Dasera Raises $12 Million Series A Funding 

Posted in Commentary with tags on April 19, 2023 by itnerd

Dasera, the premier data security platform specializing in automated data security and governance solutions for top-tier finance, healthcare, and technology enterprises, proudly announces today that it has successfully raised $12 million in Series A funding, led by Storm Ventures. Additional participation from Correlation Ventures, Mighty Capital, Tau Ventures, Intuitive Cloud, and existing investors Sierra Ventures and Saama Capital brings Dasera’s total funding to $20 million. This investment will fuel product development, broaden market presence, and bolster customer support.

As the world migrates to the cloud, modern data security and governance teams grapple with data sprawl, generating exponential governance challenges, security issues, compliance violations, and data misuse. Today’s organizations require a comprehensive security and governance solution that proactively manages their data risk posture on-prem and cloud environments.

Dasera’s data security platform fosters a culture of trust, collaboration, and innovation, creating   data-driven environments. Its solution empowers organizations to unleash the full potential of their data confidently, maintaining a competitive edge in the ever-evolving landscape.

Dasera empowers organizations to harness their data securely, providing automated data security and governance controls for on-prem and cloud environments. Balancing data accessibility with minimized risk, Dasera offers contextualized visibility and understanding of the four data variables: Data infrastructure, data and its attributes, data users, and data usage.  With real-time monitoring, an open platform standard that integrates and ingests context from any tool, and cross-functional workflows that streamline the incident response process, Dasera detects and remediates potential data misuse or leaks, ensuring safe and compliant data-driven decision-making.

As AI technologies like ChatGPT-4 continue to advance, companies will increasingly give in to temptation and rely on these tools for various tasks, including processing and analyzing sensitive data. Dasera’s comprehensive data security and governance controls can help identify inappropriate usage of sensitive data – such as an analyst feeding proprietary or private customer data into AI tools, enabling organizations to maintain visibility and control over their data assets even when a few bad apples engage with advanced AI solutions.

For a comprehensive understanding of Dasera’s data security platform, explore firsthand insights from their valued customer, Omada Health, or read their latest white paper to discover essential strategies for navigating the complexities of data management, culture, and security. 

Leave a comment »

Today’s Twitter News Has Elon Musk Saying That Encrypted DM’s Are Coming “Soon” To Twitter…. While Watering Down Protections For Trans People…. Along With Reaching Out To Advertisers

Posted in Commentary with tags on April 19, 2023 by itnerd

As part of Elon Musk’s interview with Fox News where he made a rather bonkers claim that Twitter DM’s were being accessed by the US Government, Elon has also come out with the claim that encrypted DM’s will be coming to the platform “soon”.

Now to be fair to Elon, which to be frank is a difficult thing to do, DM’s on Twitter were always problematic. I explain that in this story from last year where I gave you the reasoning why I was deleting all of my DMs. But that was based around the fact that Twitter could get pwned thanks to Elon’s takeover and make my DMs’s accessible to the planet. So from that perspective, encrypting them is a good move forward.

However, if I go back to looking at Elon Musk for what he is, it sounds like to me that he’s created a situation where he’s implying that the US Government is actively performing surveillance on Twitter users, and he’s going to save you from that. And though he didn’t say this, you’ll likely have to pay him $8 a month ($11 if you are on iOS) to be “saved”.

Meanwhile, it seems that Twitter is also doing something that is sure to raise the ire of many. It appears that long standing protections that have existed on the platform to protect Trans people are being quietly watered down:

The social network quietly removed a section from its hateful conduct policy, which forbade users from deliberate misgendering or “deadnaming” trans users.

Deadnaming is where someone calls a transgender person by the name they were given at birth, rather than the name and gender they now identify with.

Misgendering is where a person refers to someone using pronouns that do not reflect their gender identity.  

Twitter’s previous policy on hateful conduct included a section that barred repeated “targeted misgendering or deadnaming of transgender individuals”.

According to an archived version of Twitter’s policy, which bans attacks on protected categories, the rule was scrubbed on April 8 without announcement.

Sarah Kate Ellis, president of advocacy group GLAAD, said: “Twitter’s decision to covertly roll back its longtime policy is the latest example of just how unsafe the company is for users and advertisers alike.”

Every time I think that Elon has hit a new low, he surprises me by doing something that further lowers the bar. This is something that needs to be highlighted and in my opinion, Elon needs to answer to the fact that he’s clearly anti-Trans.

Finally, Elon has decided to reach out to advertisers to address their concerns. But …. :

Elon Musk said Tuesday Twitter was willing to work with brands on where their ads are displayed on the website, but insisted they will not be allowed to dictate Twitter’s content policy, days after the Twitter CEO claimed most advertisers—who had abandoned the platform after his take over last year—have returned.

Based on that, it sounds like most advertisers have not returned to the platform. Or they want Twitter not to be a train wreck next to a dumpster fire before they return. Because why would he make a statement like this if everything was back to normal when it came to advertisers on the platform? The answer is simple: Everything isn’t back to normal on that front. Oh yeah, there’s this from him as well:

The Twitter CEO said the social media company is willing to lose money, but will not comply with demands from advertisers on “what Twitter will do.”

Tough words from a guy who flip flops more than a gymnast. Seeing as he’s pretty desperate for Twitter to make money, I expect him to be walking those words back shortly.

Leave a comment »

New 2023 Adversary Tactics & Intelligence Threat Report Finds Record-Breaking 59% Increase in CVEs

Posted in Commentary with tags on April 19, 2023 by itnerd

Deepwatch has released its 2023 Adversary Tactics & Intelligence (ATI) Annual Threat Report, showcasing top cybersecurity threats SOC analysts faced in 2022 and predictions for 2023. 

Key findings include:

  • Ransomware attacks are becoming more frequent and demanding higher ransoms.
  • The Ukraine-Russia conflict spurs amateur and state-sponsored cyberattacks.
  • CISA reported 26,448 software security flaws, with CVEs up 59% from 2021.

The report examines emerging threats like information-stealing malware, exploitation of internet-facing vulnerabilities, and infected open-source code, emphasizing the need for increased vigilance. 

Deepwatch’s ATI team also highlights cybercriminals’ use of publicly available OSINT and analysis reports, potentially causing researchers to withhold critical information and diminishing the value of open-source intelligence.

You can read the report here.

Leave a comment »

Phishing Kits And AI Tools Fuel Surge In Phishing Campaigns

Posted in Commentary with tags on April 19, 2023 by itnerd

According to zero trust security vendor Zscaler’s ThreatLabz Phishing Report, phishing campaigns worldwide rose nearly 50% in 2022 driven partly by accessibility to phishing kits and new AI tools.

The report found that most new phishing attacks rely on stolen credentials and highlighted the growing threat from Adversary-in-the-Middle attacks, InterPlanetary File System (IPFS) hosting of pages, as well as reliance on phishing kits and AI tools like ChatGPT, contributing to the growth of phishing and significantly reducing the barriers to entry for criminals.

“Recent AI technology advances like ChatGPT make it easier for threat actors to develop malicious code, generate Business Email Compromise (BEC) attacks, create polymorphic malware, and more,” the report reads.

Key Findings:

  • Education was the most targeted industry, increasing by 576%
  • Phishing attacks rose 47.2%
  • AI tools have significantly contributed to the growth of phishing
  • Attackers evolving beyond SMS phishing to using voicemail related phishing (Vishing), luring victims into opening malicious attachments.
  • Sophisticated Adversary-in-Middle (AiTM) attacks are bypassing multifactor authentication (MFA)
  • Recruitment scams targeting job seekers are becoming more common

Matt Mullins, Senior Security Researcher, Cybrary had this to say:

   “Like clockwork, when a new tool or vector is introduced a new influx of phishing attacks are detected in the wild. The advent of ChatGPT creating more realistic emails, as well as rapidly expediting the writing time, has removed more of the barrier of entry to get a good phish out. The bar has been lowered significantly and now individuals do not need to have a strong command of English to create a legitimate looking email!

   “SMS phishing with voicemails being on the rise comes as no real shocker either-the advent of AI that can emulate a voice (or create a new voice entirely) has enabled the same acceleration that we saw with ChatGPT. While most people will watch funny YouTube videos where celebrities and famous individuals make snarky comments, attackers saw another opportunity in the voice emulation. Take into consideration the recently covered case where a mother was extorted for ransom money because attackers used AI to mock-up her daughters voice, implying that they had kidnapped her. This trend of human emulation will only get worse when deepfakes and AI powered video becomes more mainstream.

   “LinkedIn scams being on the rise is unfortunately linked to the job market and the economy in my opinion. This vector isn’t very new but does a great job of harvesting information or even getting credentials. Everyone is feeling the pinch of the economy being in a poor position and so the allure of a newer, higher paying, more respectable role is too enticing for most folks. This phishing example, along with the AI voice example, are also areas where folks are not trained to look for phishes as well. This makes it ripe for attack since individuals do not have the “muscle memory” to analyze and suspect what a phish might be.

   “Like the previous point about training and muscle memory, IPFS is something that is a newer vector for blue teams to detect. IPFS allows for file transfer via a non-standard process for enterprises and thus there will be extensive blind spots associated with this. While it is nothing new, this extra vector will more than likely create some headache for defenders as it is another detection to create for their enterprise. Strong endpoint protections and post exploitation detections will still prevent extensive damage to enterprises in the event of a successful attack using IPFS.

   “Lastly, the strategy of using AITM/MITM as an approach is also nothing new. Credential theft is a timeless strategy for APT groups, as they provide the strategic value of re-visiting those accounts when they have cooled off, access immediately for a smash-and-grab, or even the selling of credentials as an access broker. Multifactor authentication can help but even that is being bypassed in some capacity due to the ability of an attacker to reset or change MFA in most accounts. Having the account tied to an email that is immutable by the user (especially for a corporate account) can be a first step in that at least the user will receive notifications to their work email, notifying of the breach. For accounts where that is not possible, sending a verification of email change or modification that must be verified with the email visiting a link, can be another step in protection. With all protections though, there is no “silver bullet”!

Dave Ratner, CEO, HYAS adds this comment:

“We see phishing attacks growing in both number and efficacy, driven in part by new phishing kits and AI tools, and still believe that the best defense is a Protective DNS solution. Bad actors will become increasingly effective at sneaking past existing filters and tricking the targeted individuals, but a Protective DNS solution that knows good domains from bad will act as a backstop and ensure that people don’t fall for the phishing attacks by blocking the connections to nefarious websites, domains, and adversary infrastructure.”

This report should be considered required reading for those who are defending against these sorts of attacks as it is clear that the threat landscape has changed and adjustments need to be made in order to stay ahead of any attacks that are headed your way.

Leave a comment »

OT/IoT Security Firm to Join AWS ISV Partner Program for Advanced Cloud Cybersecurity and Analytics

Posted in Commentary with tags on April 19, 2023 by itnerd

Nozomi Networks, Inc., a leader in operational technology (OT) and Internet of Things (IoT) security, strengthens its cloud strategy by joining the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate program, a co-sell program for AWS Partners that provides software solutions that run on or integrate with AWS. This will allow AWS sales teams to promote the Nozomi Networks Vantage platform to millions of customers worldwide. Vantage™ is hosted on AWS and is a cloud-based OT/IoT network security solution that equips security professionals and industrial operators with actionable, AI-driven insights to manage risk and speed precise remediation. Now, Vantage is available for purchase in AWS Marketplace. 

Vantage is designed to give AWS customers a seamless platform for aggregating, analyzing and monitoring OT systems and data in the cloud with a range of flexible, cost-effective deployment options ideally suited for physical processes. With the rapid emergence of IoT environments and 5G networks, there is growing recognition that cloud networks need access to physical, real-world data which Vantage can deliver for AWS cloud applications. 

AWS customers who choose Nozomi Networks Vantage can benefit from an enhanced cybersecurity monitoring and asset intelligence solution that aggregates and analyzes data from physical devices, and then processes and responds to critical issues across large, global enterprises. 

The AWS ISV Accelerate Program is a co-sell program for organizations that provide software solutions that run on or integrate with AWS. The program helps drive new business and accelerate sales cycles by connecting participating ISVs with the AWS Sales organization.

Visit AWS Marketplace to purchase Nozomi Networks solutions.

More information on the Nozomi Networks and AWS can be found on the Nozomi Networks AWS microsite.

Leave a comment »

ESET Discovers Corporate Secrets and Data on Recycled Company Routers

Posted in Commentary with tags on April 18, 2023 by itnerd

 ESET, a global leader in digital security, today unveiled new research into corporate network devices that were disposed of and sold on the secondary market. After looking at configuration data from 16 distinct network devices, ESET found that over 56% – nine routers – contained sensitive company data.

Of the nine networks that had complete configuration data available:  

  • 22% contained customer data
  • 33% exposed data allowing third-party connections to the network
  • 44% had credentials for connecting to other networks as a trusted party
  • 89% itemized connection details for specific applications
  • 89% contained router-to-router authentication keys
  • 100% contained one or more of IPsec or VPN credentials, or hashed root passwords
  • 100% had sufficient data to reliably identify the former owner/operator

Organizations often recycle aging tech through third-party companies that are charged with verifying the secure destruction or recycling of digital equipment and the disposal of the data contained therein. Whether an error by an e-waste company or the company’s own disposal processes, a range of data was found on the routers,

  • Third-party data: As we have seen in real-world cyberattacks, a breach of one company’s network can proliferate to their customers, partners, and other businesses with whom they may have connections.
  • Trusted parties: Trusted parties (which could be impersonated as a secondary attack vector) would accept certificates and cryptographic tokens found on these devices, allowing a very convincing adversary in the middle (AitM) attack with trusted credentials, capable of syphoning off corporate secrets, with victims unaware for extended periods.
  • Customer data: In some cases, core routers point to internal and/or external information stores with specific information about their owners’ customers, sometimes stored on premises, which can open customers up to potential security issues if an adversary is able to gain specific information about them.
  • Specific applications: Complete maps of major application platforms used by specific organizations, both locally hosted and in the cloud, were scattered liberally throughout the configurations of these devices. These applications range from corporate email to trusted client tunnels for customers, physical building security such as specific vendors and topologies for proximity access cards and specific surveillance camera networks, and vendors, sales and customer platforms, to mention a few. Additionally, ESET researchers were able to determine over which ports and from which hosts those applications communicate, which ones they trust, and which ones they do not. Due to the granularity of the applications and the specific versions used in some cases, known vulnerabilities could be exploited across the network topology that an attacker would already have mapped.
  • Extensive core routing information: From core network routes to BGP peering, OSPF, RIP and others, ESET found complete layouts of various organizations’ inner workings, which would provide extensive network topology information for subsequent exploitation, were the devices to fall into the hands of an adversary. Recovered configurations also contained nearby and international locations of many remote offices and operators, including their relationship to the corporate office – more data that would be highly valuable to potential adversaries. IPsec tunneling can be used to connect trusted routers to each other, which can be a component of WAN router peering arrangements and the like.
  • Trusted operators: The devices were loaded with potentially crackable or directly reusable corporate credentials – including administrator logins, VPN details, and cryptographic keys – that would allow bad actors to seamlessly become trusted entities and thus to gain access across the network.

The routers in this research originated at organizations ranging from medium-sized businesses to global enterprises in a variety of industries (data centers, law firms, third-party tech providers, manufacturing and tech companies, creative firms, and software developers). As part of the discovery process, ESET, where possible, disclosed the findings to each identified organization – several of them household names – collaborating to ensure they were aware of the details potentially compromised by others in the chain of custody of the devices. Some of the organizations with compromised information were shockingly unresponsive to ESET’s repeated attempts to connect, while others showed proficiency, handling the event as a full-blown security breach.

Organizations are reminded to verify that they are using a trusted, competent third party to dispose of devices, or that they are taking all the necessary precautions if handling the decommissioning themselves. That should extend past routers and hard drives to any device that’s part of the network. Many organizations in this research probably felt that they were contracting with reputable vendors, but their data still leaked. With this in mind, it’s recommended that organizations follow the manufacturer’s guidelines for removing all data from a device before it physically leaves their premises, which is a simple step that many IT staff can handle.

Organizations are reminded to treat disclosure notifications seriously. Doing otherwise may leave them vulnerable to a costly data breach and significant reputational damage. 

At RSA 2023, this research called “We (Could Have) Cracked Open the Network for Under $100” will be presented on April 24, 2023, at 9:40 a.m. PT.

To read the white paper, which includes resources on secure device disposal, visit WeLiveSecurity.

Leave a comment »

Elon Musk Responds To CBC “Government Funded” Label Gong Show In The Most Immature Way Possible

Posted in Commentary with tags on April 18, 2023 by itnerd

You might recall that several public broadcasters including the CBC were slapped with a “Government Funded” label on Twitter. Many of these broadcasters objected to this. And in the case of some including the CBC, they’ve stopped posting to Twitter. Then this happened:

Late Monday, Twitter CEO Elon Musk tweeted, “Their concern has been addressed,” with the CBC label changed to “70% Government-funded Media.” About an hour later, it changed again to “69% Government-funded Media,” reflecting what Musk said was based on the CBC’s government funding of “less than 70%.”

For transparency, here’s the breakdown in terms of what the CBC gets from the government:

In 2021-22, the CBC received more than $1.2 billion in government funding, a decrease from about $1.4 billion the year before. That compares with other revenue of $650 million in 2021-22 and $500 million the year before.

This is a really pathetic move by Elon. He truly thinks this is funny. But it isn’t. It only shows what an immature loser he is. It would really be wise of him to stop doing stuff like this if he wants to be taken seriously. Though part of me thinks that he doesn’t care as he’s clearly intent on driving Twitter into a brick wall as fast as he can.

Leave a comment »

Veridas Facial Biometrics Among The Four Best In The WorldAccording to NIST

Posted in Commentary with tags on April 18, 2023 by itnerd

 Veridas, a Spanish technology company specializing in digital identity and biometrics, is positioned in fourth place among the best facial biometrics engines among the nearly 150 algorithms submitted to the evaluation conducted by the National Institute of Standards and Technology (NIST), considered the most prestigious body in the assessment of biometric engines in the world. 

Veridas joins the world elite in this sector. The company from Navarre has achieved its best result in the most demanding category possible: the evaluation of one out of many (1:N) with a sample size (N) of 12 million. Specifically, it has registered a False Negative Identification Rate (FNIR) of 0.0232 for a False Positive Identification Rate (FPIR) of 0.001.

Thus, when searching for a known subject in a database of 12 million records, the Veridas engine will find the correct individual as the first candidate 97.68% of the time. This facial biometric engine is also the same one that is already available in production for the company’s more than 250 Tier 1 customers in more than 25 countries. 

Veridas has achieved iBeta’s most advanced evaluation in life detection

The Veridas engine analyzes a facial image, which is then converted into an irreversible vector, making it impossible to recover the original image if that vector is lost. The vectors obtained from the images are then compared to determine the similarity score between the two images. In addition, the company has achieved iBeta’s most advanced evaluation in life detection, being one of the few companies in the world to hold both Level 1 and Level 2 status.

Veridas is once again at the top of the NIST recognition list. In fact, in the voice biometrics and combined voice and facial biometrics evaluations, the company has achieved second and first place, respectively.

In its commitment to be at the forefront of transparency, auditing and reliability of its biometric solutions, Veridas has been one of the first companies worldwide to perform a ‘Diagnosis on the ethical principles of Artificial Intelligence‘ and has passed the iBeta PAD Level 2 evaluation for its liveness detection technology. Additionally, Veridas has connected its Identity Verification Platform with the American Association of Motor Vehicle Administrators (AAMVA) database to offer their US customers a more robust and secure ID verification solution. 

Leave a comment »

The NIKKOR Z DX 12-28mm f/3.5-5.6 PZ VR Power-Zoom Ultra-Wide Angle Lens Is The Latest Addition To Nikon’s Growing Toolkit for Creators

Posted in Commentary with tags on April 18, 2023 by itnerd

Nikon Canada Inc. has announced the NIKKOR Z DX 12-28mm f/3.5-5.6 PZ VR, the ultra-wide angle lens made for content creators and vloggers. This latest lightweight lens is the widest NIKKOR Z DX-format lens yet, and has the added benefit of a power zoom (PZ) for more creative versatility and great looking video. The 12-28mm f/3.5-5.6 PZ VR is designed to capture sharp and immersive content that lets you get more of what matters in the frame; more friends, more expansive landscapes and more freedom to create without limits. 

Featuring an extremely versatile zoom range from an ultra-wide angle of 12mm to 28mm, this lens is a must-have for any vlogger or creator who wants to get the whole story in the shot, and dynamically change-up the frame smoothly and consistently. The ultra-wide angle is also great for everything from larger-than-life landscapes, grand interiors, tabletop photos and group selfies where no one gets left out. Surprisingly small and light for such a wide zoom, the NIKKOR Z DX 12-28mm weighs only approximately 7.3 oz, making it easy to hold with an extended arm. It’s perfectly mated to lightweight cameras such as the ultra-compact and capable Nikon Z 30, Z 50 or the retro inspired Z fc.

The Lens Made for Content Creators 
The NIKKOR Z DX 12-28mm f/3.5-5.6 PZ VR is the first NIKKOR Z lens utilizing a power zoom with linear drive, providing smooth optical zoom and other thoughtful features for creators to enhance and simplify their video recording experience. The power zoom function easily and effortlessly zooms in close to a subject, or zooms out to truly establish the scene. To suit any shooting style, the zoom can be activated by twisting the customizable zoom ring on the barrel, with designated buttons on the camera body, or when using the ML-L7 Remote Control (included in the Z 30 Creator’s Accessory Kit). The zoom can also be controlled remotely through a PC or phone with the SnapBridge app. Additionally, the zoom rate can be selected from 11 speed settings, within the range of 0.55 to 36 seconds, for maximum consistency when reframing your shot or adding dramatic creative flair.

Autofocus is sharp, reliable and fast, working flawlessly with the eye-detection AF in Nikon cameras to keep focus on you or your subject. The lens features an STM motor drive, making it extremely silent when focusing, so viewers won’t be disturbed by the sound of camera operation. What’s more, when transitioning to a close-up of a subject, the 12-28mm has a very close minimum focus distance of only 0.19 m (0.62 ft). This lets users seamlessly move the focus from their face to a product in-hand, while the image stays sharp. 

Realizing that the best content often happens in real time, the lens is stabilized with Vibration Reduction (VR) that provides an effect equivalent to a shutter speed 4.5 stops faster. This function makes it easy to capture run-and-gun footage without the distracting camera shake or shoot in low-light with minimal blur. Because of its small size and versatile angle of view, this lens is also well-suited for creating steady footage with gimbals.

Main Features of the NIKKOR Z DX 12-28mm f/3.5-5.6 PZ VR:

  • Ultra-wide angle lens is ideal for vlogging and wide establishing shots but also landscapes, interior photography and city streets.
  • Power zoom function provides smooth, consistent optical zoom that’s fully customizable with varying speeds, which can be engaged with camera buttons, zoom ring or used remotely.
  • VR Image Stabilization reduces camera shake with up to 4.5 stops of compensation for stable video and sharp images.  
  • Close minimum focusing distance of 0.62 ft and maximum reproduction ratio of 0.21x allow for sharp and detailed shots of products, flowers, nature and other intricate details.
  • Ultra-compact and lightweight design makes it easy to use and carry anywhere.
  • The body of the NIKKOR Z DX 12-28mm has been designed carefully to deliver dust- and drip-resistant performance, with a sealing that prevents any dust or water droplets from entering the lens.

Price and Availability
The new NIKKOR Z DX 12-28mm f/3.5-5.6 PZ VR will be available in May 2023 for a manufacturer’s suggested retail price of $499.95. For more information about the latest Nikon products, including other NIKKOR Z lenses and the entire collection of Z series cameras, please visit www.nikon.ca 

Leave a comment »

Elon Musk Tinkers With Twitter Again…. This Time He’s Adding Labels To Tweets And Is Trying To Not Censor Anything

Posted in Commentary with tags on April 18, 2023 by itnerd

I’m going to go out on a limb and say that Elon Musk’s latest attempt to tinker with how Twitter works is going to end badly. Here’s what he’s up to this time:

There’s also a blog post with more details.

So, Elon is preaching “freedom of speech, not reach” which I guess is supposed to align with his free speech absolutist view of the universe. Which we already know is total BS at this point. The problem in my mind with this approach is that this is literally censoring on an arbitrary definition of what’s considered speech that someone doesn’t like. And that someone is likely to be Elon. I can’t see how this is a win for anyone. Especially Twitter.

Don’t be surprised if the blowback from this causes him to reverse course. Again.

Leave a comment »

« Older Entries
Newer Entries »