Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC

Posted in Commentary with tags on February 1, 2023 by itnerd

Radiant Logic announced today that it has entered into a definitive agreement to acquire Brainwave GRC, a leader in Identity Governance and Analytics (IGA) headquartered in France. Together, Radiant Logic and Brainwave GRC address a broad set of identity use cases, and the acquisition accelerates the companies’ shared vision of an Identity Data Fabric that uses the science of data to ensure the right information is in place to make the right policy decisions.

The acquisition will strengthen both Radiant Logic and Brainwave GRC’s respective market positions as identity, analytics and intelligence experts by offering a new lightweight data-centric governance capability and a market-defining identity data intelligence platform. By combining their unique capabilities into a single platform, customers can speed time-to-value by eliminating burdensome IGA deployments and focusing on what really matters to audit and compliance teams—getting the right data, which can be trusted, in a timely manner.

The identity analytics and intelligence insights resulting from Radiant Logic + Brainwave’s data-driven approach will give unprecedented insight into near real-time user behavior within an enterprise environment, transforming how organizations detect cyberattacks, fraudulent activity, lateral movement from insider threats, and more. Radiant + Brainwave is a winning combination that will provide an unmatched Zero Trust and Identity-First Security foundation for enhanced data security, reduced audit and compliance costs, and improved understanding and visibility of malicious activity.

Established in 2010 in France, Brainwave GRC has a strong reputation in helping companies across EMEA ensure compliance and protect their assets from fraud and cyber threats. Brainwave GRC provides essential Access Governance reports that include access risks, accounts, attestations, and out-of-the-box reports for major compliance frameworks—a common requirement in highly regulated markets. Their light IGA capabilities complements Radiant Logic’s identity data management expertise, and is in-line with its strategic direction to expand its offerings in the IGA market segment.

Brainwave will maintain independent operations for the near-time, while both platforms continue to be supported, invested in, and integrated over time. The transaction is subject to customary closing conditions. Terms of the acquisition were not disclosed.

Leave a comment »

Twitter Usage Drops By 9% Since Elon Musk Took Over… But There’s More Details That You Should Pay Attention To

Posted in Commentary with tags on February 1, 2023 by itnerd

Buzzfeed has posted a story where the top line headline is that Twitter is shedding users to the tune of 9% who have left the platform. But there are other things to pay attention to. Specifically:

  • In October 2022, just before Musk took ownership, the study found, 32.4% of Americans were using Twitter. In December and January, that figure had dropped to 29.5%. 
  • The drop in users was mostly from Democrats, who quit Twitter at higher rates than independents or Republicans. Thirty-eight percent of those identifying as Democrats used Twitter in October, but that had dropped to 32.9% by January. The change in Republicans and independent users was statistically insignificant, the study found. 
  • Unsurprisingly, people who identified as Democrats were less trusting of Musk. Forty-eight percent said they do not trust him “at all” to do what’s right, and another 28% said they trusted him “not too much.”  
  • Trust in Twitter was never high, but it went up among Republicans after Musk took over as CEO. Previously, Democrats were more likely to trust that Twitter would do what’s right compared to Republicans, but as trust in Democrats sank and trust among Republicans rose, they met in the middle: both at 34%. 

I think this highlights the fact that Elon Musk has really slanted Twitter towards the right. Which seems completely incompatible with his pronouncements of being independent and wanting to have “free speech” despite doing things that run counter to free speech. My thought is that reports like this are likely to send more people to the exits as it will become more and more clear what Elon Musk is up to.

Leave a comment »

Fortra’s Terranova Security 2022 Gone Phishing Tournament Results Reveal Large Organizations at Highest Risk of Compromising Data

Posted in Commentary with tags on February 1, 2023 by itnerd

The new Phishing Benchmark Global Report, based on the 2022 Gone Phishing TournamentTMhosted by Fortra’s Terranova Security, reveals that large organizations of 10,000 employees or more are most susceptible to phishing attacks promising a gift, despite potentially having access to more cyber security resources than smaller businesses.

Co-sponsored by Microsoft, the annual tournament measures and evaluates how employees respond to one of the most common types of cyber threats – phishing attacks. The 2022 Phishing Benchmark Global Report results emphasize the growing need for all organizations to implement engaging and informative security awareness training programs. Ideally, those programs would leverage real-world phishing simulations to ensure employees are aware of the latest phishing tactics, can detect and report cyber threats and, in time, change unsafe online behaviors.

According to the report, many employees are still prone to answering requests for sensitive information – even when they come from unknown or suspicious email senders. This level of trust leaves an organization’s confidential data vulnerable to hackers. 

2022 Phishing Benchmark Global Report: Key Results

7 percent of all end users who participated in the 2022 phishing simulation clicked on the link in the phishing email. In addition, 3 percent of all end users failed to recognize the warning signs of the simulation’s webpage and proceeded to enter their credentials on the malicious webpage.

Despite the seemingly low totals, this year’s form completion rate poses a cause for concern. Globally, 44 percent of those who clicked on the phishing simulation link eventually completed the web form on the subsequent webpage and submitted their login credentials.

The simulation found that employees from large organizations are most susceptible to phishing attacks. According to participant data, organizations with 10,000 employees or more rarely missed security awareness training, indicating a potential lack of effectiveness. 

Other key data highlights from the fourth edition of this event include:

  • For click rates by industry, nonprofit, education, manufacturing, and food and agriculture exhibited the highest totals, all scoring over 6 percent. Meanwhile, participants from the public sector, energy, and finance industries kept their click rates under 3.5 percent.
  • The consumer products space had the highest form completion rate across all industries, with 40 percent of those who clicked on the initial phishing link eventually entering their credentials on the malicious webpage.
  • Europe was the top performer of the five regions represented, claiming the lowest email link click and form completion rates. North America, the top-performing region in 2021, slotted into second place.

2022 Phishing Benchmark Global Report: Methodology

The 2022 Gone Phishing Tournament took place in October to coincide with Cybersecurity Awareness Month. With over 250 participating organizations and over 1.2 million phishing emails sent out during this year’s event, it was one of the largest phishing simulations of its kind. The increase in the participation rate shows phishing is a major concern for many organizations considering the ever-evolving complex nature of real-world cyber threats.

Microsoft supplied this year’s email and webpage templates designed to imitate a real-world scenario that many employees experience: a gift card scam. The scenario, selected by the Terranova Security leadership team, measured several end-user behaviors, such as clicking on a link in the body of a phishing email and entering credentials into a form on a phishing webpage.

If users clicked on the link in the phishing simulation’s email, they were redirected to a landing page, which prompted them to enter credentials that, had the simulation been an actual attack, would have been compromised. If users completed this second step, they were brought to a phishing simulation feedback page highlighting the warning signs they missed and the best practices they should follow.

Though the 2022 Gone Phishing Tournament simulation was deemed easier than in previous years, the click rate and web form submission rate should still be considered high as a result. 

Download the 2022 Phishing Benchmark Global Report to get all the results and facts from the latest edition of the Gone Phishing Tournament.

Leave a comment »

Cradlepoint Expands 5G Portfolio with Innovative “Router-on-the-Roof” for Vehicles

Posted in Commentary with tags on February 1, 2023 by itnerd

Cradlepoint, the global leader in cloud-delivered LTE and 5G wireless network solutions, announces the R2100 Series 5G Ruggedized Router, adding to Cradlepoint’s growing 5G Wireless WAN portfolio. Built for vehicle and IoT networks, the sleek exterior-mounted solution provides mass transit, public safety, and other organizations that require a high-bandwidth IoT or mobile router with the latest cellular performance in a uniquely flexible and simplified form factor. 

As in-vehicle applications have rapidly advanced, more use cases have emerged, along with diverse deployment requirements. Designed to be mounted on the rooftop of a vehicle or attached to IoT cabinet enclosures, the R2100 integrates the modem, antennas, and router into a single aerodynamic, IP67-rated casing that guards against weather, vibration, and shock. The R2100 is sold with or without Wi-Fi 6 and can be deployed as a self-contained router or to supplement an existing router as a 5G adapter. Key benefits include:

  • Simplified router installation: Since antenna cables are no longer needed, many vehicle installations will only require one power cable and a single small hole to the router on the roof. Organizations with large fleets can significantly reduce installation complexity and cost.
  • Seamless 5G extension: Customers can add 5G to a current installation by deploying the R2100 in Captive Modem mode as an adapter that is controlled by an attached Cradlepoint router. The NetCloud management system treats the R2100 as an internal modem, eliminating the need for a separate license (saving the customer money).
  • Streamlined Wi-Fi addition: Similar to Cradlepoint’s unique Captive Modem capability, the R2100 Series can serve as an additional Wi-Fi source in captive mode to expand coverage for applications such as video offload, enhanced customer broadband, Computer Aided Dispatch connectivity while in the station, and more. Adding this Wi-Fi capability won’t incur an additional expense as all control and licensing is attributed to the incumbent router.
  • Straightforward third party 5G add-on: The R2100 can take the form of a 5G adapter that can be added to a third-party in-vehicle router via the WAN port.  
  • Easy edge computing with integrated containers: The R2100 is designed to support local containers for edge computing functionality. NetCloud handles container creation as well as container and workload distribution and connectivity, making deploying edge computing applications a simple and secure process.

The R2100 Series 5G Ruggedized Router is powered by Cradlepoint NetCloud, providing an enterprise-class, unified edge security solution for in-vehicle and IoT networks. For example, NetCloud gives vital public service agencies end-to-end encryption, industry-leading threat detection, and defence functionality to enable secure direct cloud and internet access for applications and IoT devices, with or without Wi-Fi. The R2100 can also support the NetCloud Exchange services which provide Zero Trust Network Access and 5G Optimized SD-WAN.

For more information on Cradlepoint’s R2100 Series 5G Ruggedized Router, please visit: https://cradlepoint.com/product/endpoints/r2100-series.

Leave a comment »

Anker FINALLY Admits That It Lied About End To End Encryption With Their Eufy Security Cameras

Posted in Commentary with tags , on February 1, 2023 by itnerd

You might recall that last year it was discovered that Eufy security cameras which were made by Anker, were not “end to end encrypted” despite what their advertising said. This link will give you my thoughts on this along with this follow up where they tried to make this issue go away via a software update that wasn’t really a software update, which didn’t go over well.

The Verge has been doing its best to get answers from Anker on this. And last night they finally did:

In a series of emails to The Verge, Anker has finally admitted its Eufy security cameras are not natively end-to-end encrypted — they can and did produce unencrypted video streams for Eufy’s web portal, like the ones we accessed from across the United States using an ordinary media player

But Anker says that’s now largely fixed. Every video stream request originating from Eufy’s web portal will now be end-to-end encrypted — like they are with Eufy’s app — and the company says it’s updating every single Eufy camera to use WebRTC, which is encrypted by default. Reading between the lines, though, it seems that these cameras could still produce unencrypted footage upon request. 

That’s not all Anker is disclosing today. The company has apologized for the lack of communication and promised to do better, confirming it’s bringing in outside security and penetration testing companies to audit Eufy’s practices, is in talks with a “leading and well-known security expert” to produce an independent report, is promising to create an official bug bounty program, and will launch a microsite in February to explain how its security works in more detail. 

Those independent audits and reports may be critical for Eufy to regain trust because of how the company has handled the findings of security researchers and journalists. It’s a little hard to take the company at its word!

I for one cannot take Anker at its word. Even with all of this, I don’t believe that this company can be trusted again regardless of the promises that it makes. And given that their cameras and other security products live inside your homes, you should not trust them either. This company needs to disappear from the face of the Earth as either screwing up to this degree or outright lying is completely unacceptable. And there must be some sort of punishment for that that deters others from pulling this sort of stunt. So if governments won’t act to ban Anker, consumers should be voting with their wallets to make sure that companies think twice about doing something like this.

Leave a comment »

Review: Apple Black Unity Sport Loop

Posted in Products with tags on February 1, 2023 by itnerd

February is Black History Month and Apple over the last couple of years has released a limited edition Apple Watch band. Two years ago they released a Black Unity Sport band. Last year they released and I reviewed a Braided Solo Loop Band, and this year they’ve released a Sport Loop version. Let’s have a look at it:

Just like last year it comes in a black box that highlights the band.

On the back of the box, it’s mentioned that Apple supports racial equity and justice.

Inside the box you get two things. A thick piece of paper that says “unity” on it in the Pan African colours, and the band itself.

Opening the piece of paper that says “unity” you get this text in a number of languages.

And here’s the sport band in the Pan African colours. One thing that is interesting is that the yellow that you see in the band is really a combination of red and green woven to make it look yellow. That’s a clever trick. The black sections that make up the word “UNITY” on the band are raised and are soft to the touch. As for what it feels like when you wear it, well it feels like your typical sport loop to be honest. That is that it is comfortable and stretches a bit.

On the inside of the band, you get this “Black Unity” label.

And here’s the band on my Apple Watch Ultra with the Unity Mosaic watch face which showed up in watchOS 9.3. There’s a matching iPhone wallpaper that was added to iOS 16.3.

This band is at $59 CDN is far more affordable than the $119 CDN that last year’s band went for. Thus I suspect that you’ll see a lot more of them in the wild. And the fact that it has a meaning and a message, as well as the fact that it supports efforts for racial justice is something that should make Apple Watch owners want to grab one.

Leave a comment »

BEC Threat Group CC’s Impersonated Executives for Convincing Third-Party Reconnaissance Attacks

Posted in Commentary with tags on February 1, 2023 by itnerd

In contrast to other forms of financial supply chain compromise, third-party reconnaissance occurs when an attacker knows a relationship between two organizations but has limited or no knowledge about actual outstanding payments. Abnormal Security is today revealing that attackers are finding new ways to use vendor relationships to run BEC attacks, even when they don’t know anything about the relationship between the two parties.

The Abnormal Threat Intel team has identified 300+ BEC campaigns attributable to threat group Firebrick Ostrich dating to April 2021. These campaigns impersonated 100+ different third parties using 200+ malicious registered domains. The group’s use of newly-registered domains highlights how young domains can be used as an effective signal to identify threats. Abnormal Security has seen Firebrick Ostrich target organizations in various industries, including financial services, healthcare, education, hospitality, and retail. 

You can read the report here.

Leave a comment »

Threat Analyst Finds 73% Increase In Leaked Security Credentials/Certificates Advertised on Underground Markets Capitalizing on Layoffs

Posted in Commentary with tags on February 1, 2023 by itnerd

As mass layoffs and unemployment rates continue to rise to its peak, people are clamouring to find jobs and even resorting to alternatives: gaining access shortcuts to certification on the dark web, including fake certificates and diplomas, cheating services for exams, and leaked courses. This is according to a new report from Dov Lerner, Head of Threat Research at Cybersixgill. In the report it is noted that there is a 73% Increase in Leaked Courses Advertised on Underground Markets. 

You can read the full report here.

Leave a comment »

Apple Is Now Up To FOUR Lawsuits Over Privacy Issues On The iPhone

Posted in Commentary with tags on January 31, 2023 by itnerd

To recap this story, you may recall that last year that a security researcher named Tommy Mysk discovered that regardless of whether you allowed your iPhone to send analytics data to Apple or not, iPhones and specifically Apple apps were sending that data anyway. That led to a lawsuit. Which then became two lawsuits, then three lawsuits. Now we have the fourth lawsuit as spotted by The Register:

The complaint [PDF], filed in Northern California District Court on behalf of plaintiff Julie Cima, claims Apple captures iPhone customer data despite device settings declaring a preference that information should not be shared.

“Apple records consumers’ personal information and activity on its consumer mobile devices and applications (‘apps’), even after consumers explicitly indicate through Apple’s mobile device settings that they do not want their data and information shared,” the complaint, filed this week, says. “This activity amounts to an enormous wealth of data that Apple collects and uses for its financial gain.”

I’ve said this before and I will say it again. Apple trades on being more private than the other guy. The other guy being Android. And these lawsuits really take that perception and rips it to shreds. And as more of these lawsuits get filed, because you know that there are more lawsuits coming, that’s only going to get worse for Apple. Thus they really need to speak to this, and do so quickly. The problem is that Apple isn’t going to do that, and that will make things worse for the folks at Apple Park.

Sucks to be you Apple.

Leave a comment »

GitHub Revoking Code Signing Certificates That Were Stolen By An Unknown Threat Actor

Posted in Commentary with tags , on January 31, 2023 by itnerd

GitHub is disclosed that unknown attackers have stolen encrypted code-signing certificates for its Desktop and Atom applications after gaining access to some of its development and release planning repositories. Details of this can be found over at Bleeping Computer:

So far, GitHub has found no evidence that the password-protected certificates (one Apple Developer ID certificate and two Digicert code signing certificates used for Windows apps) were used for malicious purposes.

“On December 6, 2022, repositories from our atom, desktop, and other deprecated Github-owned organizations were cloned by a compromised Personal Access Token (PAT) associated with a machine account,” GitHub said.

“Once detected on December 7, 2022, our team immediately revoked the compromised credentials and began investigating potential impact to customers and internal systems. None of the affected repositories contained customer data.”

The company added that there is no risk to GitHub.com services due to this security breach and that no unauthorized changes were made to the affected projects.

However, the compromised certificates will be revoked to invalidate the GitHub Desktop for Mac and Atom versions signed using them.

Kevin Bocek, VP Security Strategy and Threat Intelligence at Venafi explains the impact of this: 

GitHub is hugely valuable for developers: over 100 million developers use the platform, and the Fortune 500 and every major software developer from Microsoft to Google rely on it. It’s no surprise that it’s become a focus point for attackers too. Unknown threat actors have stolen code-signing machine identities after gaining access to some of its development and release planning repositories. This enables attackers to masquerade their software as coming from GitHub. 

In the wrong hands, these machine identities could be used to pose as trusted, enabling an attacker to sign and send malicious content that will be authenticated by other machines as coming from GitHub. This is a powerful weapon that can enable supply chain attacks on other software developers and unknown possible subsequent (or past) attacks.

This is one more example of how engineering teams moving fast can create new opportunity for attack. Machine identity management is no longer optional. Code signing machine identities can’t be left unguarded with constant observability and control. The ability to rapidly find and reissue machine identities is impossible to do manually. To protect against events such as these, which are becoming increasingly common, security engineering teams must deploy a control plane for automating machine identity management. By doing so they continuously protect machine identities from theft and avoid manual rotation, replacement, and revocation that slows down engineering teams and leads to shortcuts that create breaches.

GitHub has this advice for affected users:

“On January 4, 2023, we published a new version of the Desktop app. This version is signed with new certificates that were not exposed to the threat actor,” GitHub added.

“We highly recommend updating Desktop and/or downgrading Atom before February 2 to avoid disruptions in your workflows.”

I would be taking that advice and acting upon it as soon as possible.

Leave a comment »

« Older Entries
Newer Entries »