May 10, 2018
As per this article (below) it is possible. But only when you visit Socially engineered site. So, isn’t it the time to start using ‘real-time’ protection systems like www.pivotsecurity.com?
A new exploit allows hackers to spoof two-factor authentication requests by sending a user to a fake login page and then stealing the username, password, and session cookie.
KnowBe4 Chief Hacking Officer Kevin Mitnick showed the hack in a public video. By convincing a victim to visit a typo-squatting domain liked “LunkedIn.com” and capturing the login, password, and authentication code, the hacker can pass the credentials to the actual site and capture the session cookie. Once this is done the hacker can login indefinitely. This essentially uses the one time 2FA code as a way to spoof a login and grab data.
“A white hat hacker friend of Kevin’s developed a tool to bypass two-factor authentication using social engineering tactics – and it can be weaponized for any site,” said Stu Sjouwerman, KnowBe4 CEO. “Two-factor authentication is intended to be an extra layer of security, but in this instance, we clearly see that you can’t rely on it alone to protect your organization.”
Sjouwerman notes that anti-phishing education is deeply important and that a hack like this is impossible to complete if the victim is savvy about security and the dangers of clicking links that come into your email box. To demonstrate this, Sjouwerman sent me an email seemingly addressed to me from Matt Burns (email@example.com) talking about a typo in a post. When I clicked on it I was transferred to a SendGrid redirect site and dumped into TechCrunch – but the payload could have been more nefarious.
May 8, 2018
Welcome to 21st century, a playing field for any one with a computer and internet access.
Are you prepared for the new world? If not, this is a must read.
Recent high profile Ransomware attach on Atlanta, USA, highlighted the dangers of the cyber space, it would have been much harder without Social Engineering (an unacknowledged culprit).
What really happened in Atlanta? A ransomware attacked all government department systems and locked them out, then showed a message to pay in bitcoins to an account which was closed shortly afterwords. It indicates it might have been a state sponsored activity.
Someone figured out, Atlanta Government access providers are using outdated Java Server (The one’s who are responsible for the initial deployments are probably gone, the ones who are currently overseeing probably have no idea who they work), socially engineered emails/websites to target individuals who are more likely fall victim by downloading malicious software. Now the trap set, the culprits waited till the malware taken into action.
Real questions here,
1. Why are the Java servers not updated?
2. Who are responsible for social engineering? Why are the virus scanners and firewalls didn’t stop them?
We have seen many many weaknesses and organizations who think they “NOT GOING TO BE AFFECTED”. There was a old saying “No one is going to be fired for buying IBM”, in other words if the company is big enough, I am not going to be blamed for anything that goes wrong!
We have seen several fall victim to “Consultants” who are taking short-cuts but talk their way through. In one occasion, a big consulting company was working working with us in a big banking project, one of their consultant’s wanted to use ‘Rest-Get” methods for logins. We said NO, they made a big deal and we had to fight for it. Twitter had egg on their faces probably because they used these kinds of cow-boys. If Twitter used us, we would have AVOIDED.
Best Solutions are the one you never has to face problems because they worked.
February 7, 2018
I was interviewing a potential candidate to support our new product launch, he was interviewed and selected by our team and I was vetting to see if he can be a good fit for now and future (learned from a good old friend, who said to me a long time ago, always know the person you are bringing on-board as you can’t undo the damage).
After formalities, asked few questions, he is quite knowledgeable, then came the surprise, I casually asked practical question, only a person did it, know that it is not possible. i.e internet articles may say things that are now quite real-life problems but not practical in real-life.i.e Will not work in tandem with other things.
Suddenly all facade fell apart, Still, I wouldn’t like to loose a good guy simply didn’t know difference between practical and theoretical knowledge. So, I give some time to come-up with an answer and learn from mistakes. It is opportunity for both of us see how we each value other!
Anyway, the point is, In the modern connected world, you will get answers to what you are looking for, not necessarily right answers. I remember someone telling me about a prominent university research. They divided class into two groups and give each a task. First group was told, the beach is a sandy beach, they have to prove it beyond doubt. Second group was told, the same beach is a coral beach, they have to prove beyond doubt. Results were astonishing, each group proved what they believed is right. i.e first group proved the beach is a sandy-beach and second group proved it is a coral-beach.
I challenge you today, search for a topic, that you believe is right and you will only come across what you want to see, not the opposite or any indication that it might be fake or false!
In this modern era, you not only need to have knowledge but also need experienced professionals to tell you that is NOT possible
If you are struggling with old legacy systems and want to know why, I think you might have guessed it by now. That is the reason, we only depend on AI to give us ABSOLUTE truth about the system you have what ever you tech/support/it personal tell you about that system. Phoenix can give you full report on what is you old and aging system ACTUALLY does.
Come and join us in the workshop that would transform your knowledge and capabilities of AI
December 19, 2017
From airlines to high street banks, system crashes are becoming an almost weekly occurrence. Despite what their PR might say, I can assure you that their legacy systems are at the root cause.
December 19, 2017
There is a popular myth about Artificial Intelligence, It will take jobs away and create lot of unemployment. However the situation is quite opposite. It is creating jobs.
We have ear marked 5 positions for Q1 and Q2 2018, to work on our Artificial Intelligence offering under guidance of our AI head Mr. van de Belt. There 5 new jobs wouldn’t have been there if there is no AI.
Is it possible, the fear of job losses created by people who are doing little or nothing to add value to their current job? I believe the same rumors were quite normal in 1950’s and 1960’s about computers.
Granted AI needs careful guidance and creation. Every new invention to-date has been used for bad things first. Believe it or not, Internet was first popularized by the porn industry! So is internet payments.
But there is no reason to be afraid of job losses, unless one’s job is so outdated and not quite adding any value to one’s organization, with or without AI, the job loss is always there.
December 5, 2017
Digital Business Transformation is a hot topic globally not least for the obvious benefits, including cost reduction, becoming more agile in response to change demands, both customer and regulation driven e.g. GDPR. We all know it makes sense, but the proverbial elephant in the room is the 80% of businesses that have Legacy Systems (LS).
But what’s the problem I hear you cry? Lets put aside the cost and the time factors, even those businesses that can afford it don’t want to take the risk just yet, the general philosophy being “if it ain’t broken don’t fix it”. The reasoning for this being the fact that most LS have become an unknown entity due to too many undocumented augmentations, patches, work-arounds and staff attrition over the years. Basically many IT Departments don’t really know whats happening in the code but just try to get by as best they can and live with the nightmare of LS.
Fortunately due to AI innovation there is an easy and cost effective solution. https://pivotcloudsolutions.com/ai-sp-phoenix.html
Adopting a Micro-Services Architecture, moving to the Cloud, incorporating IoT, BigData etc becomes childs play and brings value to the whole company.
November 30, 2017
After weeks of unrelenting bad news about AI and its seemingly imminent takeover and destruction of civilisation as we know it, the latest McKinsey report stating ‘We estimate that between 400 million and 800 million individuals could be displaced by automation and need to find new jobs by 2030 around the world.’, perhaps its time to reflect and become cognisant of a a more nuanced perspective. While these figures may be somewhat alarming it is worthwhile remembering that similar fears were raised at the beginning of the Technology Revolution in the mid twentieth century. Yes many people lost their jobs over time but many more re-skilled for the new careers that opened up.
Perhaps we sense that something different is going on now. During the Industrial Revolution we replaced and or complimented our muscle power with machine power. In the Technology Revolution we replaced and/or complimented our intellectual power with machine power. Now with the advent of AI we see that our intellectual capability can and will be easily surpassed. It is already happening. A digital brain can now drive a car. Robots can perform certain precision operations. Ai can easily surpass pathologists in pattern matching of scans for the earlier detection of cancers.
If we identify solely with our intellectual capabilities as the source of our specialness as leading custodians of the planet, then perhaps we have a right to be concerned with these developments. However there are those of us who suspect otherwise. For one thing we have imagination and that is exactly what Business consultant group Cognizant have used to predict in its book “What to do when machines do everything” that although 12% of jobs in the U.S. will be replaced by automation over the next 10-15 years, 21 million new jobs will be created as a direct result of new technologies.
A brief sample of those jobs include Data Detective, (Those who will analyze data from IoT devices, mesh, neural capabilities etc., to provide business and organization with data-based insights), Augmented Reality Journey Builder, (those who “will create the next generation of entertainment experiences. This artisté will be responsible for writing, designing, and building in-the-moment augmented reality experiences for client’s “trips” into AR”. See report for more details. https://www.cognizant.com/whitepapers/21-jobs-of-the-future-a-guide-to-getting-and-staying-employed-over-the-next-10-years-codex3049.pdf
Perhaps it is time to embrace the benefits of AI that are manifesting around the world from translation and healthcare benefits to legacy system replacement. https://pivotcloudsolutions.com/ai-sp-phoenix.html .
Perhaps it is time to learn more about what AI can do to enhance our lives and our businesses today.
November 29, 2017
Do you know how vulnerable your business is to cyber attacks right now!
“Over 171,000 businesses in the State (Ireland) could be vulnerable to crippling ransomware attacks according to a nationwide cyber security awareness survey and 48% of all businesses have no cyber security policy in place” http://irishtechnews.ie/171000-irish-firms-could-be-vulnerable-to-cyber-attacks-survey/. Those that do are heavily reliant on their staffs awareness not to open the wrong link or e-mail, and how up-to-date their tech depts are re known malware.
And the future doesn’t look bright either. A report by the security firm McAfee said the ransomware outbreaks of 2017 could look like child’s play as hackers develop new strategies and ‘business models’. ‘The evolution of ransomware in 2017 should remind us of how aggressively a threat can reinvent itself as attackers dramatically innovate and adjust to the successful efforts of defenders,’ said Steve Grobman, McAfee’s chief technology officer.
Even Google wasn’t immune to being duped. A fake WhatsApp application that was downloaded one million times from the Google Play Store was observed advertising a malicious game app that infects users with secondary malware capable of click fraud, data extraction, and SMS surveillance.
With over 4000 new malware threats per day what can you do? Perhaps a new approach is required. You could use Pivot Cloud Solutions AI to protect you. https://pivotcloudsolutions.com/index.html
November 16, 2017
Talk of Artificial Intelligence (AI) over the last two years has grown exponentially such that it is hard to open a newspaper, or click on a newsfeed without witnessing yet another multimillion $$ takeover of a “deep-learning” startup by Google, Amazon or Microsoft to add to their growing databank of AI acquisitions. Yet with every small advance in terms of product availability there is still more dire warnings in terms of impending dire consequences for the human race. In August 2017 Elon Musk tweeted “If you’re not concerned about AI safety, you should be. Vastly more risk than North Korea.”
While he went on to concede that there wasn’t any imminent danger recent studies have indicated that potential job losses are a reality. A 2016 analysis from the World Bank estimated that roughly two-thirds of all jobs in developing nations around the globe are susceptible to replacement by automation. Yet our sense of alarm could be equated to bemoaning the advent of the tractor to replace the plough, or the arrival of the internet to transform global communications and a myriad other aspects of our lives. It is not the innovation per say which is the problem but rather how we implement it.
The aim of AI is to replicate the intellectual capability of human beings and to process information at vastly greater speeds. As we are more than just our intellects we have nothing to fear. In fact AI could be a blessing for humanity because the further we move away from the level of survival i.e. the search for food, shelter, work to live etc. the more time we will have to explore and realise our full potential.