Teleclick - Technology, IT & Marketing Blog News

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, April 19th, 2024. I’m Howard Solomon.

In a few minutes Jen Ellis, a member of the Ransomware Task Force will be here to talk about the group’s recent report on what governments need to do before banning ransom payments. But first a look at some of the headlines from the past seven days:

Sophisticated cyber attacks aren’t new. But old-fashioned brute force credential attacks are still being used by threat actors. Researchers at Cisco Systems’ Talos threat intelligence service say brute force attacks have increased since March. The targets are wide and include virtual private network services, web application authentication interfaces and SSH services. IT leaders should make sure this type of attack is made difficult by having all employees use multifactor authentication and other defensive tactics to block brute-force logins.

Russia’s Sandworm cyber group has been upgraded to an advanced persistent threat actor by researchers at Mandiant. An arm of the Russian military, Sandworm is linked to the NotPetya data wiper that was aimed at Ukraine but escaped around the world, as well as cyber attacks in 2015 and 2016 on Ukraine’s energy grid. But Mandiant also warns this group has tools for collecting intelligence, spreading disinformation and sabotaging IT networks in any country to support Russia’s political aims.

Separately, Microsoft warned in a report that Russia has increased its anti-Ukraine disinformation messages to Americans online in the run-up to this year’s U.S. elections. This includes video commentary spread by websites that are covertly managed by Russia. The report also says China is in the game, using artificial intelligence applications to create videos and manipulated images.

At the same time the U.S. Director of National Intelligence issued an eight-page report on the latest tactics by Russia, China and Iran to undermine confidence in the upcoming U.S. elections through fake online personas on social media.

Organizations using SAP’s business applications continue to be targeted by threat actors. That’s according to researchers at Onapsis and Flashpoint. No doubt it’s because some of the biggest companies in the world use SAP software. How valuable is it to an attacker? The prices hackers are paying to buy a remote exploit for SAP applications increased 400 per cent in the past four years. What’s of concern is that many victims have SAP installations without the latest patches. IT staff in charge of patch management have been warned.

UnitedHealth, the American parent company of Change Heathcare, said in a regulatory filing that the first quarter cost of handling February’s ransomware attack came to US$872 million. The news service The Register notes that’s on top of perhaps as much as US$6 billion in advanced funding and interest-free loans UnitedHealth had to give many support care providers using its services.

An arm of the United Nations has admitted being hit recently by ransomware. The UN Development Programme told the cybersecurity news service The Record that data on current and past employees was stolen from a server. The 8Base ransomware gang has taken credit for the attack. The same gang is taking credit for a ransomware attack on the Atlantic States Marine Fisheries Commission.

A cyber attack on New York state has disrupted work printing legislation and the upcoming budget.

A Michigan health care provider is notifying over 184,000 people their data was stolen last December. Cherry Street Services, which provides primary, dental, vision and other services, says data stolen included names, dates of birth, Social Security numbers, diagnosis and treatment information, health insurance information and more.

And the Roman Catholic Diocese of Phoenix, Arizona is notifying over 23,000 people, including those in the dioceses’ employee benefits plan, their data was stolen. In the incident discovered in January, people’s names, addresses, dates of birth and Social Security number were copied.

(This transcript is an edited version of the conversation. To hear the full discussion play the podcast)

Howard: Joining me now from Cambridge, England to talk about fighting ransomware is Jen Ellis, a co-chair of the Ransomware Task Force and host of the Distilling Cyber Policy podcast.

I’ve asked you to be on the show because last week the Task Force, which is an international group of experts, issued its third report since 2021. A Roadmap to the Potential Prohibition of Ransomware Payments, outlines a roughly two-year plan for what ought to be done if governments want to institute a ban on ransomware payments. We’ll talk about that report in a minute. First tell us about yourself.

Jen Ellis: As you can probably tell [from my accent] I’m British, but I started doing policy engagement when I lived in the U.S., which I did for many years. I worked very, very closely with security researchers for a long time and started to understand that the legal environment in the U.S. was chilling research and hurting both the security industry, but also much more importantly, society as a whole by holding back security information from society. So I started to get involved in policy. It expanded really quickly from there into looking at all sorts of different areas around policy connected to cybersecurity, and also looking at how we could bridge the gap between the policy community and the technical community so that as the policy community is looking at policy around technical topics, we’re plugging in people who are actually working on the front lines who have the real technical knowledge and they understand what’s coming.

I think that bridge is super important. So fast forward to 2020 when we started looking at this ransomware issue, in the RTF [Ransomware Task Force] and pulled that together. These days I work with non-profits and with governments to one bridge that gap and to help sort of assist with developing policy positions around cyber.

Howard: It seems that because the number of reported successful ransomware attacks continues to increase that little progress is being made. The Task Force’s recent report says “the majority of organizations globally are still under-prepared to defend against or recover from a ransomware attack.” Why?

Jen: I wish there was a really simple answer. If I wanted to be flippant, the simple answer is life: Because there’s so much layers of complexity around competing demands on resources, on time and on attention, a lack of true understanding about what’s going on, there’s an inability for organizations to respond appropriately.

There’s so much noise out there, and so little of it helps organizations really understand what to do. Incentives work in the wrong direction, in many cases — for example, the incentives around companies that make technology to constantly be building really quickly and moving on to the next thing. It’s not taking your time doing it right, making sure you’ve tested for everything, going back and acknowledging vulnerabilities in your technology. All of the incentives work in the wrong direction for security to work. And so we have an ecosystem where we have the vast majority of companies can’t afford, haven’t invested, don’t have the capacity to have good preparedness or resilience. We have opportunities for attackers abounding both in terms of opportunities in the technology itself — vulnerabilities — or just the fact that it’s really easy for them to manipulate human behaviour. So there’s a lot of different factors at play.

That mean it [cybersecurity] is really hard, which is why when the [first] report came out it had 48 recommendations. We would have loved to come up with one, if we could have all agreed that this one thing would do it.

But the problem is, as we always say in security, there are no silver bullets. What we were looking at are incremental things you can do, and if you do them all together will hopefully create an impact. And while there has been progress on a number of those things, often it isn’t just about pulling the lever. It’s about maintaining focus and maintaining investment and commitment over time, which actually often is much harder than taking that first step. So we haven’t had long enough yet to see this stuff come to fruition.

I don’t know what the percentage is in the U.S., but in the U.K. our economy is 98 per cent small to medium businesses. Most of them are well below the cybersecurity poverty line. They have not invested to the degree that they need to. Meanwhile, the attackers are making big money. They’re able to invest every day if they want to. So those are some of the challenges at play.

Howard: If you’re an IT leader in a company, or in a county or municipality, are there three, five things that you really should do that that will make a real impact?

Jen: There are plenty of documents out there that will provide guidance. The RTF created one in partnership with CIS [the Center for Internet Security] aimed specifically at small to medium businesses called the Blueprint for Ransomware Defence which tries to make it more bite-sized for small to medium businesses.

I’m going to tell you five things. When we rattle them off as a list of five things it sounds really straightforward. But the reality is each one of them is a really time-consuming major thing. And it’s not like one and done. You don’t do it and then you’re done. It’s an ongoing commitment, so it’s not like you get up and say, “On Monday I’m going to institute patching, and on Tuesday I’m going to institute identity and access management, and on Wednesday I’m going to make sure that I’ve got offline backups, and I’m going to check that they’ve not been poisoned in some way.” It’s more like, “My major goal for this year is going to be to get a proper, functioning vulnerability management program off its feet. That’s going to be a big investment of time and effort and understanding and configuration and buy-in across my organization and talking to the IT team.”

So it is really important to understand when we go through what the things are [to be done] that they’re not simple easy lifts. But I’ll give you three:

— patching. You need to have a vulnerability management program. If you’re listening to this and you’re wondering about how to get started, a really good resource for you is CISA’s Known Exploited Vulnerabilities Catalogue, which specifically highlights the vulnerabilities that they know are being exploited in the wild;

— an identity and access management program. You want to make sure that people [employees] only have the ability to access things that they need to access. The program also has to have a secondary factor of [login] authentication; so that if somebody gets tricked into giving away credentials, that it’s not easy for the attackers to use those credentials.

–resilience. Having backups of all of the stuff that you care about the most, not just your data but your systems as well. You backups have to be offline so they’re not easy to access [by a hacker]. You also need to check backedup data regularly to make sure that there’s no sign of any dodgy behaviour …

Howard: What are the biggest roadblocks you hear from business and IT leaders about not being able to implement Task Force recommendations for fighting ransomware in their firms?

Jen: You could put it very simply and say it’s about capacity or capability. What that boils down to is a lack of understanding or a lack of resources. Either the organization that doesn’t really understand the threat, doesn’t really understand its relevance to that organization. Or it is unable to invest. Sometimes you have organizations that both are true or one affects the other …

You [as management] can’t do everything you want to do, and you have a responsibility to your employees, your customers and your investors to not do everything that you want to do. So they have to make difficult decisions. They have to decide how to prioritize. And because they don’t understand the threats, they may choose other, more urgent, pressing priorities in other areas, they make choices away from spending on cybersecurity …

Howard: Why are some organizations still paying ransoms?

Jen: Because it’s so hard. Say you’re the CEO of a regional, smallish manufacturing company and you’re a third-generation owner, right? The company’s been in your business for three generations, and you have dedicated your entire life to this business. You employ a bunch of people in your region. You don’t have a lot of money to invest in cybersecurity. It’s probably not something you really think about a huge amount. and you’re super reliant on five major customers that you’ve got contracts with to create whatever widget for them. You get hit by a ransomware attack and it takes your business offline, and all of a sudden your business grinds to a halt. Your customers have deadlines and those deadlines can’t be shifted just because you can’t provide that service. So all of a sudden, the situation [attack] is existential for your business. If you cannot provide the service, you’re going to lose those contracts. Customers are going to go elsewhere. Your reputation is shot, you might get sued by them … People who are in a situation like that say, “How do I make this problem go away as quickly, as painlessly as possible?”

… Nobody says, “What I really want to do with my hard-earned money is give it to a criminal in a foreign state who doesn’t care about anything to do with me, and takes pictures of himself riding around in his Lamborghini …They’re doing it out of desperation.”

Howard: What are the pros and cons of a ransomware payment ban?

Jen: The first theory is ransomware is a crime that exists in interests of making money for criminals. If you take away the money, then you take away the impetus for doing it and it goes away. Number two, is because giving money to these criminals is disgusting, unethical. And lot of these organized criminal gangs are involved in other types of organized crime. Nobody wants to think that they’re funding the drug trade or the weapons trade or human trafficking.

The third reason that policymakers want a ban is because they have tried to push the needle on building [business] preparedness but it’s not going quickly … so they think, “We’ve tried the carrot and the carrot hasn’t got anywhere. Maybe now we try the stick in the form of saying to people, ‘You will not be able to pay a ransom.’ Therefore you [governments] have to get ahead of this. You have to have preparedness [for a payment ban] because there is no parachute ..

I don’t think gangs will suddenly turn away from illegal activity. I think it’s far likelier that before they do that they will test the mettle of organizations. If I was a ransomware attacker what I would do is shift to focusing specifically on critical infrastructure and small businesses because I know that they’re the least likely to withstand my demands for ransom … So I think there has to be a plan for how to help them get themselves ready for a ban.

Howard: Which do you think of the recommendations [for preparing businesses for a payments ban] are the easiest and which are the hardest to implement?

Jen: The ones that are somewhat easier are the stuff that government does itself. For example, collaborate with other governments … The government can institute sanctions. They can clarify [incident] reporting [to regulators]. You can have law enforcement work with law enforcement around the world. The takedown of the LockBit gang was a collaboration of law enforcement around the world. What’s much, much, much harder is stuff that is outside of the government’s direct operational field. Things like reaching into millions of small to medium businesses and driving them to take action is really hard because you don’t want to make it a regulatory thing

… The other thing that’s really hard is that cyber criminal gangs have for a long time thrived in what we call safe havens or harbour nations — countries that protect them.

Howard: Among the recommendations is to create a ransomware response fund to help victims organizations recover. Another is to end the tax deductibility of ransomware payments. Doesn’t it seem a little bit nuts to you that you can give money to criminals and then you can take that as a tax writeoff?

Jen: I can’t think of another space where that would be the same thing, right? Like when I do my tax return, I’m like, “Here’s all the money I gave to charity this year.” And, “Here’s all the money that I gave to criminals this year. I would like a [tax] benefit for both, please.” That seems kind of crazy to me … If you had to pay tax on it [ransomware payment] maybe that money could be used to help with the fund [for victims].

Howard: Finally, I’m an IT or security leader. I don’t have enough money or people to fight cyberattacks, including ransomware. How do I persuade my boss to give me more?

Jen: There is a saying that we use in security, which is, never let a crisis go to waste.

You can do a lot by scouring the headlines and highlighting relevant [cybersecurity] stories [for management]. There has to be a little bit of education. But also, if you seem disconnected from the realities of the business, your business leaders will never take you seriously. So if you want to tell them all the things going on in security and you completely ignore the fact that the business is also worried about the economy or facilities or investors, employee well-being, changing laws then you’re going to have a conversation that is so far removed from what they actually focus on and think about that they’re not going to take you seriously. Education is a two-way street. You have to educate yourself on what the business cares about, get to know the business leaders in the organization and talk to people who are leaders of sub-areas in the business …

Maybe you could take lower-down department heads for lunch and learn what it is they focus on and what their priorities are. Then you’ll get a view of how the business goes together and what the competing priorities are. That gives you a much better position to have that conversation with your leadership, because you understand a lot more about what they’re weighing. This is also an opportunity to help them understand why you care about what you do and why they should care about it …

One of the things that can be helpful is find stories [in the media or from cybersecurity research] about people. It helps to make it real to your leaders to say, “This is what a cyber crime gang looks like. Here’s this guy and he has been doing this for this long. These are the things that he’s accused of. Here he is driving around in his Lamborghini.

The post Cyber Security Today, Week in Review for week ending Friday April 19, 2024 first appeared on IT World Canada.

Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more.

Welcome to Cyber Security Today. It’s Friday, April 19th, 2024. I’m Howard Solomon.

The Europol European police co-operative says one of the largest phishing-as-a-service platforms has been severely disrupted. This week law enforcement agencies from 19 countries including the U.K., the United States and Canada shut the IT infrastructure of LabHost. They also arrested 37 suspects. For a monthly subscription the site sold access to phishing kits, infrastructure for hosting phony web pages and more. An estimated 10,000 crooks around the world used its services. Singapore-based cybersecurity firm Group-IB says there was a Canadian angle to LabHost. The service was actively promoted in a Canadian channel on the Telegram messaging service by three users. One of those users owns the service LabHost Refunds, which only operates in Canada. This user also sold profiles of Canadians for creating credit cards or opening bank accounts. Europol said four of the 37 people arrested were in the U.K. and allegedly ran the site, including the alleged original developer.

A virus has been sitting undetected since 2015 on some Windows systems in Ukraine, say researchers at Cisco Systems. As part of a regular threat hunting in open-source repositories for infected documents, Cisco found over 100 infected documents with potentially confidential information about government and police activities in Ukraine. The documents could only be spread by being shared through removable media like USB memory sticks. It isn’t known who created the virus.

So you’ve got cyber insurance. But do you have enough? Maybe not, says CYE, a company that measures cyber risk of organizations. Looking at a dataset of 101 data breaches, CYE says 80 per cent of those with insurance didn’t have sufficient coverage to pay for their full data breach costs. On average three-quarters of insurable costs weren’t covered.

Finally, a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international. That’s according to researchers at Kaspersky. It says organizations in the U.S., Canada, Japan, the Netherlands, Luxembourg and South Korea have submitted examples of the malware to a virus scanning service, suggesting IT people in those countries have come across it. Kaspersky calls this campaign DuneQuixote. The goal is to install a memory-only backdoor using either a regular dropper or tampered installer files for a legitimate tool called Total Commander. What’s unique is the use of snippets from Spanish poems in the code to help evade detection by anti-malware tools.

That’s it for now. But later today the Week in Review podcast will be available. My guest will be Jen Ellis, a member of the Ransomware Task Force, who will talk about its recent report on steps governments should take before passing laws forbidding organizations from paying ransoms.

Follow Cyber Security Today on Apple Podcasts, Spotify or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more first appeared on IT World Canada.

Just how real is quantum computing? We have an amazing guest on our Weekend Edition who will talk about how she is helping people prepare for IT careers using quantum computing.

Meta’s new AI release sparks a debate about open versus closed source AI, major legislation expanding US government surveillance capabilities goes largely unnoticed, big questions about how accurate these AI launch videos are, and before you book that next business trip, a former Boeing manager says he won’t fly on some Boeing planes.

All this and more on the “flying under the radar” edition of Hashtag Trending. I’m your host, Jim Love. Let’s get into it.

Meta has released a compact version of its latest open-source AI model called Llama 3, as well as an updated version of its AI assistant that can now answer questions using real-time web information.

These launches have reignited the debate around the future control and accessibility of powerful AI systems.

The company says the new Meta AI assistant, available across its apps like WhatsApp and Instagram as well as a website, is the “most intelligent” free AI aid of its kind. It includes new capabilities like generating custom images and animated GIFs based on text prompts.

But in a separate but related interview, Meta’s chief AI scientist Yann LeCun argued for these types of AI platforms and models to remain open-source and decentralized – warning of the dangers of having a small number of companies control everyone’s “digital diet.”

LeCun said “Eventually all our interactions with the digital world will be mediated by AI assistants…this means they will constitute a shared infrastructure like the internet. We cannot have a small number of AI assistants controlling what everybody sees – this will be extremely dangerous for diversity of thought, for democracy, for just about everything.”

LeCun advocated for a future with many different open AI models that can be customized for various cultures, languages and use cases – preventing what he called monopolistic “echo chambers” over AI-powered knowledge.

The push reflects a philosophical divide in the AI industry, with some firms like OpenAI keeping their models closed and proprietary, while others position themselves as open-source champions.

Meta stated goals include not just making their model open, but making its latest model more multilingual over time. LeCun also argued the importance of diverse AI assistants emerging to reflect society’s diversity.

As these systems become conduits for how people interact with digital information and services, the debate around centralized control versus democratized access of this transformational technology will certainly intensify.

Sources include: Axios and Analytics India

For anyone following US political news you may have missed this story in the light of the trials, impeachment inquiries and the crisis over Ukraine funding, but there is a major debate and the U.S. Senate is set to vote on Thursday on renewing and potentially expanding controversial government surveillance powers.

Privacy advocates are sounding alarms over proposed changes that could compel a vast range of companies and individuals to hand over electronic communications to intelligence agencies.

At issue is the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act, or FISA. This provision currently allows U.S. spy agencies to conduct warrantless surveillance of communications involving foreigners outside America who may pose national security threats.

FISA has long been criticized for also sweeping up data on American citizens, which intelligence agencies can then search domestically without a warrant – a practice that civil liberties groups consider unconstitutional.

Last week, the House passed a bill reauthorizing Section 702 for 8 more years. But it contained an amendment drastically broadening who could be legally defined as an “electronic communications service provider” – a classification that can compel companies to share private user data.

Oregon Senator Ron Wyden warned this could conscript millions into becoming “agents for Big Brother” – from office cleaners to any business with computer servers or wifi routers on their premises.

Wyden noted “The legislation gives the government unchecked authority to order millions of Americans to spy on behalf of the government…anyone with access to a server, wire, cable box, router, phone or computer.”

Privacy advocates like the American Civil Liberties Union and tech industry groups are urging the Senate to reject this provision, citing risks to digital privacy and US competitiveness if user data is exposed by government demands.

The White House and others maintain that in a world full of terrorist threats and instability that FISA provides tools necessary to intercept threats and protect American citizens.

As the Senate deliberates the renewal, it will need to weigh enhanced national security powers against public unease over eroding civil liberties protections in the digital age.

Given the other hub-bub and the speed at which this is moving, it’s unlikely that anyone will get a chance to hear a clear and reasoned debate of these exceptionally important issues.

Sources include: The Register

And for those whose job or even personal lives take them into airplanes for travel, we’ve covered apps that tell you which type of plane you might be one.

For those who think that’s just alarmist, you might want to check out another US senate subcommittee where a former Boeing manager, Ed Pierson has repeatedly talked about safety issues on the Boeing 737 Max jet like the one involved in the recent Alaska Airlines incident where a door blew off in midair.  He said that, once, when he realized he had been booked on a 737 Max, he got off before the plan could take off.

When the 737 Max 9 lost its door in midair, leaving a gaping hole in the plane, the National Transportation Safety board found that bolts designed to secure it were missing. The same report said that they door plug had been removed in a Boeing factory to fix some broken rivets but Boeing told the board that it didn’t have documentation for this work.

Pierson testified that a whistle-blower at Boeing gave him documents that indicate a “criminal cover-up” related to the door incident. Boeing has reportedly claimed that there’s no documents of work done on the door plug that came off the 737 Max jet.

Pierson said on Wednesday: “Records do in fact exist. I know this because I personally passed them to the FBI.”

Pierson was a senior manager at Boeing’s 737 factory and retired in 2018 before the first Boeing 737 Max 8 crash.

Pierson said, “I’m not gonna sugarcoat this, this is a criminal conspiracy.”

The FBI is looking into whether criminal charges should be brought in this case and passengers from the Alaska Airlines flight were reportedly sent letters from the FBI saying they might be victims of a crime.

For anyone who has ever sat beside an exit door, it adds a totally different meaning to that speech the flight crew makes when they ask if you are “prepared to act in the event of an emergency.”

Sources include: Business Insider

Major tech companies like Amazon are facing scrutiny over claims that some of their highly touted artificial intelligence systems are actually relying heavily on offshored human labor. Critics argue this amounts to traditional outsourcing being repackaged under the banner of AI. Meanwhile, the companies deny the allegations, saying their AI capabilities are indeed automated and that human reviewers play only a limited role.

Controversy erupted recently when reports emerged that Amazon’s “Just Walk Out” cashier-less checkout system utilizes human workers in India reviewing surveillance footage to verify purchases. This raised accusations that the tech giant had overstated the AI automation behind this system that was marketed as allowing customers to simply grab items and leave the store.

In a recent article, author Janet Vertesi argues that much of what is being branded as AI is really just old-fashioned labor outsourcing in a new guise.

Vertesi said, “AI is just today’s buzzword for outsourcing, and it comes with the same problems that have plagued outsourced companies for decades…behind the curtain is the familiar phenomenon of outsourcing – expensive skilled labor traded for cheap, unskilled labor abroad.”

However, Amazon has forcefully pushed back on this perception. The company’s VP overseeing Just Walk Out, Jon Jenkins, told Axios in a recent interview that human reviewers in India only analyze a “small percentage” of cases after the fact to improve the AI’s accuracy – not watch live shoppers.

Jenkins said, “This notion that there are human reviewers watching live shoppers – that is completely not true…way less than 1,000 people help make sure automatically generated receipts are accurate.”

Jenkins argues Just Walk Out utilizes advanced sensors, cameras and AI to enable the grab-and-go experience, while admitting there’s still work to do in scaling the technology efficiently across more locations.

The debate speaks to the broader challenge of separating AI hype from reality. A number of AI products, not just Amazon, have let’s say “enhanced the performance of their systems” by editing the video. Google got caught editing one of its AI launches to enhance the appeared performance. Yesterday, we covered scathing reviews of a of Humane’s AI pendant where the actual performance of the device was nothing like what the video demo showed – and this infuriated reviewers. When you start digging, there are many examples to be found.

But the Amazon case also raised concerns around tech firms cutting costs by outsourcing labor overseas under the veneer of automation.

As AI enables even more sophisticated simulations, look for this problem to intensify. In answer to what Groucho Marx said, “are you going to believe me or your lying eyes?” Maybe there is another saying, “there ought to be a law…”

Sources include: Techpolicy.press and Axios

And that’s our show for today…

Hashtag trending goes to air five days a week with a weekend interview show. And we are also on YouTube.

Find us at our new home at technewsday.ca or .com – you pick. And you can reach me with comments, suggestions or even criticism at therealjimlove@gmail.com or at editorial@technewsday.ca

I’m your host Jim Love, have a Fabulous Friday.

The post Meta’s new release sparks debate about open versus closed source AI: Hashtag Trending for Friday, April 19, 2024 first appeared on IT World Canada.

More Windows PCs previously blocked are now able to upgrade to Windows 11. Apple has fallen to number two in terms of iPhone market share. Salesforce makes news with a possible acquisition of Informatica. And a new AI wearable device gets savage reviews.

All this and more on the “winners and losers” edition of Hashtag Trending. I’m your host, Jim Love. Let’s get into it.

Some Windows users who were previously blocked from upgrading to Windows 11 may finally be able to make the switch. Microsoft has lifted a compatibility hold that prevented certain PCs with 11th generation Intel processors from installing the latest version of its operating system.

The hold was put in place over two years ago due to an issue with Intel’s Smart Sound Technology drivers causing problems when running Windows 11 on those chips. But now, with updated drivers from Intel to resolve the bug, Microsoft says affected systems should be offered the option to upgrade in the next 48 hours.

However, this doesn’t represent a change to the strict minimum hardware requirements for Windows 11 that have left many older but still capable PCs unable to officially update. The move from Microsoft comes as it is beginning to phase out support for Windows 10, with commercial customers soon having to pay increasing fees for security patches after the October 2025 end-of-support date

For users with computers stuck on the previous operating system version, upgrading hardware may be the only path to Windows 11, unless Microsoft expands the update eligibility in the future.  But for that subset affected by this specific driver issue, the path to Microsoft’s latest OS is now clear after over two years of waiting.

Sources include: Windows Central

Apple is facing more troubling signs for its iPhone business. Global shipments of the company’s flagship smartphone dropped nearly 10% in the first quarter of 2024 compared to a year ago. It has once again lost the number one position to rival Samsung, but this time, they have a tougher struggle to regain leadership in terms of sales.

Market intelligence firm IDC reports that in Q1 global iPhone shipments fell to just over 50 million units. Apple’s share of the worldwide smartphone market also slipped from 20.7% down to 17.3%.

The declines come despite an overall recovery in the broader smartphone market.  It represents an ongoing challenge for Apple in the face of rising competition from Chinese manufacturers like Xiaomi and Transsion. Xiaomi’s shipments surged nearly 34% in the quarter, while Transsion’s jumped 85%.

We often forget that China was and still remains a major market for iPhones and with greater competition and tension with the US at an all time high, Apple continues struggling in the critical Chinese market.  iPhone revenues expected to drop again in the current quarter as Beijing workers are increasingly pressured to avoid foreign-branded phones.

The iPhone maker is also contending with a series of other issues – from declining iPad and wearables sales to high-profile antitrust battles with regulators in the U.S. and Europe over its tight control of the App Store ecosystem.

Apple’s stock is down more than 8% so far in 2024 as investors grow concerned about the tech giant’s near-term outlook and challenges from rivals abroad.

Some potential relief could come later this year if Apple impresses with its expected unveiling of new AI capabilities at its developer conference in June. But for now, the latest shipment numbers underscore the mounting pressures facing Apple and the all-important iPhone business.

Sources include: Yahoo Finance

A potential major acquisition could change the landscape with regard to company data and artificial intelligence. Salesforce, the cloud computing giant known for its customer relationship management software, is reportedly in advanced talks to buy data integration firm Informatica for $11 billion.

If completed, the Informatica acquisition would be the latest in a string of major purchases by Salesforce aimed at expanding beyond its core CRM business into a comprehensive data management and AI platform.

Founded in 1993, Informatica specializes in integrating data across different sources like databases, applications and social media. Its software enables companies to combine this disparate information while ensuring accuracy and quality.

Salesforce has already rolled out its new generative AI product called Einstein Copilot to automate tasks using conversational prompts. But analysts say adding Informatica’s data integration capabilities could significantly elevate Salesforce’s AI innovations by improving the quality of data being fed into its models.

The acquisition would complement Salesforce’s previous billion-dollar deals for companies like Tableau for data visualization, MuleSoft for application integration, and most recently its purchase of Slack.

Tying it all together, Salesforce aims to create an end-to-end “data journey” platform that collects information, cleans and transforms it, then allows businesses to analyze it through products like Tableau while leveraging generative AI like Einstein.

In an AI-driven future, ensuring high quality and properly integrated data will be crucial to developing accurate predictive models and natural language processing tools. If the Informatica deal goes through, it could give Salesforce a powerful advantage over rivals like Oracle and SAP in the enterprise AI market.

Sources include:  Analytics India

And there’s proof that just because it’s AI enabled, not every product is going to work.

A much-hyped new artificial intelligence wearable device from a startup founded by former Apple executives has been absolutely and even brutally panned by tech reviewers.

The AI Pin, a smart brooch that can answer questions, take photos and send messages through voice commands, is being criticized as an outright flop that fails to deliver on its promised reimagining of how we interact with technology.

The $700 device made by the company Humane has been scorched by prominent reviewers like Marques Brownlee, who said in a 25-minute video critique that the AI Pin is “bad at almost everything it does, basically all the time” – describing it as the worst product he’s ever reviewed.

Issues cited include poor battery life requiring constant recharges, visible heat buildup while wearing it, and a hand projection display that’s difficult to see, especially in bright light. While meant to operate independently of a smartphone, reviewers found the AI Pin lacking basic functions and integration.

Writing for The Verge, David Pierce bluntly stated “the one and only thing I can truly rely on the AI Pin to do is tell me the time.”

The startup raised nearly $250 million to develop the gadget, which was aimed at pioneering new AI-driven hardware experiences beyond the smartphone. But based on the scathing initial reviews, it appears to have missed the mark.

Humane’s founders have acknowledged the software needs significant updates, vowing not to be deterred by the negative coverage as they continue refining the AI Pin throughout the summer.

This should be a warning for every AI product developer out there. You can’t have automatic success just by saying you have AI in your product. People are looking for the solutions to real problems and expecting a phenomenal user experience. Without, there could be a backlash.

But even if this one device fails, the idea of a wearable device won’t go away, another AI firm called Limitless just announced a new wearable device at the amazing price of 99 dollars. We’ll cover that device and its different approach in the next few days.

And that’s our show for today…

Hashtag trending goes to air five days a week with a weekend interview show. And we are also on YouTube.

Find us at our new home at technewsday.ca or .com – you pick. And you can reach me with comments, suggestions or even criticism at therealjimlove@gmail.com or at editorial@technewsday.ca

I’m your host Jim Love, have a Thrilling Thursday.

The post first appeared on IT World Canada.

More suspicious attempts to take over open source projects, a data theft at a Cisco Duo partner, and more.

Welcome to Cyber Security Today. It’s Wednesday, April 17, 2024. I’m Howard Solomon.

The recent takeover of an encryption utility used by Linux may not be an isolated incident. The OpenJS Foundation, home to open JavaScript projects, says it recently detected an attempt by a threat actor or actors to designate them as a new maintainer of a project to correct any vulnerabilities. After that the OpenJS recognized two other JavaScript projects not hosted by the Foundation had similar takeover attempts. This follows on the discovery by a Microsoft developer earlier this month of a three-year effort by a threat actor to persuade maintainers of the XZ Utils compression tool to take over that project. In that case some Linux distributors actually included a malicious version of that utility in development versions of Linux that contained a backdoor uploaded by the new overseer. If a threat actor takes over a JavaScript project they, too, could use their access to upload a malicious code that would end up in hundreds or thousands of IT systems. The OpenJS and Open Source Security Foundations are warning project maintainers to be wary of email requests from unknown members of the open source community to be elevated to maintainer status.

Another major company has been stung by a data breach at a partner. This time it’s Cisco Systems. According to Bleeping Computer, organizations using the Cisco Duo multifactor authentication platform for accessing corporate IT systems are being notified of an April 1st incident. A hacker compromised the system of a telecom provider Cisco uses to send MFA codes to individuals by SMS text or voice over IP calls. Cisco didn’t name the provider. Nor is it saying how many individuals were affected. How was the telecom provider hacked? An employee fell for a phishing email, allowing the attacker to get their login credentials. They then downloaded message logs. The logs don’t have personal information. But they include phone numbers of those who use Duo, including company employees. A hacker could use those numbers to call employees and trick them into giving out sensitive things like passwords.

Delinea has released security updates for its platform as well as for on-premise and cloud versions of its Secret Server access management suite. The updates plug a critical vulnerability in the SOAP messaging API that could allow an attacker to bypass access authentication to IT networks. This comes after a researcher published a report last week on discovering the flaw. He publicly released his findings because he’d been trying unsuccessfully since February to get Delinea’s attention. It wasn’t until last Friday the company acknowledged the finding. In a statement Delinea said patches for older versions of Secret Server are coming.

IT administrators whose firms use the open-source PuTTY utility for file transfer, or who use applications with the PuTTY client such as FileZilla, WinSCP and TortiseGit, are urged to update the applications immediately. This comes after the discovery of a critical vulnerability that could allow a threat actor to recover a private key and then forge digital signatures allowing access to any server the key is used for. Administrators should revoke their existing keys and generate new keys to replace them.

Omni Hotels, with properties in the U.S., Canada and Mexico, says “limited information” of a subset of customers was involved in last month’s cyber attack. The data doesn’t involve personal payment details, financial information or Social Security numbers. But, the company says, it may include names, email and mailing addresses. According to Security Week, the Daixin Team ransomware gang has claimed responsibility.

Three Canadian school boards have signed up for Fortinet’s Security Awareness Curriculum. The free, bilingual program has modules for K-12 students covering how to be safe online and how to protect privacy. The three boards are in Ontario.

Threat actors use multiple tricks to get login credentials to private Zoom video conferencing sessions of organizations. A report this week from Abnormal Security notes six tactics. These include creating fake login pages that look like the official Zoom website and then spreading links to them in phishing emails; tricking employees into downloading malware that steal Zoom credentials; and just plain credential stuffing with passwords bought on the dark web. The report could be used by IT departments in security training.

Automated bad bots are increasingly taking up internet traffic. That’s according to a new report from Imperva. Automated traffic is costing organizations billions of dollars by attacks on websites, APIs and applications. Bot do everything from web scraping, account takeovers, spreading spam and launching denial of service attacks. The report says IT leaders can blunt this threat by fortifying website defences, strengthening website employee and customer login processes; securing exposed APIs and mobile applications and watching for suspicious traffic.

Finally, a North Korean spying group is ramping up its activity. That’s according to researchers at Proofpoint. They issued a report this week on a group security experts call by a number of names including TA 427, Emerald Sleet, APT43, Thallium or Kimsuky KIM-SUCK-IE. Usually the group targets experts on American and South Korean foreign policy by impersonating a member of a think tank, a reporter or an academic. Targets are sent emails with the hope of starting an online conversation. One tactic: Taking advantage of an organization’s lax email protection, particularly failing to enforce the strict use of the DMARC protocol. That’s allowing this group to impersonate senders in email addresses.

Follow Cyber Security Today on Apple Podcasts, Spotify or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, April 17, 2024 – More suspicious attempts to take over open source projects, a data theft at a Cisco Duo partner, and more first appeared on IT World Canada.

YouTube clamps down on third party apps that block ads. Experts predict a new cyber-war between Iran and Israel. Elon Musk backs down on his fight with the Brazilian government and Broadcom makes concessions in the face of customer outrage and European regulatory scrutiny of its new VMWare pricing.

All this and more on the “who blinks first” edition of Hashtag Trending. I’m your host, Jim Love. Let’s get into it.

YouTube is escalating its battle against ad-blocking software and extensions. The video streaming giant has announced it will now crack down on third-party apps that allow users to skip ads on YouTube videos.

If you watch YouTube videos through a third-party app specifically designed to block advertisements, you may start encountering some issues. In an update this week, YouTube says users accessing its content through these ad-blocking apps could face video buffering problems or even an error message preventing them from watching at all.

It’s an expansion of YouTube’s existing efforts to discourage viewers from using ad blockers when watching videos on the platform. Last year, YouTube started displaying error messages and disabling videos for users with ad-blocking browser extensions enabled.

The company argues that third-party apps stripping out ads prevents creators from being compensated for the content they produce. In a statement, YouTube says it only allows apps that follow its API terms of service, which require showing advertisements.

While the ad-blocking app AdGuard says it is not affected by this latest policy change since it doesn’t use YouTube’s API, many other apps that scrape ad-free YouTube videos could face blockages.

Of course, YouTube still offers its premium ad-free subscription as an alternative for viewers who want to skip commercials. But this crackdown likely won’t be welcomed by those who prefer watching YouTube through adblocking software and mobile apps.

As more entertainment shifts to streaming platforms, the tension between companies seeking ad revenue and users trying to avoid advertisements seems destined to escalate further.

Sources include:  The Verge

There’s been a reversal from Elon Musk’s social media company X, formerly known as Twitter, over its stance on complying with court orders in Brazil regarding content moderation. After initially vowing to challenge rulings by Brazil’s Supreme Court, lawyers for the platform have now told the court it will follow all its decisions.

A legal battle has been brewing between Elon Musk’s X company and Brazil’s top court over the removal of certain accounts accused of spreading misinformation and hate speech. Last week, Musk said he would challenge an order from Supreme Court Justice Alexandre de Moraes demanding X block some accounts in the country.

But in a letter to Moraes seen by Reuters, lawyers for X have now reversed course, stating the platform will comply with every ruling issued by the Supreme Court or Brazil’s top electoral authority.

This marks a shift from X’s Brazilian subsidiary, which had previously claimed it could not control whether the U.S. parent company followed the Brazilian court’s orders.

The Supreme Court justice has been leading investigations into alleged coup attempts and digital militias accused of spreading disinformation, particularly during the presidency of Jair Bolsonaro.

Musk, who has branded himself a free speech absolutist, had called Moraes’ orders unconstitutional and demanded he resign – prompting the justice to open an inquiry into Musk for potential obstruction.

The reversal by X’s lawyers likely aims to defuse tensions with Brazilian authorities. However, the U.S. House Judiciary Committee has now subpoenaed X for information about the Brazilian court’s content moderation orders.

As social media’s role in democracies remains hotly contested, US social media giants are finding that they are not immune to government regulation in other countries.

Sources include: Reuters

A former security executive at the ride-sharing company Uber is taking on a new role advising other corporate leaders on how to properly handle cyber-attacks and data breaches. Joe Sullivan was convicted last year for his actions in covering up a 2016 data breach at Uber and obstructing a federal investigation into it.

A federal judge sentenced him to three years probation and community service His case is believed to be the first time a U.S. security executive faced criminal charges related to mishandling a data breach.

Sullivan is now working with a cybersecurity firm to help prevent other executives from making the same mistakes he did.

Since then, Sullivan has been reflecting on his experiences and sharing advice with other security leaders on how to properly respond when cyberattacks happen. He’s now joining the cybersecurity firm BreachRx as a senior advisor.  The company provides a platform to automate and document a company’s response in the crucial first hours after a breach is detected.

Sullivan says security executives are facing growing legal risks as regulators crack down on poor cybersecurity practices and demand more accountability from companies hit by data breaches. But he argues chief security officers are often underfunded and understaffed, making it difficult to properly secure their networks.  Sullivan hopes his case will prompt companies to finally invest more in cybersecurity – though he’s concerned some recent regulatory actions may be prompting an overcorrection, with security chiefs now afraid to take responsibility during incidents.

And with that hanging over them, is it any wonder companies struggle to find senior security talent?

Sources include: Axios

Tensions are high between Iran and Israel following a missile attack over the weekend. As both sides weigh their next moves, cybersecurity experts are warning a cyberbattle could be looming as part of the conflict.

Israel and Iran have a long history of cyberwarfare, launching destructive computer viruses and hacking attacks against each other over the years. But this weekend’s missile strike from Iranian territory into Israel marks an unprecedented escalation in the overt hostilities between the two nations.

And as both sides now contemplate retaliation, cybersecurity analysts say we should brace for a potential onslaught of high-stakes cyberattacks.

Andrew Borene, a cyber analyst with the security firm Flashpoint says that “The overt hostility and the overt physical aspects of the state-on-state confrontation moved things into a different sphere.”

He says cyberattacks could allow Iran and Israel to strike back at each other without risking mass casualties from further missile launches.

Both countries have highly sophisticated cyber capabilities. Iran has used data-wiping malware against other nations. A decade ago, the U.S. and Israel jointly deployed the Stuxnet computer virus to disrupt Iran’s nuclear program.

The cyberwarfare has already begun spilling over from the latest missile exchange. Hacking groups linked to Iran, Russia and others have recently taken down Israeli emergency services apps and news websites as part of the ongoing conflict with Palestinian militants in Gaza.

Cyber warfare is increasingly used by nation states. Since that time there have been many examples of state sponsored attacks. Recently, after France committed greater support to Ukraine, they were hit by a massive cyber-attack. And now, we risk an all-out cyber war between Iran and Israel.

The problem is that these attacks often spill over to become a much wider threat. The malware that is created escapes into the wild and provides new tools for the armies of hackers who threaten our corporate and civic infrastructure.

While officials claim to have so far seen no major cyberattacks stemming from the weekend’s missile strike, analysts expect that could change quickly as Israel weighs its response and both sides enter uncharted territory in their bitter, long-running dispute.

Sources include: Axios

There’s been a potential reprieve for some VMware customers unhappy with the new licensing policies put in place by the company’s new owner, semiconductor giant Broadcom. The move comes as regulatory scrutiny of the changes intensifies in Europe.

When Broadcom acquired VMware last year in a massive $61 billion deal, it announced plans to shift VMware’s product licensing to a subscription model and bundle the virtualization software into a new enterprise IT platform.

The changes drew an angry backlash from many VMware customers accustomed to perpetual licensing and concerned about higher long-term costs. A number of them demanded Broadcom preserve perpetual licensing options.

Now, Broadcom’s CEO Hock Tan says the company is offering some concessions in response to that customer feedback.  In a blog post, Tan announced that Broadcom will provide free security patching for some supported versions of VMware’s products, even for customers persisting with older perpetual licenses rather than new subscriptions.

Tan also acknowledged Broadcom has granted renewal extensions to many VMware customers to give them more time to adapt to the new model.

The moves come as European antitrust regulators have started questioning Broadcom over its licensing changes following complaints from some tech associations. Analysts believe it could also be an effort by Broadcom to stem a potential mass customer exodus from VMware’s products.

The research firm Gartner recently predicted that VMware’s market share in hyperconverged infrastructure – which combines storage, computing and networking – is poised to plummet from 70% currently down to just 40% by 2029 as customers look to revirtualize and switch vendors.

As the tech world’s latest mega-merger continues shaking out, this could mark the first significant compromise by Broadcom in its controversial effort to overhaul the VMware business.

Sources include: The Register

And that’s our show for today.  Love to hear your opinions as always. You can reach me at therealjimlove@gmail.com or our new editorial address – editorial@technewsday.ca

Our show notes are now also posted at TechNewsDay.ca or .com take your pick – along with other stories. Check it out.

I’m your host Jim Love, have a Wonderful Wednesday..

The post Broadcom backs down on VMWare pricing: Hashtag Trending for Wednesday, April 17, 2024 first appeared on IT World Canada.

Solar power is the largest source of new US electricity generation for the sixth month in a row, Microsoft is hiking prices on Dynamics 365 business apps by up to 16.7%, VMware’s Desktop Virtualization products rebranded as “Omnissa”, Tesla is laying off over 10% of global workforce amid delivery slump and the U.S. government gets some scathing criticism over Microsoft’s cybersecurity failures

All this and more on the “price might not be right” edition of Hashtag Trending. I’m your host, Jim Love. Let’s get into it.

New data shows solar power is rapidly expanding its share of electricity generation capacity across the United States.

According to the latest figures from the Federal Energy Regulatory Commission or FERC, solar was the number one source of new utility-scale electrical generating capacity in the U.S. for the sixth straight month in February.

Solar accounted for over 83% of the new capacity added that month, with 29 new solar units totaling over 1,000 megawatts coming online. Wind took second place, making up 16% of the new additions.

For the first two months of 2024, solar represented almost 80% of all new generating capacity installed, with wind at over 20%. Natural gas lagged far behind at just 1%.

The new solar projects have increased solar’s share of total installed U.S. utility-scale generating capacity to 8.2% – surpassing hydropower for the first time and moving into fourth place behind natural gas, coal and wind.

Ken Bossong, Executive Director of the SUN DAY Campaign, says solar is clearly on a major growth trajectory that is exceeding official forecasts.

“Without question, solar is on a roll as it surpasses FERC’s expectations and leads all other energy sources in providing new generating capacity.”

According to FERC projections, if just their “high probability” projects proceed as planned, utility-scale solar capacity could triple by 2027 and surpass both coal and wind to become the second largest source after natural gas.

When factoring in distributed solar like rooftop installations, total solar capacity may reach close to 20% within three years.

Renewables as a whole, including wind, solar, hydropower, biomass and geothermal, could see their combined share rise from the current 29% to over 35% – rapidly closing in on natural gas.

Canada’s solar industry has also seen growth, although perhaps not a these levels, but for 2021, the latest numbers we could find solar power increased by 13.6%.

If there are any experts out there on how Canada is really comparing, we’d love to hear from you.

Sources include: Renewables Now

A major cybersecurity incident was narrowly avoided at LastPass, one of the world’s leading password management companies.

LastPass revealed this week that threat actors recently targeted one of its employees in a sophisticated voice phishing or “vishing” attack using deepfake audio technology to impersonate the company’s CEO

The employee received a series of calls, texts and at least one voicemail featuring an AI-generated audio replica of the CEO’s voice attempting to initiate an urgent request. However, the attack failed because the employee recognized hallmarks of a social engineering scam, such as the unusual communication channel of WhatsApp, and reported it.

Mike Kosak, a LastPass intelligence analyst, said quote: “Due to the employee’s suspicion…our employee rightly ignored the messages and reported the incident so we could mitigate the threat.”

While deepfake audio is still an emerging threat, experts warn these types of AI-enabled impersonation attacks are on the rise. A recent global study found 25% of people have encountered an AI voice scam or know someone who has.

The U.S. government issued alerts last week warning healthcare organizations about cybercriminals using deepfake voice cloning to target IT help desks. The FBI and Europol have also cautioned that deepfakes may become a common tool for fraud, evidence tampering and other cybercrimes.

LastPass says it shared details of this incident to raise awareness, as the attacker likely used publicly available videos of their CEO to train the deepfake model. The company was previously targeted in data breaches last year.

Security experts advise organizations to have robust verification protocols, require supervisor approval for sensitive requests, and provide training to help staff detect deepfake social engineering attempts.

Sources include: Bleeping Computer

VMware’s suite of end-user computing products for desktop and application virtualization is getting a new brand identity – “Omnissa” – following their recent $4 billion sale to private equity firm KKR.

The products, which allow delivery of remote desktop experiences to PCs, tablets and mobile devices, were divested by VMware’s new owner Broadcom, which deemed them non-essential after acquiring the virtualization giant.

Signs point to KKR pushing ahead with rebranding the former VMware offerings as “Omnissa”, with official documentation and online resources for users already referencing the new name.

The rebrand comes as the remaining VMware product lines brace for a major system migration initiated by Broadcom that will temporarily pause support, training and purchasing services over the first weekend of May.

According to VMware, numerous customer-facing tools and portals will go offline starting April 30th as the company transitions from SAP to Broadcom’s Oracle software environment – a migration window extending until May 5th.

The tight turnaround for the backend system overhaul coincides with Broadcom’s fiscal quarter close, putting added pressure on teams to complete the complex data migration without disrupting any sales or revenue activities.

It also represents one of the first major tests for Broadcom in delivering on its promised support model bundling VMware’s virtualization products with services.

Any missteps during the transition could prompt backlash from VMware customers already facing rising costs under Broadcom’s revised contractual terms.

As Omnissa emerges as KKR’s newly-acquired brand for end-user computing, the fate of its former VMware siblings rests on Broadcom’s ability to execute a challenging system integration without sacrificing the seamless support experience it’s pledged for its VMware portfolio.

Sources include: The Register

In a major round of job cuts, Tesla is reducing its global workforce by more than 10% according to an internal memo from CEO Elon Musk.

The electric carmaker, which employs over 140,000 people worldwide, is eliminating thousands of roles just weeks after disappointing delivery numbers raised concerns about slowing demand.

In the memo, Musk wrote the painful but necessary move will allow Tesla to become “lean” and hungry again for its next growth cycle.

It comes after Tesla’s first quarter deliveries fell 20% from the prior quarter and over 8% year-over-year – the company’s first annual sales decline since 2020.

Tesla blamed the slump on production challenges with its updated Model 3, as well as supply chain disruptions from the conflict in the Red Sea region and an arson attack at its Berlin factory.

The staff reductions follow months of rumors about impending layoffs, with reports Tesla had instructed managers to identify the most critical roles and delayed some employee performance reviews earlier this year.

It’s not the first time Musk has dramatically cut headcount at Tesla to reduce costs during leaner periods. The company conducted multiple previous rounds of layoffs, including cutting staff working on its self-driving software last year.

The latest cuts also mirror Musk’s move to slash around half of Twitter’s workforce after acquiring the social media platform in 2022.

As Tesla faces intensifying competition and tries to ramp up production of new models like the Cybertruck, and that Cybertruck has had some very bad early reviews, the company is turning to headcount reductions despite Musk previously warning 2024 could see a sales slowdown.

With concerns mounting over cooling demand for its electric vehicles, investors will be watching closely whether the staff purge helps reset Tesla’s cost base ahead of its next targeted wave of growth.

Sources include: Business Insider

VMware’s suite of end-user desktop and application virtualization products is getting rebranded as “Omnissa” following their $4 billion divestiture to private equity firm KKR.

The move comes as the remaining VMware portfolio braces for a major transition shifting customer services from SAP to new owner Broadcom’s Oracle software environment in early May – a migration window that will temporarily pause support, training and purchase capabilities for several days.

As Omnissa emerges under new ownership and VMware products integrate deeper into Broadcom’s operations, customers impacted by both the pricing changes and platform shifts will be watching closely for any disruptions that could hinder the seamless user experience both tech giants have committed to providing.

Sources include: The Register

Microsoft has announced significant price increases coming this fall for its Dynamics 365 suite of cloud-based business applications.

In an update last week, the tech giant said it will raise prices across its Dynamics product line by between 9.26% and 16.67%, representing the first hike in five years.

The highest increase of nearly 17% will apply to the Finance, Supply Chain Management, and Commerce editions of Dynamics 365.

Other products like Sales, Customer Service, Field Service and core operations licenses face bumps of around 10% when the new pricing takes effect October 1st.

Microsoft’s corporate vice president Bryan Goode justified the increases by citing ongoing upgrades like AI-powered customer insights, data analytics capabilities and process automation added to Dynamics annually.

However, the software maker did not explain the varying degrees of price inflation across its different Dynamics product SKUs.

For U.S. government customers, the price hikes will be staggered over two phases in compliance with regulations, with a 10% jump first in October followed by another increase in 2025.

The increases follow similar moves by rival Salesforce last year and come as Microsoft prepares a new wave of AI-driven feature updates across Dynamics 365 powered by technologies like its Copilot assistant.

While inflation has been a factor over the past five years, the extent of these latest price increases from Microsoft may prompt some reassessment from Dynamics customers on the overall value proposition, especially for products facing the highest percentage bumps.

Sources include: The Register

Here’s another Microsoft story where I want to walk lightly, because it’s easy to bash on large companies, but it is a story that raises some critical questions.

A recent article in Wired reports that security experts and critics are accusing the U.S. government of giving Microsoft a free pass, despite the tech giant’s long track record of major cybersecurity lapses that have exposed sensitive government systems to hacking threats.

The story quotes a new report from the federal Cyber Safety Review Board slams Microsoft’s “inadequate security culture” after a 2022 incident allowed Chinese state hackers to breach the company’s systems and access government email communications.

It’s just the latest in a string of high-profile breaches impacting Microsoft customers over several years, including Russian hackers stealing source code and corporate secrets earlier this year.

Though heavily critical of Microsoft, the report is unlikely to spur any meaningful accountability from the U.S. government, which relies overwhelmingly on Microsoft products to power its operations.

Microsoft has become effectively “untouchable” according to experts, due to the government’s deep dependence on its software, its critical role supporting federal cybersecurity efforts, and its sophisticated strategy of positioning itself as a defender of digital safety.

This has allowed Microsoft to sidestep any consequences even as lawmakers fume over its security failures and practices like charging extra for basic threat monitoring that experts say should be included.

Administration officials have refused to criticize Microsoft openly, with some experts accusing the government of lacking the leverage to compel real changes at a company that represents a potential single point of failure for essential services.

Others argue the White House’s own national cybersecurity strategy calls for shifting more security burden to major tech firms like Microsoft that have the resources to invest heavily in defensive measures.

But so far, the U.S. government has demonstrated an inability or unwillingness to stand up to one of the world’s largest tech companies and enforce accountability, despite the risks Microsoft’s vulnerabilities pose to America’s digital infrastructure.

So, here’s my question.  We did a story on “cloud lock-in” recently where the UK government was concerned that without a meaningful alternative, even a government was effectively “locked in.”  With Microsoft’s dominance in so many areas from productivity suites to cloud and now security and even AI, how is the “competitive market” – or how is anybody – supposed to keep it in check?

Sources include: Wired

And that’s our show for today.  Love to hear your opinions as always. You can reach me at therealjimlove@gmail.com or our new editorial address – editorial@technewsday.ca

Our show notes are now also posted at TechNewsDay.ca or .com take your pick – along with other stories. Check it out.

I’m your host Jim Love, have a Terrific Tuesday.

The post US government faces criticism over Microsoft security failures: Hashtag Trending, Tuesday April 16, 2024 first appeared on IT World Canada.

Solar power is the largest source of new US electricity generation for the sixth month in a row, Microsoft is Hiking Prices on Dynamics 365 Business Apps By Up to 16.7%, VMware’s Desktop Virtualization Products Rebranded as “Omnissa”, Tesla is Laying Off Over 10% of Global Workforce Amid Delivery Slump and the U.S. Government gets some scathing criticism over Microsoft’s Cybersecurity Failures

All this and more on the “price might not be right” edition of Hashtag Trending. I’m your host, Jim Love. Let’s get into it.

New data shows solar power is rapidly expanding its share of electricity generation capacity across the United States.

According to the latest figures from the Federal Energy Regulatory Commission or FERC, solar was the number one source of new utility-scale electrical generating capacity in the U.S. for the sixth straight month in February.

Solar accounted for over 83% of the new capacity added that month, with 29 new solar units totaling over 1,000 megawatts coming online. Wind took second place, making up 16% of the new additions.

For the first two months of 2024, solar represented almost 80% of all new generating capacity installed, with wind at over 20%. Natural gas lagged far behind at just 1%.

The new solar projects have increased solar’s share of total installed U.S. utility-scale generating capacity to 8.2% – surpassing hydropower for the first time and moving into fourth place behind natural gas, coal and wind.

Ken Bossong, Executive Director of the SUN DAY Campaign, says solar is clearly on a major growth trajectory that is exceeding official forecasts.

“Without question, solar is on a roll as it surpasses FERC’s expectations and leads all other energy sources in providing new generating capacity.”

According to FERC projections, if just their “high probability” projects proceed as planned, utility-scale solar capacity could triple by 2027 and surpass both coal and wind to become the second largest source after natural gas.

When factoring in distributed solar like rooftop installations, total solar capacity may reach close to 20% within three years.

Renewables as a whole, including wind, solar, hydropower, biomass and geothermal, could see their combined share rise from the current 29% to over 35% – rapidly closing in on natural gas.

Canada’s solar industry has also seen growth, although perhaps not a these levels, but for 2021, the latest numbers we could find solar power increased by 13.6%.

If there are any experts out there on how Canada is really comparing, we’d love to hear from you.

Sources include: Renewables Now

A major cybersecurity incident was narrowly avoided at LastPass, one of the world’s leading password management companies.

LastPass revealed this week that threat actors recently targeted one of its employees in a sophisticated voice phishing or “vishing” attack using deepfake audio technology to impersonate the company’s CEO

The employee received a series of calls, texts and at least one voicemail featuring an AI-generated audio replica of the CEO’s voice attempting to initiate an urgent request. However, the attack failed because the employee recognized hallmarks of a social engineering scam, such as the unusual communication channel of WhatsApp, and reported it.

Mike Kosak, a LastPass intelligence analyst, said quote: “Due to the employee’s suspicion…our employee rightly ignored the messages and reported the incident so we could mitigate the threat.”

While deepfake audio is still an emerging threat, experts warn these types of AI-enabled impersonation attacks are on the rise. A recent global study found 25% of people have encountered an AI voice scam or know someone who has.

The U.S. government issued alerts last week warning healthcare organizations about cybercriminals using deepfake voice cloning to target IT help desks. The FBI and Europol have also cautioned that deepfakes may become a common tool for fraud, evidence tampering and other cybercrimes.

LastPass says it shared details of this incident to raise awareness, as the attacker likely used publicly available videos of their CEO to train the deepfake model. The company was previously targeted in data breaches last year.

Security experts advise organizations to have robust verification protocols, require supervisor approval for sensitive requests, and provide training to help staff detect deepfake social engineering attempts.

Sources include: Bleeping Computer

VMware’s suite of end-user computing products for desktop and application virtualization is getting a new brand identity – “Omnissa” – following their recent $4 billion sale to private equity firm KKR.

The products, which allow delivery of remote desktop experiences to PCs, tablets and mobile devices, were divested by VMware’s new owner Broadcom, which deemed them non-essential after acquiring the virtualization giant.

Signs point to KKR pushing ahead with rebranding the former VMware offerings as “Omnissa”, with official documentation and online resources for users already referencing the new name.

The rebrand comes as the remaining VMware product lines brace for a major system migration initiated by Broadcom that will temporarily pause support, training and purchasing services over the first weekend of May.

According to VMware, numerous customer-facing tools and portals will go offline starting April 30th as the company transitions from SAP to Broadcom’s Oracle software environment – a migration window extending until May 5th.

The tight turnaround for the backend system overhaul coincides with Broadcom’s fiscal quarter close, putting added pressure on teams to complete the complex data migration without disrupting any sales or revenue activities.

It also represents one of the first major tests for Broadcom in delivering on its promised support model bundling VMware’s virtualization products with services.

Any missteps during the transition could prompt backlash from VMware customers already facing rising costs under Broadcom’s revised contractual terms.

As Omnissa emerges as KKR’s newly-acquired brand for end-user computing, the fate of its former VMware siblings rests on Broadcom’s ability to execute a challenging system integration without sacrificing the seamless support experience it’s pledged for its VMware portfolio.

Sources include: The Register

In a major round of job cuts, Tesla is reducing its global workforce by more than 10% according to an internal memo from CEO Elon Musk.

The electric carmaker, which employs over 140,000 people worldwide, is eliminating thousands of roles just weeks after disappointing delivery numbers raised concerns about slowing demand.

In the memo, Musk wrote the painful but necessary move will allow Tesla to become “lean” and hungry again for its next growth cycle.

It comes after Tesla’s first quarter deliveries fell 20% from the prior quarter and over 8% year-over-year – the company’s first annual sales decline since 2020.

Tesla blamed the slump on production challenges with its updated Model 3, as well as supply chain disruptions from the conflict in the Red Sea region and an arson attack at its Berlin factory.

The staff reductions follow months of rumors about impending layoffs, with reports Tesla had instructed managers to identify the most critical roles and delayed some employee performance reviews earlier this year.

It’s not the first time Musk has dramatically cut headcount at Tesla to reduce costs during leaner periods. The company conducted multiple previous rounds of layoffs, including cutting staff working on its self-driving software last year.

The latest cuts also mirror Musk’s move to slash around half of Twitter’s workforce after acquiring the social media platform in 2022.

As Tesla faces intensifying competition and tries to ramp up production of new models like the Cybertruck, and that Cybertruck has had some very bad early reviews, the company is turning to headcount reductions despite Musk previously warning 2024 could see a sales slowdown.

With concerns mounting over cooling demand for its electric vehicles, investors will be watching closely whether the staff purge helps reset Tesla’s cost base ahead of its next targeted wave of growth.

Sources include: Business Insider

VMware’s suite of end-user desktop and application virtualization products is getting rebranded as “Omnissa” following their $4 billion divestiture to private equity firm KKR.

The move comes as the remaining VMware portfolio braces for a major transition shifting customer services from SAP to new owner Broadcom’s Oracle software environment in early May – a migration window that will temporarily pause support, training and purchase capabilities for several days.

As Omnissa emerges under new ownership and VMware products integrate deeper into Broadcom’s operations, customers impacted by both the pricing changes and platform shifts will be watching closely for any disruptions that could hinder the seamless user experience both tech giants have committed to providing.

Sources include: The Register

Microsoft has announced significant price increases coming this fall for its Dynamics 365 suite of cloud-based business applications.

In an update last week, the tech giant said it will raise prices across its Dynamics product line by between 9.26% and 16.67%, representing the first hike in five years.

The highest increase of nearly 17% will apply to the Finance, Supply Chain Management, and Commerce editions of Dynamics 365.

Other products like Sales, Customer Service, Field Service and core operations licenses face bumps of around 10% when the new pricing takes effect October 1st.

Microsoft’s corporate vice president Bryan Goode justified the increases by citing ongoing upgrades like AI-powered customer insights, data analytics capabilities and process automation added to Dynamics annually.

However, the software maker did not explain the varying degrees of price inflation across its different Dynamics product SKUs.

For U.S. government customers, the price hikes will be staggered over two phases in compliance with regulations, with a 10% jump first in October followed by another increase in 2025.

The increases follow similar moves by rival Salesforce last year and come as Microsoft prepares a new wave of AI-driven feature updates across Dynamics 365 powered by technologies like its Copilot assistant.

While inflation has been a factor over the past five years, the extent of these latest price increases from Microsoft may prompt some reassessment from Dynamics customers on the overall value proposition, especially for products facing the highest percentage bumps.

Sources include: The Register

Here’s another Microsoft story where I want to walk lightly, because it’s easy to bash on large companies, but it is a story that raises some critical questions.

A recent article in Wired reports that security experts and critics are accusing the U.S. government of giving Microsoft a free pass, despite the tech giant’s long track record of major cybersecurity lapses that have exposed sensitive government systems to hacking threats.

The story quotes a new report from the federal Cyber Safety Review Board slams Microsoft’s “inadequate security culture” after a 2022 incident allowed Chinese state hackers to breach the company’s systems and access government email communications.

It’s just the latest in a string of high-profile breaches impacting Microsoft customers over several years, including Russian hackers stealing source code and corporate secrets earlier this year.

Though heavily critical of Microsoft, the report is unlikely to spur any meaningful accountability from the U.S. government, which relies overwhelmingly on Microsoft products to power its operations.

Microsoft has become effectively “untouchable” according to experts, due to the government’s deep dependence on its software, its critical role supporting federal cybersecurity efforts, and its sophisticated strategy of positioning itself as a defender of digital safety.

This has allowed Microsoft to sidestep any consequences even as lawmakers fume over its security failures and practices like charging extra for basic threat monitoring that experts say should be included.

Administration officials have refused to criticize Microsoft openly, with some experts accusing the government of lacking the leverage to compel real changes at a company that represents a potential single point of failure for essential services.

Others argue the White House’s own national cybersecurity strategy calls for shifting more security burden to major tech firms like Microsoft that have the resources to invest heavily in defensive measures.

But so far, the U.S. government has demonstrated an inability or unwillingness to stand up to one of the world’s largest tech companies and enforce accountability, despite the risks Microsoft’s vulnerabilities pose to America’s digital infrastructure.

So, here’s my question.  We did a story on “cloud lock-in” recently where the UK government was concerned that without a meaningful alternative, even a government was effectively “locked in.”  With Microsoft’s dominance in so many areas from productivity suites to cloud and now security and even AI, how is the “competitive market” – or how is anybody – supposed to keep it in check?

Sources include: Wired

And that’s our show for today.  Love to hear your opinions as always. You can reach me at therealjimlove@gmail.com or our new editorial address – editorial@technewsday.ca

Our show notes are now also posted at TechNewsDay.ca or .com take your pick – along with other stories. Check it out.

I’m your host Jim Love, have a Terrific Tuesday.

The post US government faces criticism over handline Microsoft cybersecurity failures: Hashtag Trending for Tuesday April 16, 2024 first appeared on IT World Canada.

Act fast to a plug hole in Palo Alto Networks firewall, Canadian comedy festival loses over $800K in email scam, and more.

Welcome to Cyber Security Today. It’s Monday, April 15th, 2024. I’m cybersecurity reporter Howard Solomon.

A critical vulnerability in the GlobalProtect feature of Palo Alto Networks’ PAN-OS operating system has been exploited at several organizations at least as far back as March 26th. That’s the finding by researchers at Volexity who discovered the hole. A threat actor has in some cases deployed a custom backdoor written in the Python language by using the vulnerability. Then the attacker stole credentials and other files. Palo Alto Networks was expected to have delivered a patch yesterday. Volexity says the skill and speed used in the attacks suggest a highly capable threat actor with a clear playbook of what to access,. Network administrators using GlobalProtect firewalls should either install the patch or recommended mitigations. The vulnerability has a CVSS score of 10.

UPDATE: This issue is fixed in hotfix releases of PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and in all later PAN-OS versions. Hotfixes for other commonly deployed maintenance releases will also be made available this week.

The organization that produces Montreal’s Just For Laughs comedy shows was stung last year for just over $813,000 after falling for a business email compromise scam. The Quebec news service La Press discovered court documents showing the financial controller fell for emails pretending to be from a company shareholder instructing a switch of the bank account where management payments should go. The scammer was convincing because they created an email account with an extra ‘s’ at the end of the sender’s domain that came close to the spelling of a real email account. Unfortunately there are no protections in the global internet registry system to stop domains from being created with almost identical names to real companies. It’s imperative financial department employees confirm in independent ways any changes in payment procedures requested by email, voice mail or video calls. Staff shouldn’t use email messages or phone numbers in the email from the sender asking for the change to get confirmation.

A former senior IT security employee has been sentenced to three years in prison by an American judge for hacking into smart contracts of cryptocurrency exchanges two years ago. The man stole over US$12 million in digital coin. Shakeeb Ahmed received the sentence Friday after pleading guilty to computer fraud. According to the news site HackingButLegal, Ahmed worked for Amazon.

A threat actor has posted data stolen from a partner of Canadian retailer Giant Tiger. The BleepingComputer news service said the database was posted on a hacker forum with information allegedly on 2.8 million customers. It’s available to any hacker forum member for the price of eight credits. Members get credits for doing something as simple as commenting on a post or contributing a new post.

Are you worried about the recently discovered compromise of the maintainer of a critical Linux package? That’s the scheme where a threat actor took three years to gain the confidence of those helping to oversee the package before switching it for a malicious version. Well, the U.S. Cybersecurity and Infrastructure Security Agency issued a reminder that it has been working on improving open-source security for a while. It backs the Secure by Design initiative with steps for developers on building safe applications using open-source components.

The city of Toronto has budgeted $1 million to cover the costs of last October’s ransomware attack on the Toronto Public Library system. Reporter John Lorinc says the number includes almost $770,000 for cybersecurity experts and related IT system remediation and restoration costs. It also includes $160,000 in legal costs and $74,000 for credit monitoring services for employees who had their data stolen. All of the library system’s 500 computers had to be wiped and rebuilt. Meanwhile the city also has to deal with a January ransomware attack on the Toronto Zoo. In that attack data of current and former employees was stolen.

Speaklng of ransomware, one of the ways of crushing ransomware gangs is to take the money out of their attacks. The problem is forbidding — or even begging — unprepared organizations not to pay a ransom isn’t working. So last week the Ransomware Task Force, a group of public and private sector experts, released a plan to reduce the need to ban ransomware payments. It will take several years, the Task Force admits. But only after all the steps in its plan have been met should governments think about prohibiting ransomware payments. Briefly, the plan says ‘Don’t institute a payment ban until organizations have cybersecurity maturity.’ Here are some of the recommended steps:

–Develop a ransomware framework to provide a national standard for ransomware preparation. The framework would be adapted for organizations of different sizes, maturity and risk profiles;

–provide financial incentives for organizations to comply with the framework;

–mandate limited baseline security measures for critical infrastructure providers including utilities, banks and hospitals;

–form an international law enforcement partnership to target ransomware gangs;

–require cryptocurrency exchanges and over-the-counter trading desks to comply with existing financial transaction tracking controls;

–create a ransomware response fund to help victim organizations recover from attacks;

–work with cyber insurers;

–and end the tax deductibility of ransomware payments.

The Task Force believes things like this could take two years to implement. Only then should governments think about banning ransomware payments.

Meanwhile, nothing stops your organization from toughening its cybersecurity defences.

Follow Cyber Security Today on Apple Podcasts, Spotify or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, April 15, 2024 – Act fast to a plug hole in Palo Alto Networks firewall, Canadian comedy festival loses over $800K in email scam, and more first appeared on IT World Canada.

Early Saturday morning listeners may have missed my weekend interview segment with Senator Colin Deacon. If you did, it was totally my fault. A typo in my posting instructions meant we didn’t get it online til late Saturday morning. But if you didn’t get a chance to listen, it’s still there, and it’s really worthwhile.

Google Enhances Browser Security with AI and announces a New Paid ‘Premium’ Version, Google users report account lock outs that beat their two-factor authentication. Google Blocks California News Access Amid Fight Over a Journalism Payment Bill and Gen Z Ditching Google for TikTok and YouTube Searches**

All this and more on the “too much Google” edition of Hashtag Trending. I’m your host, Jim Love. Let’s get into it.

Before we start, I have to say, I didn’t set out to write an all Google edition, maybe it’s because of Google’s major event last week, but when I evaluated the tech stories over the weekend, these hit the top of the pile.

Google is rolling out major new security enhancements for its hugely popular Chrome web browser used by billions worldwide.

At its Cloud Next conference last week, the tech giant revealed it has developed custom artificial intelligence language models specifically trained to detect and block spam, phishing and other malicious content targeting Gmail users.

Deployed late last year, Google says these AI defenses are already yielding big results – catching 20% more spam in Gmail, reviewing 1,000% more reported spam each day, and responding 90% faster to new phishing threats in Google Drive.

The company says the AI models are uniquely adept at identifying semantically similar malicious content at a massive scale across over 3 billion Google Workspace users.

While highly effective so far, Google admits it is “very focused” on innovating further to tackle the remaining 0.1% of spam and malware that slips through its advanced filters.

In a separate move, Google is introducing a new premium version of its Chrome web browser specifically geared towards enterprise user

Called Chrome Enterprise Premium, the paid tier adds enhanced data loss prevention controls as well as deep malware scanning missing from the existing free Chrome browser.

While the core free version will continue receiving general malware and anti-phishing protections, the premium edition aims to provide businesses with an extra level of security and administrative features.

This new AI-powered data protection will cost $10 per user per month on top of existing Workspace subscriptions.

The launch comes as Google also explores giving all Chrome users more control over limiting website permissions like access to keyboard, mouse and other device inputs.

Sources include:  Android Police and Forbes

The need was never greater – another story in Forbes this week reported that a number of users were reporting that their two factor authentication had been by-passed giving away access to the their Google accounts.

How do they do this? Apparently they don’t hack the two factor authentication process itself, but the employ something called “session cookie hijacking”

The technique typically starts with a phishing email delivering malware designed to capture the authentication cookies that allow users to seamlessly resume active sessions on sites like Gmail.

If attackers manage to steal these session cookies after a user has logged in, they can then replay the cookies to impersonate the legitimate user – tricking the service into letting them bypass any further 2FA prompts.

As far as Google’s systems are concerned, the attacker has already successfully authenticated using the hijacked cookie data.

Once they gain access to the account, the hackers can lock the real owner out of the account.

These attacks are reported to start with phishing lures, most notably crypto get rich schemes. But the attacks can also potentially leverage vulnerabilities that expose session cookies or allow session hijacking on unpatched systems.

Security experts warn session hijacking remains a critical risk capable of undermining popular multi-factor authentication protections relied on by billions.

Remedies include more widespread use of hardware 2FA security keys, as well as shorter lifespans for session cookies to reduce hijacking windows.

Major providers are also working on other mitigations, but users remain advised to stay vigilant against phishing and keep software patched to prevent falling victim to these attacks subverting account two factor authentication.

Sources include: Forbes

And can you stand one more Google story?

In a battle that will seem eerily familiar to our Canadian listeners, Google is now wrangling with. California lawmakers. Google has started restricting access to news articles from the state for some users in a hardball tactic against a proposed law that would force tech companies to pay publishers for content.

The move comes as the California Journalism Preservation Act, which cleared the state assembly last year, is being revived. The bill would require digital giants like Google and Meta to compensate news outlets when their articles and links get displayed on the tech platforms.

In a blog post, Google executive Jafar Zaidi said the legislation represented an “unworkable” tax on linking to news sources that has already prompted “significant changes” to services it can offer Californians.

Zaidi wrote that the company has temporarily blocked news from appearing in search results for an unspecified “small percentage” of California users in anticipation of the bill potentially passing.

Google claims the proposal is the “wrong approach” to bolstering the struggling U.S. news industry, which has suffered waves of layoffs and newspaper closures amid skyrocketing digital ad revenues for big tech.

Bill supporters argue it would provide a crucial lifeline to California’s publishers, with over 100 outlets shuttering in the state over the past decade as advertising income plummeted.

The legislation aims to direct a slice of the billions in digital ad revenues captured by technology giants like Google and Meta toward compensating journalists and publishers for reusing their content.

With over 70% of digital ad dollars now going to just those two companies, advocates say they have a responsibility to support the news industry they have disrupted and profited from.

Critics, however, argue such link taxes represent an unworkable model that undermines principles of the open internet.

The aggressive move by Google mirrors past tactics deployed when facing similar pay-for-journalism rules in Canada and Australia. After initial threats to block news, the company ultimately struck deals with publishers.

As California’s bill regains momentum, the fight over compensating news outlets appears headed towards an increasingly acrimonious showdown between lawmakers and the tech giants dominating digital advertising markets.

And although Google ultimately reached a deal of sorts with Canada, Meta continues to block Canadian news stories on its platform. This story may continue for some time to come.

Sources include: Axios

It turns out while Google was top of the news last week, the giant may want to watch where it’s search engine dominance is going. There is no doubt that Chrome is the dominant browser by a country kilometre – okay, a country mile still sounds better.

But it has some threats to its dominance. We did some stories last week to show that when given a real choice, people in Europe were opting for other browsers.

And although Google is trying experiments in the UK to add AI to its search, the early reviews on that are not spectacular with reports that junk content is more likely to hit the top of search.

For others, using AI search like Perplexity.ai is proving to be far more reliable and informative than Google. But now, a generational divide is evolving.

For Gen Z, it turns out even Canadians call the GenZ, Google is no longer the default starting point when searching for information online. Instead, many young people are turning to social media platforms like TikTok and YouTube as their go-to search engines.

New data from youth research firm YPulse reveals a stark generational divide emerging. While 58% of millennials aged 25 to 39 still begin their internet queries on Google, that falls to just 46% among those aged 18 to 24.

For Gen Z, 21% are initiating searches directly on TikTok, with another 5% heading straight to YouTube – a clear break from the Google-centric behavior of older demographics.

The shift highlights how social media has evolved from just connecting with friends into a vast “information superhighway” for the first truly digital native generation.

Gen Z users cite a preference for the more relatable, authentic results surfaced through human-curated videos and posts compared to Google’s algorithms heavily featuring sponsored content.

There’s also an innate comfort and affinity with social platforms fostered by younger users having no memory of Google’s earlier era of search dominance.

The trend represents a growing headache for Google and its parent Alphabet, which derives the bulk of its nearly $2 trillion valuation from digital advertising tied to search traffic.

In response, Google has rolled out new features aimed at Gen Z, including AI tools to generate more personalized search feeds and better highlight social media conversations.

However, many remain dissatisfied with the quality of Google results plagued by excessive ads and search engine optimization tactics.

As Gen Z increasingly eschews traditional search engines, established tech giants will be forced to adapt to changing behaviors ushering in a generational shift in how information is discovered and consumed online.

Picture this – sometime in the future, somebody born in 1990 will be my age, they’ll mention some 90’s rock group, get a blank stare and say “TikTok” it.

Hey, there’s no longer a Kleenex tissue. There could be a world where search is not Google.

And that’s our show for today…

And tomorrow, I promise, unless the sky falls in with a monumental story, we’ll be Google free.

I’m your host Jim Love, have a Marvelous Monday.

The post Google users say two-factor authentication didn’t protect them. Hashtag Trending for Monday, April 15th first appeared on IT World Canada.