken with Outlook at the moment. Leading some to complain loudly on Twitter:

https://twitter.com/wildcatdds/status/1627645405339975682

I haven’t seen any official comment or acknowledgement by Microsoft on this issue. But clearly there is an issue that they hopefully will address soon as I can’t imagine how I would handle this situation if I had a Microsoft Outlook email account.

Leave a comment »

« Older Entries
Newer Entries »