KAYAK reveals Canadians are saying sayonara and signing off on vaca with new Slack OOO

Posted in Commentary with tags , on April 19, 2023 by itnerd

Canadians are done working on vacation with 80% of employed Canadians saying they are willing to take a vacation to a destination with little to no cell service in order to unplug from work, according to a new survey from KAYAK, the world’s leading travel search engine. And despite half (50%) of employed Canadian adults having been contacted by their boss for a work-related matter while on vacation, over half (57%) don’t find it difficult to log off from work while on vacation, prioritizing self-care and signing off. 

With 40% of employed Canadians around the country setting up email auto-replies to unplug from work, KAYAK is launching theSlack Out of Office (OOO) Generator plugin – good for crafting custom colourful responses on the platform – so you can truly help keep your boss at bay and enjoy your next vacation. 

Here’s how it works:

  • Simply download the plugin (HERE
  • Enter /ooo into any Slack message 
  • Enter your days off and answer a few multiple-choice questions like where you’re going, your favorite way to unwind outside of work and how spicy you want the response to be and voila! Here’s mine 🙂 

From there, simply copy and paste the response into your Slack status and email auto-reply.

Here are additional survey findings on how Canadians are unplugging on vacation below:

  • Canadians are ahead of the curve (and it’s only April!), with 44 per cent having already taken a vacation 
  • Employed Canadians are less likely to check their work messages once a day or more compared to Americans while on vacation (42% vs. 52%)
  • Employed Canadians are more likely than employed Americans to be willing to take a vacation to a destination with little to no cell service in order to unplug from work (80% vs. 73%)
  • Employed Americans are less likely to show their cards and set an out-of-office reply, compared to employed Canadians (29% vs. 40%)

YouGov Survey Results Methodology

All figures, unless otherwise stated, are from YouGov Plc. Total sample size was 1059 adults. Fieldwork was undertaken between 31st March – 4th April 2023. The survey was carried out online. The figures have been weighted and are representative of all Canadian adults (aged 18+).

Leave a comment »

Venafi Launches Venafi Firefly to Deliver Machine Identities For Modern, Cloud Native Workloads

Posted in Commentary with tags on April 19, 2023 by itnerd

Venafi, the inventor of machine identity management, today introduced Venafi Firefly, the only lightweight machine identity issuer that supports highly distributed, cloud native environments. Part of the Venafi Control Plane for Machine Identities, Firefly enables security teams to easily and securely meet developer-driven machine identity management requirements for cloud native workloads by issuing machine identities, such as TLS and SPIFFE, locally at high speeds across any environment. By delivering added speed, reliability and security for machine identities in modern architectures, it helps organizations ensure identities adhere to corporate security policies, while accelerating application development and digital transformation.

Venafi Firefly is delivered as an easy-to-deploy container that can run in any cloud native environment, providing a fast, easy and secure way to issue machine identities. Machine identity policy is configured in the Venafi Control Plane and inherited by Firefly instances. Together, the Venafi Control Plane and Venafi Firefly provide a lightweight, distributed architecture that makes Firefly the only machine identity issuer for modern use cases requiring local high-speed autonomous issuance, low-latency cloud native use cases and advanced CI/CD with identity provider embedded in the pipeline.

Key capabilities include:

  • Observability – Through the Venafi Control Plane, Venafi Firefly delivers visibility into distributed issuance activity. This extends Control Plane observability of machine identities from the datacenter to the cloud and the edge.
  • Consistency – Venafi Firefly gives security teams control over policy for machine identities issued to modern applications in cloud native environments and ensures developers use a secure and consistent issuer.
  • Reliability – Venafi Firefly requires minimal infrastructure to deploy in production to achieve high availability and fault tolerance.
  • Freedom of Choice – Venafi Firefly has multiple deployment options, including cloud native, DevOps, cloud and federated PKI environments, giving developers flexibility to use Firefly wherever and whenever it’s needed.

Venafi Firefly is unmatched in reducing complexity and increasing the speed of development, while at the same time increasing security for machine identities needed for modern cloud native applications.

Venafi Firefly is generally available today to all customers. To download a free trial, please visit https://venafi.com/try-venafi/firefly/

Leave a comment »

Yikes! Open Source Red Team Tool Used By Hackers In Malware Attacks

Posted in Commentary with tags on April 19, 2023 by itnerd

In Google’s April 2023 Threat Horizons Report, security researchers in its Threat Analysis Group revealed that APT41 has been abusing the open-source GC2 red teaming tool in malware attacks.

The threat campaign interacts only with Google’s domains making it harder to detect, and it consists of an agent that is deployed on compromised devices, which then connects back to a Google Sheets URL to receive commands to execute.

These commands cause the deployed agents to download and install additional payloads from Google Drive or exfiltrate stolen data to the cloud storage service.

APT41’s use of GC2 is another indicator of a trend of threat actors using well intentioned, legitimate red teaming tools and RMM platforms as part of their attacks.

Matt Mullins, Senior Security Researcher, Cybrary provided this comment:

   “APT41’s use of GC2 is a shift into using more novel and off-the-shelf modern open-source projects. While most of the APT pool still relies on certain tried-and-true approaches (such as using PowerShell and macros), this change up of tactics shows a willingness to change approaches with the time. The GC2 program isn’t anything revolutionary to the Red Team community as the utilization of covert channels as a non-standard C2 is something that good Red Teams have been organically developing for years now. 

   “The tool, which uses Google’s trusted domains and applications, allows for the masquerading of legitimacy. This approach exposes an Achilles heel to using major providers like Google and Microsoft-enterprises essentially have to whitelist all domains and subdomains associated with these companies. By doing so, any service that can be abused is a free hall pass for attackers. I have personally used this on my own operations before and can say that it leaves even the best defenders blind to C2 communications.

   “The application also uses Go, which is a Google language (for extra insult), and in a similar vein it is a known compiled language to Red Teams. Go provides nice cross-compatibility with less robust detection maturity in most organizations. All of this makes for a great initial malware payload!

   “Times are changing and so are APT groups. As we see more research and development done by Red Teams, we will see more advanced vectors and approaches like this. Defenders need to make sure they have validated their detections, their detections are robust, and that we have security at all layers (instead of depending on one product or tool to save us). Above all else, having a good Red Team will help your Blue Team train up to defend against advanced threats like this! Investing into a good offensive security program for ANY organization will pay exponentially in the long run.”

Christopher Peacock, Principal Detection Engineer, SCYTHE followed up with this comment:

   “In this day and age, free and open-source hacking software is just that, hacking software. Any interesting capability posted publicly to GitHub will inevitably be used maliciously regardless of the projects’ intentions, licensing, or disclaimer.”

Clearly threat actors are becoming more and more dangerous by using tools to create even more novel and dangerous attacks. That means that those of us who are tasked with defending against these attacks need to work harder than ever to make sure that these attacks never succeed.

Leave a comment »

Waze Is Now Available In Your Volvo Car

Posted in Commentary with tags on April 19, 2023 by itnerd

Volvo Canada has announced that Waze is now available to all Volvo cars with Google built-in around the globe. Their collaboration also brings the in-car Waze app to drivers in the US and Asia Pacific for the first time.

The best of Waze’s real-time routing, navigation and alerts are accessible with nothing more than a one-time setup after downloading in the Google Play Store in your Volvo car. No matter who’s driving the car and what device they use, navigation with Waze will be just one simple tap away.

The in-car Waze app helps make your everyday journey easier by avoiding phone-related hassles and distractions, while continuing to offer the excellent functionalities that you’ve come to expect from the Waze app on your mobile phone.

Seamlessly displayed on Volvo Cars’ infotainment system, the in-car Waze app utilises more of the centre screen in the Volvo user interface you’re most familiar with, making navigation more comfortable with a bigger and bolder eye-level display area.

With the Android emulator offered on the Volvo Cars Developer Portal, Waze could develop and test the in-car app virtually, alongside the in-car infotainment system. This dual testing allowed the team to deliver a high-quality user experience before launching in customer cars today.

The small print

  • The Waze app is available for download in the Google Play Store on all Volvo cars with Google built-in in Volvo Cars’ markets globally except China, South Korea, and Vietnam.
  • Availability of the features and services mentioned above may differ between markets.
  • Google, Google Play, and Waze are trademarks of Google LLC.

Leave a comment »

LinkedIn reveals list of Top Companies in Canada for 2023

Posted in Commentary on April 19, 2023 by itnerd

Even in an uncertain economy, workers’ expectations have changed, and values matter to those looking to make a career move — whether that’s a new job, pivoting into a new industry or looking for a new role at their current organization. However, it can be a challenge to know where to start or how to take the first step.  

Today, LinkedIn launched a new job search filter designed to make it easier for job seekers to discover opportunities that align with their values and what’s important to them as they grow their careers. The new filter identifies open positions at organizations committed to culture and values that professionals care about, such as diversity, equity and inclusion (DEI)career growth and learningwork-life balance, social impact and environmental sustainability.  

Job seekers can also set up job alerts for these searches, which will notify them when a relevant role opens up so they can apply early.  

Proof that this focus on values is permeating the world of work can be found among the 50 companies listed on this year’s LinkedIn Top Companies list. Many of this year’s honorees are committed to bettering the world, and the workplace, with a wide range of programs that demonstrate a commitment to values such as easing the strain on working parents, increasing diversity in hiring, achieving carbon neutrality, and more. 

Top Companies uses unique LinkedIn data to rank companies based on eight pillars shown to lead to career progression — ability to advance, skills growth, company stability, external opportunity, company affinity, gender diversity, educational background and employee presence in the country. 

The Top 5 Companies on LinkedIn’s 2023 List of Top Companies include: 

  1. Mastercard 
  2. TD 
  3. Info-Tech Research Group 
  4. Scotiabank 
  5. Amazon 

Methodology  

LinkedIn’s methodology uses LinkedIn data to rank companies based on eight pillars that have been shown to lead to career progression: ability to advance; skills growth; company stability; external opportunity; company affinity; gender diversity; educational background and employee presence in the country. Ability to advance tracks employee promotions within a company and when they move to a new company, based on standardized job titles. Skills growth looks at how employees across the company are gaining skills while employed at the company, using standardized LinkedIn skills. Company stability tracks attrition over the past year, as well as the percentage of employees that stay at the company at least three years. External opportunity looks at Recruiter outreach across employees at the company, signaling demand for workers coming from these companies. Company affinity, which seeks to measure how supportive a company’s culture is, looks at connection volume on LinkedIn among employees, controlled for company size. Gender diversity measures gender parity within a company and its subsidiaries. Finally, educational background examines the variety of educational attainment among employees, from no degree up to Ph.D. levels, reflecting a commitment to recruiting a wide range of professionals. Finally, employee presence in the country looks at the company’s number of employees in the country relative to other companies, as a means of capturing companies that provide a diverse work environment and more opportunities for career advancement and networking.  

To be eligible, companies must have had at least 500 employees as of Dec. 31, 2022 in the country and attrition can be no higher than 10% over the methodology time period, based on LinkedIn data. Similarly, companies with layoffs that amount to more than 10% of their workforce, based on public announcements between Jan. 1, 2022 and the list launch, are also ineligible. Only parent companies rank on the list; majority-owned subsidiaries and data about those subsidiaries are incorporated into the parent company score. The methodology time frame is Jan. 1, 2022 through Dec. 31, 2022. This analysis represents the world seen through the lens of LinkedIn data, drawn from the anonymized and aggregated profile information of LinkedIn’s members around the world. 

LinkedIn exclude all staffing and recruiting firms, educational institutions and government agencies. LinkedIn also excludes LinkedIn, its parent company Microsoft and Microsoft subsidiaries. 

Leave a comment »

Apple Has Given Your HomePods The Ability To Alert You If A C02 Or Smoke Detector Goes Off… Here’s How To Set That Up

Posted in Tips with tags on April 19, 2023 by itnerd

Apple yesterday released a new feature for HomePod users which allows the HomePod to listen for C02 and smoke detector alarms and notify you via a push notification if it hears one or the other. This is a great safety feature as it is available to the masses and doesn’t require any extra hardware. It’s also really easy to set up, so let me walk you through that.

Before we get started, there is two pre-requisites. You HomeKit setup must be on the new home architecture. So if you haven’t done that yet, you might want to visit this page to get an overview and instructions on how to set that up. You’ll also need to be on iOS 16.4 or later as well as HomePod Software version 16.4 or later. But assuming that you’ve done that, you simply need to go into the Home app and you will see this:

You should see this prompt that tells you about this new feature. Simply click continue.

You will then get this prompt where all you have to do is click “Turn On”. A few seconds after you do that, you’re done and your home has an extra level of safety. But there’s some under the hood stuff that we need to talk about as it may be applicable to your specific use case.

In the Home Settings section of the Home app, you’ll see a new section called Safety & Security. My guess is that Apple is going to build this section out with more features in the future.

Here’s where you can turn on and off Sound Recognition which is what powers this feature. We’ll have a closer look at that in a moment. You’ll also see Notifications which we’ll also get to in a moment. Below that is the Check In section where you can give members of your home the ability to check in and listen or see what’s going on if they get a push notification that a C02 or smoke alarm has been triggered.

In the Sound Recognition section, you can turn on and off the ability to listen for smoke and C02 alarms. I suspect that Apple will add other functionality in the future here. But we’ll have to wait and see if they do. You can also give or take away this feature from individual HomePods. Though, if it were me I would leave every HomePod active.

In the notification section, this is where you can choose which HomePod sends notifications. Again, I would just leave all of them on.

Now I haven’t tested this feature as this is one of those features that you don’t ever want to actually use. But according to TechCrunch, they note the following:

If your system is connected to a smart camera, it will also present video of your place, so you can see what’s going on in real time. Apple notes that the feature is end-to-end encrypted, and all of the sound recognition is happening locally on the speaker, instead of the cloud.

I couldn’t find any Apple sources for that information, but the fact that the listening is being done on device should alleviate any privacy concerns. Plus the fact that you can also see a video if you have HomeKit cameras is handy as well.

Finally, this feature should be available on all generations of the HomePod and HomePod mini according to The Verge. That’s a bit of a surprise as I would have assumed that Apple wouldn’t have brought this to the original HomePod as a means to force people to buy a new one. But I guess that Apple has decided to do the right thing for its user base for a change rather than simply try to line their pockets with more cash.

So, are you going to enable this feature? What do you think of it? Please leave a comment below and share your thoughts.

Leave a comment »

Dasera Raises $12 Million Series A Funding 

Posted in Commentary with tags on April 19, 2023 by itnerd

Dasera, the premier data security platform specializing in automated data security and governance solutions for top-tier finance, healthcare, and technology enterprises, proudly announces today that it has successfully raised $12 million in Series A funding, led by Storm Ventures. Additional participation from Correlation Ventures, Mighty Capital, Tau Ventures, Intuitive Cloud, and existing investors Sierra Ventures and Saama Capital brings Dasera’s total funding to $20 million. This investment will fuel product development, broaden market presence, and bolster customer support.

As the world migrates to the cloud, modern data security and governance teams grapple with data sprawl, generating exponential governance challenges, security issues, compliance violations, and data misuse. Today’s organizations require a comprehensive security and governance solution that proactively manages their data risk posture on-prem and cloud environments.

Dasera’s data security platform fosters a culture of trust, collaboration, and innovation, creating   data-driven environments. Its solution empowers organizations to unleash the full potential of their data confidently, maintaining a competitive edge in the ever-evolving landscape.

Dasera empowers organizations to harness their data securely, providing automated data security and governance controls for on-prem and cloud environments. Balancing data accessibility with minimized risk, Dasera offers contextualized visibility and understanding of the four data variables: Data infrastructure, data and its attributes, data users, and data usage.  With real-time monitoring, an open platform standard that integrates and ingests context from any tool, and cross-functional workflows that streamline the incident response process, Dasera detects and remediates potential data misuse or leaks, ensuring safe and compliant data-driven decision-making.

As AI technologies like ChatGPT-4 continue to advance, companies will increasingly give in to temptation and rely on these tools for various tasks, including processing and analyzing sensitive data. Dasera’s comprehensive data security and governance controls can help identify inappropriate usage of sensitive data – such as an analyst feeding proprietary or private customer data into AI tools, enabling organizations to maintain visibility and control over their data assets even when a few bad apples engage with advanced AI solutions.

For a comprehensive understanding of Dasera’s data security platform, explore firsthand insights from their valued customer, Omada Health, or read their latest white paper to discover essential strategies for navigating the complexities of data management, culture, and security. 

Leave a comment »

Today’s Twitter News Has Elon Musk Saying That Encrypted DM’s Are Coming “Soon” To Twitter…. While Watering Down Protections For Trans People…. Along With Reaching Out To Advertisers

Posted in Commentary with tags on April 19, 2023 by itnerd

As part of Elon Musk’s interview with Fox News where he made a rather bonkers claim that Twitter DM’s were being accessed by the US Government, Elon has also come out with the claim that encrypted DM’s will be coming to the platform “soon”.

Now to be fair to Elon, which to be frank is a difficult thing to do, DM’s on Twitter were always problematic. I explain that in this story from last year where I gave you the reasoning why I was deleting all of my DMs. But that was based around the fact that Twitter could get pwned thanks to Elon’s takeover and make my DMs’s accessible to the planet. So from that perspective, encrypting them is a good move forward.

However, if I go back to looking at Elon Musk for what he is, it sounds like to me that he’s created a situation where he’s implying that the US Government is actively performing surveillance on Twitter users, and he’s going to save you from that. And though he didn’t say this, you’ll likely have to pay him $8 a month ($11 if you are on iOS) to be “saved”.

Meanwhile, it seems that Twitter is also doing something that is sure to raise the ire of many. It appears that long standing protections that have existed on the platform to protect Trans people are being quietly watered down:

The social network quietly removed a section from its hateful conduct policy, which forbade users from deliberate misgendering or “deadnaming” trans users.

Deadnaming is where someone calls a transgender person by the name they were given at birth, rather than the name and gender they now identify with.

Misgendering is where a person refers to someone using pronouns that do not reflect their gender identity.  

Twitter’s previous policy on hateful conduct included a section that barred repeated “targeted misgendering or deadnaming of transgender individuals”.

According to an archived version of Twitter’s policy, which bans attacks on protected categories, the rule was scrubbed on April 8 without announcement.

Sarah Kate Ellis, president of advocacy group GLAAD, said: “Twitter’s decision to covertly roll back its longtime policy is the latest example of just how unsafe the company is for users and advertisers alike.”

Every time I think that Elon has hit a new low, he surprises me by doing something that further lowers the bar. This is something that needs to be highlighted and in my opinion, Elon needs to answer to the fact that he’s clearly anti-Trans.

Finally, Elon has decided to reach out to advertisers to address their concerns. But …. :

Elon Musk said Tuesday Twitter was willing to work with brands on where their ads are displayed on the website, but insisted they will not be allowed to dictate Twitter’s content policy, days after the Twitter CEO claimed most advertisers—who had abandoned the platform after his take over last year—have returned.

Based on that, it sounds like most advertisers have not returned to the platform. Or they want Twitter not to be a train wreck next to a dumpster fire before they return. Because why would he make a statement like this if everything was back to normal when it came to advertisers on the platform? The answer is simple: Everything isn’t back to normal on that front. Oh yeah, there’s this from him as well:

The Twitter CEO said the social media company is willing to lose money, but will not comply with demands from advertisers on “what Twitter will do.”

Tough words from a guy who flip flops more than a gymnast. Seeing as he’s pretty desperate for Twitter to make money, I expect him to be walking those words back shortly.

Leave a comment »

New 2023 Adversary Tactics & Intelligence Threat Report Finds Record-Breaking 59% Increase in CVEs

Posted in Commentary with tags on April 19, 2023 by itnerd

Deepwatch has released its 2023 Adversary Tactics & Intelligence (ATI) Annual Threat Report, showcasing top cybersecurity threats SOC analysts faced in 2022 and predictions for 2023. 

Key findings include:

  • Ransomware attacks are becoming more frequent and demanding higher ransoms.
  • The Ukraine-Russia conflict spurs amateur and state-sponsored cyberattacks.
  • CISA reported 26,448 software security flaws, with CVEs up 59% from 2021.

The report examines emerging threats like information-stealing malware, exploitation of internet-facing vulnerabilities, and infected open-source code, emphasizing the need for increased vigilance. 

Deepwatch’s ATI team also highlights cybercriminals’ use of publicly available OSINT and analysis reports, potentially causing researchers to withhold critical information and diminishing the value of open-source intelligence.

You can read the report here.

Leave a comment »

Phishing Kits And AI Tools Fuel Surge In Phishing Campaigns

Posted in Commentary with tags on April 19, 2023 by itnerd

According to zero trust security vendor Zscaler’s ThreatLabz Phishing Report, phishing campaigns worldwide rose nearly 50% in 2022 driven partly by accessibility to phishing kits and new AI tools.

The report found that most new phishing attacks rely on stolen credentials and highlighted the growing threat from Adversary-in-the-Middle attacks, InterPlanetary File System (IPFS) hosting of pages, as well as reliance on phishing kits and AI tools like ChatGPT, contributing to the growth of phishing and significantly reducing the barriers to entry for criminals.

“Recent AI technology advances like ChatGPT make it easier for threat actors to develop malicious code, generate Business Email Compromise (BEC) attacks, create polymorphic malware, and more,” the report reads.

Key Findings:

  • Education was the most targeted industry, increasing by 576%
  • Phishing attacks rose 47.2%
  • AI tools have significantly contributed to the growth of phishing
  • Attackers evolving beyond SMS phishing to using voicemail related phishing (Vishing), luring victims into opening malicious attachments.
  • Sophisticated Adversary-in-Middle (AiTM) attacks are bypassing multifactor authentication (MFA)
  • Recruitment scams targeting job seekers are becoming more common

Matt Mullins, Senior Security Researcher, Cybrary had this to say:

   “Like clockwork, when a new tool or vector is introduced a new influx of phishing attacks are detected in the wild. The advent of ChatGPT creating more realistic emails, as well as rapidly expediting the writing time, has removed more of the barrier of entry to get a good phish out. The bar has been lowered significantly and now individuals do not need to have a strong command of English to create a legitimate looking email!

   “SMS phishing with voicemails being on the rise comes as no real shocker either-the advent of AI that can emulate a voice (or create a new voice entirely) has enabled the same acceleration that we saw with ChatGPT. While most people will watch funny YouTube videos where celebrities and famous individuals make snarky comments, attackers saw another opportunity in the voice emulation. Take into consideration the recently covered case where a mother was extorted for ransom money because attackers used AI to mock-up her daughters voice, implying that they had kidnapped her. This trend of human emulation will only get worse when deepfakes and AI powered video becomes more mainstream.

   “LinkedIn scams being on the rise is unfortunately linked to the job market and the economy in my opinion. This vector isn’t very new but does a great job of harvesting information or even getting credentials. Everyone is feeling the pinch of the economy being in a poor position and so the allure of a newer, higher paying, more respectable role is too enticing for most folks. This phishing example, along with the AI voice example, are also areas where folks are not trained to look for phishes as well. This makes it ripe for attack since individuals do not have the “muscle memory” to analyze and suspect what a phish might be.

   “Like the previous point about training and muscle memory, IPFS is something that is a newer vector for blue teams to detect. IPFS allows for file transfer via a non-standard process for enterprises and thus there will be extensive blind spots associated with this. While it is nothing new, this extra vector will more than likely create some headache for defenders as it is another detection to create for their enterprise. Strong endpoint protections and post exploitation detections will still prevent extensive damage to enterprises in the event of a successful attack using IPFS.

   “Lastly, the strategy of using AITM/MITM as an approach is also nothing new. Credential theft is a timeless strategy for APT groups, as they provide the strategic value of re-visiting those accounts when they have cooled off, access immediately for a smash-and-grab, or even the selling of credentials as an access broker. Multifactor authentication can help but even that is being bypassed in some capacity due to the ability of an attacker to reset or change MFA in most accounts. Having the account tied to an email that is immutable by the user (especially for a corporate account) can be a first step in that at least the user will receive notifications to their work email, notifying of the breach. For accounts where that is not possible, sending a verification of email change or modification that must be verified with the email visiting a link, can be another step in protection. With all protections though, there is no “silver bullet”!

Dave Ratner, CEO, HYAS adds this comment:

“We see phishing attacks growing in both number and efficacy, driven in part by new phishing kits and AI tools, and still believe that the best defense is a Protective DNS solution. Bad actors will become increasingly effective at sneaking past existing filters and tricking the targeted individuals, but a Protective DNS solution that knows good domains from bad will act as a backstop and ensure that people don’t fall for the phishing attacks by blocking the connections to nefarious websites, domains, and adversary infrastructure.”

This report should be considered required reading for those who are defending against these sorts of attacks as it is clear that the threat landscape has changed and adjustments need to be made in order to stay ahead of any attacks that are headed your way.

Leave a comment »

« Older Entries
Newer Entries »