New LinkedIn Data On the 20 Fastest-Growing Job Titles in Canada

Posted in Commentary with tags on January 18, 2023 by itnerd

Despite economic uncertainty and global hiring slowing down, a recent global survey from LinkedIn reveals that 60% of professionals are considering a new job this year – driven by the desire for bigger salaries as the cost-of-living increases. The survey found that 38% desire higher pay while also revealing that 30% are looking to pursue a better work-life balance.  

To provide insight on these trends, LinkedIn’s 2023 Jobs on the Rise list shows the 20 fastest-growing jobs in Canada, offering insights into where job seekers can find opportunity and stability as they search for their next role. The report features links to open positions, average salaries, remote work availability, the top skills for each role along with free LinkedIn Learning courses.  

The top 5 roles in Canada include:  

  1. Growth Marketing Manager – including work in sales, marketing, and communications, and using data to develop and communicate strategies and processes to increase business revenue. 
  2. Product Operations Manager  usually have a cross-functional role, working with management and companies’ various teams to build and oversee the effectiveness of business processes, operations, products and/or services. 
  3. Dispensary Technician – typically involves taking and filing out orders at cannabis dispensaries. 
  4. Technical Program Manager – work involves developing and managing organizations’ various technical projects and programs. 
  5. Sustainability Manager – works to balance an organizations’ needs with its capacity for sustained profitability, involving the monitoring and forecasting of its impact on the surrounding environment.    

The full list, including industry, region, and salary insights for each role can be found here.

Methodology 

LinkedIn Economic Graph researchers examined millions of jobs started by LinkedIn members from January 1, 2018 to July 31, 2022 to calculate a growth rate for each job title. To be ranked, a job title needed to see consistent growth across our membership base, as well as have grown to a meaningful size by 2022. Identical job titles across different seniority levels were grouped and ranked together. Internships, volunteer positions, interim roles and student roles were excluded, and jobs where hiring was dominated by a small handful of companies in each country were also excluded. Additional data points for each of the job titles are based on LinkedIn profiles of members holding the title and/or open jobs for that title in the country. 

Leave a comment »

Microsoft Slashes 10,000 Jobs

Posted in Commentary with tags on January 18, 2023 by itnerd

News is filtering out that Microsoft is going to cut 10,000 jobs. Here’s the reason behind this according to a blog post from Microsoft:

We’re living through times of significant change, and as I meet with customers and partners, a few things are clear. First, as we saw customers accelerate their digital spend during the pandemic, we’re now seeing them optimize their digital spend to do more with less. We’re also seeing organizations in every industry and geography exercise caution as some parts of the world are in a recession and other parts are anticipating one. At the same time, the next major wave of computing is being born with advances in AI, as we’re turning the world’s most advanced models into a new computing platform.

As a result of this, this is where the job cuts come in:

First, we will align our cost structure with our revenue and where we see customer demand. Today, we are making changes that will result in the reduction of our overall workforce by 10,000 jobs through the end of FY23 Q3. This represents less than 5 percent of our total employee base, with some notifications happening today. It’s important to note that while we are eliminating roles in some areas, we will continue to hire in key strategic areas. We know this is a challenging time for each person impacted. The senior leadership team and I are committed that as we go through this process, we will do so in the most thoughtful and transparent way possible.

Not all the news is bad though:

Second, we will continue to invest in strategic areas for our future, meaning we are allocating both our capital and talent to areas of secular growth and long-term competitiveness for the company, while divesting in other areas. These are the kinds of hard choices we have made throughout our 47-year history to remain a consequential company in this industry that is unforgiving to anyone who doesn’t adapt to platform shifts. As such, we are taking a $1.2 billion charge in Q2 related to severance costs, changes to our hardware portfolio, and the cost of lease consolidation as we create higher density across our workspaces.

And I suspect, this is an attempt by Microsoft to not be seen as acting like Elon Musk:

And third, we will treat our people with dignity and respect, and act transparently. These decisions are difficult, but necessary. They are especially difficult because they impact people and people’s lives – our colleagues and friends. We are committed to ensuring all those whose roles are eliminated have our full support during these transitions. U.S.-benefit-eligible employees will receive a variety of benefits, including above-market severance pay, continuing healthcare coverage for six months, continued vesting of stock awards for six months, career transition services, and 60 days’ notice prior to termination, regardless of whether such notice is legally required. Benefits for employees outside the U.S. will align with the employment laws in each country.

I fully expect this to be the first of many announcements of this sort that we will hear in the coming days and weeks. As they say on Game Of Thrones, brace yourself.

1 Comment »

Apple’s Trade In Values Fall Through The Floor After Yesterday’s Announcement Of New Macs

Posted in Commentary with tags on January 18, 2023 by itnerd

The trade in values of Apple products have absolutely taken a nosedive after the the announcement of new Macs yesterday. Take for example my 16″ MacBook Pro. This is what I paid just over a year ago for the version that that I have:

Now take a look at the trade in value as of today:

While I get that it’s in Apple’s interest to spend the least that it possibly can on trade ins, Apple trying to argue that a nearly $4000 computer has dropped in value by something like 75% in about a year is insane.

And I am not the only one who thinks that, YouTuber MKBHD had this to say:

Now to be fair, the value of Intel Macs since Apple Silicon has come out has plummeted massively. But it is still a bitter pill to swallow.

Back to people with Apple Silicon machines. I’m not the only noticed this:

Again, I get nothing holds its value forever. But Apple has clearly missed the mark here. Or have they? The cynic in me says that this is a deliberate attempt by Apple to stop people who have Apple Silicon from trading in their computers to get the new hotness. I say that because if you look at the video that Apple posted on YouTube announcing these new computers, the marketing seems to be aimed at those who still have Intel Macs.

So if you want the new hotness, my advice would be to sell your current Mac on Craigslist or Ebay. You’ll get more money for it, and that’s always been the case even before this situation popped up. Meanwhile, I have to wonder if Apple is even going to try and quietly walk this back, or just say “too bad, so sad”, or more likely say nothing as Apple typically doesn’t admit mistakes. I am keeping my eye on this for sure as it is going to be interesting to watch.

Leave a comment »

New 2H 2022 OT/IoT Security Report Deep Dives Into ICS Finding Wiper Malware, IoT Botnet, Russia/Ukraine War Dominated Threat Landscape

Posted in Commentary with tags on January 18, 2023 by itnerd

Nozomi Networks has released the 2nd Half Review in its “OT/IoT Security Report: A Deep Look Into the ICS Threat Landscape” finding wiper malware, IoT botnet activity, and the Russia/Ukraine war significantly influenced the threat landscape as disruptive attacks on critical infrastructure continued into the second half of last year targeting rail, hospitals, manufacturing and energy. 

Malicious IoT botnet activity remained high and continued to rise in the second half of 2022. Nozomi Networks Labs uncovered growing security concerns for both hard-coded passwords and internet interfaces for end-user credentials. On the vulnerability front, manufacturing and energy remained the most vulnerable industries followed by water/wastewater, healthcare and transportation systems. In the last six months of 2022.

You can read the full report here.

Leave a comment »

Twitter Sued Over Data Breach

Posted in Commentary with tags on January 17, 2023 by itnerd

From the “It sucks to be Elon right now” department comes news that a lawsuit has been filed over the Twitter data breach that has recently come to light:

New York state resident Stephen Gerber claims his personal information was among the cache of data obtained by hackers between 2021 and 2022. He sued Friday in San Francisco federal court seeking class-action status for all those whose information was leaked.

Gerber blames a defect in Twitter’s application programming interface (API) that allowed cybercriminals to obtain usernames, emails and phone numbers of users of the social media website.

In January, an anonymous user on the hacker site BreachForums published a database that they claimed to contain basic information on hundreds of millions of Twitter users. Twitter said in a blog post that there was “no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems.”

“The data is likely a collection of data already publicly available online through different sources,” the company said.

Gerber claims in the complaint that Twitter “seemingly buried its head in the sand” and says the company may have tried to hide the magnitude of the leak.

Twitter “to this day, has inexplicably failed to notify or contact the victims of this particular API exploitation,” Gerber said.

Gerber is seeking unspecified monetary damages, likely to exceed $5 million, and court orders requiring Twitter to hire third-party security auditors to test and audit its systems as well as to implement and maintain a security program designed to protect the confidentiality of the users.

Forget about the what if’s in regards to if this guy wins. The fact is that this will spawn other lawsuits that Elon and Twitter will have to defend against. And the fact this that Elon and Twitter are both incredibly unfocused at the moment. Which means that their ability to give each lawsuit the time and attention it needs is going to be way less than it should be. That in turn means that the odds that Twitter will have to pay up big time increase.

Take it from me, Elon’s going to wish that he never bought this company.

Leave a comment »

CircleCI Pwned With Potentially Huge Negative Downstream Effects

Posted in Commentary with tags on January 17, 2023 by itnerd

CircleCI, a company that develops testing and deployment tools for software engineers, has shared details about how hackers broke into its systems last month and compromised customer data. CircleCI chief technology officer Rob Zuber said hackers gained access to its networks after infecting an employee’s laptop with malware. And here’s what happened next:

On December 29, 2022, we were alerted to suspicious GitHub OAuth activity by one of our customers. This notification kicked off a deeper review by CircleCI’s security team with GitHub.

On December 30, 2022, we learned that this customer’s GitHub OAuth token had been compromised by an unauthorized third party. Although that customer was able to quickly resolve the issue, out of an abundance of caution, on December 31, 2022, we proactively initiated the process of rotating all GitHub OAuth tokens on behalf of our customers. Despite working with GitHub to increase API rate limits, the rotation process took time. While it was not clear at this point whether other customers were impacted, we continued to expand the scope of our analysis.

By January 4, 2023, our internal investigation had determined the scope of the intrusion by the unauthorized third party and the entry path of the attack. To date, we have learned that an unauthorized third party leveraged malware deployed to a CircleCI engineer’s laptop in order to steal a valid, 2FA-backed SSO session. This machine was compromised on December 16, 2022. The malware was not detected by our antivirus software. Our investigation indicates that the malware was able to execute session cookie theft, enabling them to impersonate the targeted employee in a remote location and then escalate access to a subset of our production systems.

Because the targeted employee had privileges to generate production access tokens as part of the employee’s regular duties, the unauthorized third party was able to access and exfiltrate data from a subset of databases and stores, including customer environment variables, tokens, and keys. We have reason to believe that the unauthorized third party engaged in reconnaissance activity on December 19, 2022. On December 22, 2022, exfiltration occurred, and that is our last record of unauthorized activity in our production systems. Though all the data exfiltrated was encrypted at rest, the third party extracted encryption keys from a running process, enabling them to potentially access the encrypted data.

Clearly the threat actors knew who to target to get what they wanted. That’s scary. The company has put out a security alert that has been consistently updated since this incident happened. I’d spend some time reading this if you are using CircleCI products. An example of this is that Datadog’s RPM GPG signing keys and its passphrases were exposed during this breach. Anyone who uses their products, and any vendor who uses those products are potentially at risk.

Kevin Bocek, VP of Security Strategy and Threat Intelligence at Venafi had this to say: 

“Another day, another software supply chain attack. It’s clear that this type of threat isn’t going away. Targeting a developer tool and delivery platform, like CircleCI, was clearly intended to fly under the radar and slip into other development environments. In this case, they were able to gain access to Datadog’s environment meaning that its RPM GPG signing machine identities were exposed. Fortunately, Datadog has responded quickly to rotate the impacted identities and it doesn’t appear that they’ve been abused. But if an attacker had seized this opportunity, then it would have given them a very powerful weapon – potentially allowing them to spread across Datadog’s customer networks by enabling them to sign and send malware while appearing completely trusted. This could have had serious repercussions.

“This incident demonstrates the growing risk of attacks targeted at developers, machine identities and modern development pipelines. When combined with the speed of modern development, widespread use of automation and use of the cloud, an attacker with access to powerful machine identities can create ripples fast which are extremely hard to protect against or remediate. In a machine-driven world, having a control plane to manage the lifecycle of your machine identities is essential. As this incident shows, you can be doing all the right things and still find yourself exposed. All businesses – whether they be a software publisher, or a consumer of software – need to be able to automate controls that say who and what can and can’t be trusted, and to have the agility to respond to change.”

This isn’t a trivial hack and should not be treated as such. If you’re reliant on CircleCI products, you should be ensuring that you are not exposed. And you should double check with your vendors that they have done their due diligence as well.

Leave a comment »

Should You Buy The New Mac mini or MacBook Pro Models?

Posted in Commentary with tags on January 17, 2023 by itnerd

Today, Apple released the new 14″ and 16″ MacBook Pros along with the new Mac mini, and all of them have been upgraded to M2 class processors. The question is, should you upgrade to them if you own another Apple Mac. The answer is “it depends.” First, let me cover the improvements:

  • The M2 Max processor that is used in the MacBook Pros now scales to 96GB of RAM. 98% of you reading this have no practical need to have this much RAM in a MacBook Pro.
  • All the new hardware comes with Bluetooth 5.3 and WiFi 6E
  • In the M2 Pro and M2 Max MacBook Pros along with the M2 Pro Mac mini, you now get HDMI 2.1 which gives you an 8K display at 60Hz or a 4K resolution at 240Hz.
  • The MacBook Pros get one extra hour of battery life under Apple’s rather interesting testing protocol.
  • You get 20% more performance according to Apple. But I would wait for third party benchmarks to confirm or deny that.

Now with that out of the way, here’s my advice:

  • In terms of the Mac mini, completely ignore the M2 Pro model. Once you spec it up to 512gb and 32gb ram, you’re at the same price as the Mac Studio. Yes the Mac Studio is slightly slower in theory, it’s a better buy at the present time.
  • If you have an Intel Mac mini, upgrade immediately to the M2 version. Also I should note that in terms of the M2 model of the Mac mini, with the price cut that Apple did on this model, it’s a compelling buy. If you have an M1 version of the Mac mini, I wouldn’t upgrade as you likely won’t see the performance gains in real world use.
  • If you own an M1 Pro or M1 Max MacBook Pro, there’s zero reason to upgrade. This is a minor spec bump. You’re not going to see any significant performance upgrades by going out and buying one of these new M2 Pro or M2 Max MacBooks. But if you have an Intel MacBook Pro, you should upgrade immediately to the M2 Pro or the M2 Max versions.

Did I miss out on anything here when it comes to these new Macs? I’d be interested in hearing about what I did miss and what other thoughts that you have. Please leave a comment below and let me know your thoughts.

3 Comments »

You’ve Got Mail: New Phishing Attack impersonates DHL for User Credentials

Posted in Commentary with tags on January 17, 2023 by itnerd

Armorblox has released its latest research that dives into the details of a credential phishing attack that spoofed the international shipping, courier services and transportation company, DHL. 

These emails, targeting more than 10,000 mailboxes of a private institution within the education industry, bypassed both native Microsoft Office 365 Email security and Exchange Online Protection (EOP) email security layers.

How it works: In this attack, end users were presented with an email that resembled a notification from DHL, notifying recipients about a parcel sent by a customer that needed to be rerouted to the correct delivery address. Users were encouraged to view the attached document and confirm the destination address of the parcel shipment by providing Microsoft login credentials. Unknowingly, the provided sensitive information entered on the fake login page was sent straight to the attackers. 

You can read the research here.

Leave a comment »

Canadian Centre for Agricultural Wellbeing welcomes TELUS Health as exclusive provider for mental health services

Posted in Commentary with tags on January 16, 2023 by itnerd

The Canadian Centre for Agricultural Wellbeing (CCAW), a new not-for-profit organization launched on November 17, 2022, is on a mission to support farmers and their families with a research-to-action approach to mental health. With TELUS Health’s expertise and proven ability to deliver, the CCAW has welcomed them as the exclusive clinical and technology provider for Canadian farmers who are facing catastrophic events, as well as for farmers who don’t have access to provincial and federal programming.

From floods, to pandemics and supply chain disruptions, farmers face many uncontrollable and unforeseen events that can impact their mental health. These types of events often result in higher than average rates of stress, anxiety, depression and other mental health issues among farmers. According to the 2019 Report of the Standing Committee on Agriculture and Agri-Food, 45% of farmers reported high stress levels, and 45% indicated they would not reach out for help if they were in need, due to the stigma around mental health.

The Canadian Centre for Agricultural Wellbeing is a research-to-action organization supporting farm mental health across Canada. For more information visit www.ccaw.ca.

Leave a comment »

Review: Ugreen Nexode 100W USB C Wall Charger 

Posted in Commentary with tags on January 16, 2023 by itnerd

I am currently in the midst of setting up a sling bag with a bunch of tech related items in it that I can grab at a moment’s notice and head out the door should I need to see a client. I’ll be detailing the items and the logic behind what’s in the bag in a coming post, but for now, I want to focus on one item that will be in that bag. Which is the Ugreen Nexode 100W USB C Wall Charger:

So what we have here is a USB-C charger that puts out 100W of power. That’s enough to charge a 2021 16″ MacBook Pro. And clearly anything else from phones to tablets.

There’s two USB-C ports and the charger will decide how to split the power between both ports. That way you can charge an iPhone and a MacBook Pro at the same time for example.

You get foldable prongs to keep things compact. If I could make a suggestion, the next version of this needs to be able to be used internationally as this would be a great travel item if you go overseas. Here’s why:

On the left is the adapter that came with my MacBook Pro which is a 140W adapter. On the right is the Ugreen adapter. Both use GaN technology to deliver power more efficiently, while generating less waste of energy and heat. But clearly Ugreen tried a lot harder to shrink the size of the adapter. Though I will admit that they both weigh about the same.

I tested this by running down my MacBook Pro to almost empty and then charging it up. I was able to get to just under 50% in 30 minutes which more or less matches the power adapter that came with the MacBook Pro. So in short, I have the ability to keep my MacBook charged using a power adapter that takes up less real estate. Plus it will charge anything else that I need to charge. This is a total win and it has earned a place in the sling bag that I am building.

I got my Ugreen Nexode 100W USB C Wall Charger on Amazon for $79 CAD minus $10 CAD off as there was a coupon that was on the product listing. Given Apple’s 140W charger is $120 CAD, and is physically bigger, the Ugreen charger is the clear choice for people on the go who need to ensure that their gear is fully charged at all times.

1 Comment »

« Older Entries
Newer Entries »