Posted in Commentary with tags NetRise on September 6, 2023 by itnerd
NetRise, the company providing granular visibility into the world’s Extended Internet of Things (XIoT) security problem — encompassing the modern firmware and software component security challenges of IT, OT, IoT, and other connected cyber-physical systems — today announced the company has been accepted for the Approved Product List (APL) through the Continuous Diagnostics and Mitigation (CDM) Program, where the Department of Homeland Security (DHS) seeks to strengthen federal agencies’ ability to secure their networks against the ever-increasing threat of cyberattacks.
The Cybersecurity and Infrastructure Security Agency’s (CISA) CDM Program dynamically fortifies the cybersecurity of civilian government networks and systems with real-time risk monitoring and defense. The CDM program provides cybersecurity tools, integration services, and dashboards to participating federal agencies to support them in improving their respective security posture.
Unlike legacy solutions, the NetRise automated platform offers crucial visibility into the ‘black boxes’ of XIoT devices. NetRise’s next-generation firmware and IoT security platform protects organizations from firmware-based attacks and threats by enabling users to continuously identify and monitor risks in the software components of devices. NetRise supports the federal government’s effort to secure the vast number of XIoT devices that serve the public sector and citizens nationwide. NetRise’s novel approach to addressing firmware vulnerabilities and software asset management within IT infrastructure bolsters the risk management of environments, providing valuable and unique benefits which will greatly aid in efforts to avert incursions impacting national security.
The NetRise platform is well positioned and aligns with the CDM program’s goals by providing next-generation firmware analysis, identifying risks in device firmware and software components. NetRise provides firmware visibility, vulnerability management, and insights into the underlying “ingredients” of firmware devices, identifying the latent risks and vulnerabilities within IoT, ICS, connected vehicles, medical devices, satellites, and telecom devices.
CDM-approved key features and capabilities of the NetRise platform include:
SBOM Management (Software Bill of Materials): Generate, ingest, and enrich SBOMs for comprehensive visibility into the software components of each device.
Risk and Vulnerability Management: Understanding what is on the network, the integrity of systems and information, and assessing and prioritizing risk based on potential impact and exploitability.
Compliance Adherence: Determine if third-party code is introducing legal and compliance issues.
Real-Time Risk Tracking: Attain continuously updated tracking of device risk beyond CVEs with CISA KEV catalog support.
Product Build Assurance: Understanding the risk level of device builds and the cybersecurity impact of potential updates or changes.
To learn more about how the NetRise platform supports government agencies with visibility into devices’ underlying risks, please visit https://www.netrise.io/platform.
Posted in Commentary with tags Bell on September 6, 2023 by itnerd
A few years ago, I wrote this article about how Bell had the upper hand against Rogers, and at the time I said this:
Whatever choice Rogers picks, they have to get it done quickly as Bell is on a full court press to take this advantage that they have from a technical standpoint and turn it into something that makes Rogers an afterthought when it comes to Internet access.
What I meant by that is Bell at the time was rolling out fibre as fast as it could which Rogers couldn’t or wouldn’t match. Those days may be coming to an end based on this Reddit thread where it appears that Bell is either slowing or stopping rollouts of fibre.
Now many have commented in this thread about the reasons behind this, and the one reason that has been getting the most traction online is this. The TL:DR on this is that operating revenue is up but net earnings are down for Bell based on their Q2 results. And some speculate that until that changes, Bell is taking action to slow or stop their fibre rollout to save cash. To add to this, there are claims from people who claim to be contractors that Bell was using to roll out fibre confirming in this thread that this is actually happening. But for me, this is all speculation. What matters to me and what should matter to you is what are the facts behind this? Assuming that this is true of course.
To find out what the true answer is, I reached out to Bell as I have a decent relationship with them at the moment. And the TL:DR of my email exchange goes something like this. While Bell is always looking the pace of their network deployment and rollout plans, they don’t have anything specific to share with me at the moment. But when they do have something to share, it’s typically posted on their social media channels as well as via news releases on BCE.ca.
I’ll be monitoring this story to see if there are any developments in a positive or negative way regarding this. But I for one hope those developments aren’t in the latter category. Bell has really done a great job of bringing fibre to a lot of people over the last few years, which in turn helps them to push the competitive advantage that they have over competing telcos. And it would be a shame if that changes for the worse.
Posted in Commentary with tags Veridas on September 6, 2023 by itnerd
Veridas, the Spanish technology company specializes in digital identity and biometrics, today announced it has been included as a Sample Vendor in the Gartner Hype Cycle for Digital Identity, 2023. This is the second consecutive year that Veridas has been named a sample vendor for Third-Party Biometrics and Identity Verification.
According to the Gartner Hype Cycle for Digital Identity, 2023: “Modern society is increasingly digitized. As digital identity becomes fundamental in everyone’s lives, organizations’ identity and access management challenges multiply. The innovations in this Hype Cycle can help security and risk management leaders solve these challenges.”
In the ever-evolving digital identity landscape, Veridas offers innovative solutions that bridge the gap between the physical and digital worlds. Veridas’ commitment to responsible AI and its dedication to aligning machine decisions with human values are at the core of its mission.
According to the 2023 Gartner Hype Cycle, “Identity verification can be a key enabler of remote employee or customer interactions, where a high level of assurance in the claimed identity is needed for fraud prevention or compliance purposes. These use cases can include onboarding or account creation, account recovery scenarios, or elevated trust during a high-risk activity, such as a large funds transfer. This can be an alternative to using an orthodox, credential-based authentication method for such events.”
Veridas’ remains committed to providing cutting-edge technologies that utilize unique morphological and behavioral traits for identity authentication. These technologies offer a multitude of benefits, including enhanced user experience, improved trust and accountability, and the potential for passwordless authentication.
Veridas is driving innovation and setting new standards for secure and user-friendly authentication methods. Veridas’ dedication to independent evaluation is highlighted by their regular submission of biometric engines for evaluation by the National Institute of Standards and Technology (NIST). This practice ensures that Veridas’ technology undergoes meticulous scrutiny, allowing it to provide clients with the most objective and transparent insights into the performance of the solution.
Veridas believes this dedication to rigorous evaluation sets Veridas apart with a solid reputation as a trusted industry leader. Veridas’ recent achievement as the second-best facial and voice biometric engine globally, as recognized by NIST, stands as a powerful validation of its technological prowess.
Veridas’ commitment to “Redefine Trust” goes beyond words, delivering a revolutionary end-to-end platform that integrates biometric and document verification, trusted data sources, and robust fraud detection.
For companies seeking identity verification, Gartner recommends users “Manage a carefully considered vendor selection process by following the guidance in Buyer’s Guide for Identity Proofing”.
Foresite today announced a new partnership with Horizon3.ai to integrate its NodeZero™ autonomous penetration testing technology with Foresite’s ProVision platform to deliver Managed Cyber Testing with Attacker’s View to Foresite partners and their customers. This new offering will further enable Foresite customers to simplify risk reduction, improve security operations, streamline security compliance, prioritize security tasks, and reduce the complexity of cybersecurity overall.
The ProVision platform provides centralized log collection for correlation and visibility with a trained Security Operation Center team of analysts to monitor, investigate, and respond to threats. This cloud-based solution is vendor-agnostic, does not require an agent on every asset, and allows complete client visibility, rule customization, and a predictable fixed-cost model with no hidden usage fees.
NodeZero allows organizations to continuously find, fix, and verify their exploitable attack surface by chaining together harvested credentials, misconfigurations, dangerous product defaults, and exploitable vulnerabilities to achieve critical impacts like domain compromise and sensitive data exposure. The NodeZero platform empowers organizations to reduce their security risk and continuously improve their security posture.
BlackFog has today released the State of Ransomware for August 2023. Please feel free to use this report in any news stories, articles or other uses where it will best serve. Additionally, please see below for commentary from Dr. Darren Williams, CEO and Founder, BlackFog:
“Traditionally a slower month, August this year broke new records and recorded the 2nd highest number of attacks on record with 59 publicly disclosed and 373 non-disclosed attacks. This represents a ratio of 632% between unreported and reported. As with last month the MOVEit exploit continues to generate victims, now totaling 365.
This month also saw some big moves in both the manufacturing and service sectors, with increases of 36% and 31% respectively. While technology, government and education continue to grow with increases of 26%, 23% and 21% respectively.
From a variant perspective, BlackCat and LockBit remain the two dominant variants, each accounting for 17.4% of victims, with Medusa and Play at 5.9% a piece. LockBit dominated in the number of unreported attacks at 35.4%, followed by CLOP at 14.1%.
Data exfiltration affected more than 90% of victims this month and continues to dominate as the primary mechanism for extorting organizations and individuals. China continues to dominate as the main destination for data exfiltration with 39%, with Russia at 9%.”
Posted in Commentary with tags Google on September 6, 2023 by itnerd
Today Google announced the 12 startups joining the North American Google for Startups Accelerator: Black Founders class of 2023. Among this group is Kingsley Madu, founder and CEO of Hamilton-based startup, Expedier, a Black-led banking platform offering financial solutions to underbanked BIPOC communities.
When emigrating to Canada, Madu was faced with adversity from the onset, challenged with lack of access to financial services, he was unable to apply for a credit card or rent a home. After experiencing these hardships, he began building the first BIPOC community-focused global banking solution to offer support to the millions of immigrants who come to Canada looking for a new life.
This month, Expedier will join 11 other Black-led startups as part of the North American Google for Startups Accelerator: Black Founders class of 2023. The 10-week intensive digital accelerator provides equity-free technical support and mentorship along with access to the best of Google’s people and technology, to help these startups prepare for the next phase of their growth journey. Now in its fourth year, the Google for Startups Accelerator: Black Founders program is part of Google’s commitment to leveling the playing field for underserved founders across North America.
You can read more about Kingsley Madu and his startup Expedier in our Q&A blog here.
Posted in Commentary with tags Scam on September 6, 2023 by itnerd
There’s a new scam that I have to admit I didn’t see coming. This one involves porn site YouPorn and it claims via an email that you have uploaded a video of yourself and you have to pay to get it removed. Here’s the email that you get:
Now there one thing that is different about this scam:
It actually comes from a youporn.com email address to make you think that it is legitimate. But it’s likely been spoofed so it’s not legitimate. The email then claims to allow you to remove the video for free, but when you click on the link it opens up the home page of your browser. Then it offered several paid options to remove said video. Otherwise, the video will go live onto the site in seven days. Clearly this scam email isn’t convincing as when I checked the Bitcoin address that is used for this scam hasn’t received any money. But as I have always said, scams don’t have to be successful in volume to be successful. Thus don’t help these threat actors to be successful.
Posted in Commentary with tags ESG, ISSA on September 6, 2023 by itnerd
New research conducted by Enterprise Strategy Group (ESG) and the Information Systems Security Association (ISSA) reveals the persistent struggles within the cybersecurity workforce, finding that the cybersecurity skills crisis continues unabated in a multi-year freefall that has impacted 71% of organizations and left ⅔ of cybersecurity professionals stating that the job itself has become more difficult over the past two years—while 60% of organizations continue to deflect responsibility.
The report findings include:
· A career in cybersecurity is becoming more difficult in an increasingly challenging environment. Nearly two-thirds (66%) of respondents believe that working as a cybersecurity professional has become more difficult over the past 2 years, with close to a third (27%) stating that it is much more difficult. Internal issues like workload complexity, staffing shortages, and budget deficits combined with external issues like the dangerous threat landscape and regulatory compliance challenges have made this profession progressively more difficult. Most (81%) respondents cite the increase in cybersecurity complexity and workload as the reason their careers are more difficult now. Over half (59%) point to the increase in cyberattacks due to an expanding attack surface and 46% state that their cybersecurity team is understaffed. Almost half (43%) agree that both budget pressures and regulatory compliance complexity have increased and present further challenges. Nearly one-in-ten (8%) of cybersecurity professionals have experienced one or several disruptive security events at their organization that have made their work more difficult.
· A career in cybersecurity is becoming more difficult in an increasingly challenging environment. Nearly two-thirds (66%) of respondents believe that working as a cybersecurity professional has become more difficult over the past 2 years, with close to a third (27%) stating that it is much more difficult. Internal issues like workload complexity, staffing shortages, and budget deficits combined with external issues like the dangerous threat landscape and regulatory compliance challenges have made this profession progressively more difficult. Most (81%) respondents cite the increase in cybersecurity complexity and workload as the reason their careers are more difficult now. Over half (59%) point to the increase in cyberattacks due to an expanding attack surface and 46% state that their cybersecurity team is understaffed. Almost half (43%) agree that both budget pressures and regulatory compliance complexity have increased and present further challenges. Nearly one-in-ten (8%) of cybersecurity professionals have experienced one or several disruptive security events at their organization that have made their work more difficult.
· Most cybersecurity professionals aren’t very satisfied with their career choices.Cybersecurity professionals face daily job stress like an overwhelming workload, working with disinterested business managers, falling behind business initiatives, and keeping up with the security needs of new IT projects. Little wonder then why less than half of security pros are very satisfied with their current jobs, and 50% of security pros claim it is very likely, likely, or somewhat likely they leave their current job this year.
· The global cybersecurity skills shortage continues unabated. Most organizations (71%) report that they’ve been impacted by the cybersecurity skills shortage—a dramatic increase from 57% in the last study, leading to an increased workload for the cybersecurity team (61%), unfilled open job requisitions (49%), and high burnout among staff (43%), according to respondents. Further, nearly all (95%) respondents state the cybersecurity skills shortage and its associated impacts have not improved over the past few years and 54% (up 10% from 2021) say it has only gotten worse. When asked to identify areas where the security skills shortage is most acute, respondents pointed to application security, cloud security, and security analysis and investigations. A majority of respondents (60%) believe that their organization could be doing more to mitigate the cyber skills shortage, with over one-third (36%) stating that they could be doing much more. Respondents say that their organizations could be taking steps like increasing security professional compensation, providing advanced non-monetary incentives, educating HR professionals and recruiters, and increasing their commitment to cybersecurity training as ways to better address the ongoing skills shortage.
· CISOs must lead the charge. When asked to identify the qualities that make CISOs successful, nearly three-quarters (71%) pointed toward leadership or communications skills. CISO effectiveness varies – 31% of respondents claim their CISO is very effective, 40% believe their CISO is effective, and 26% say their CISO is somewhat effective.
Survey respondents were also asked how their organizations could improve their overall cybersecurity programs. The top responses included increasing cybersecurity training for IT and security professionals, striving to improve the organization’s cybersecurity culture, hiring more staff, increasing the cybersecurity budget, and improving basic security hygiene and posture management.
Posted in Commentary with tags Hacked on September 6, 2023 by itnerd
Zaun, a UK manufacturer of fencing systems for the Ministry of Defense, revealed late last week that it was hit by a cyber-attack carried out by LockBit between August 5th and 6th where gigabytes of data related to top secret British military and intelligence sites were exposed. Gigabytes of sensitive data that could help criminals access the HMNB Clyde nuclear submarine base, the Porton Down chemical weapon lab and a GCHQ listening post were posted to the dark web. Labour MP Kevan Jones, stated: “This is potentially very damaging to the security of some of our most sensitive sites.”
The breach occurred through a Windows 7 PC that was running software for one of Zaun’s manufacturing machines. At the time of the attack, Zaun believed its cybersecurity solutions prevented any transfer of data.
“However, we can now confirm that during the attack LockBit managed to download some data, possibly limited to the vulnerable PC but with a risk that some data on the server was accessed. It is believed that this is 10 GB of data, potentially including some historic emails, orders, drawings and project files,” said the statement.
Zaun said it does not believe that any classified documents were stored on the system, but the data released by LockBit included thousands of pages of data related to the perimeters of His Majesty’s Naval Base, Clyde nuclear submarine base, the Porton Down chemical weapon lab and numerous jails.
Stephen Gates, Principal Security SME, Horizon3.ai had this comment:
“As the cyberthreat landscape continuously changes, manufacturers face a unique set of IT challenges, as well as the real, physical ramifications that impact their bottom lines. Today’s attackers fully understand the disadvantages manufacturers face, especially in terms of their reliance on various computing systems, antiquated operating systems, commercial and custom-built applications, and lots of devices – some new and some incredibly old.
“In a recent autonomous penetration test performed by Horizon3.ai’s NodeZero, it found a computer in a manufacturing network running a pre-Windows 2000 operating system, exploited it, and eventually achieved domain admin. Many manufacturers likely have some older computers still in use that are running operating systems no longer supported. Although the older computers work just fine for the minimal tasks they perform, they can easily become an enabler of a successful breach.”
I for one don’t buy a word that Zaun says regarding how bad this is. And why in the world were they running a Windows 7 PC? There’s a lot here that needs to be unpacked as this hack could be catastrophic on so many levels.
NetRise Added to Department of Homeland Security Continuous Diagnostics and Mitigation Approved Products List
Posted in Commentary with tags NetRise on September 6, 2023 by itnerdNetRise, the company providing granular visibility into the world’s Extended Internet of Things (XIoT) security problem — encompassing the modern firmware and software component security challenges of IT, OT, IoT, and other connected cyber-physical systems — today announced the company has been accepted for the Approved Product List (APL) through the Continuous Diagnostics and Mitigation (CDM) Program, where the Department of Homeland Security (DHS) seeks to strengthen federal agencies’ ability to secure their networks against the ever-increasing threat of cyberattacks.
The Cybersecurity and Infrastructure Security Agency’s (CISA) CDM Program dynamically fortifies the cybersecurity of civilian government networks and systems with real-time risk monitoring and defense. The CDM program provides cybersecurity tools, integration services, and dashboards to participating federal agencies to support them in improving their respective security posture.
Unlike legacy solutions, the NetRise automated platform offers crucial visibility into the ‘black boxes’ of XIoT devices. NetRise’s next-generation firmware and IoT security platform protects organizations from firmware-based attacks and threats by enabling users to continuously identify and monitor risks in the software components of devices. NetRise supports the federal government’s effort to secure the vast number of XIoT devices that serve the public sector and citizens nationwide. NetRise’s novel approach to addressing firmware vulnerabilities and software asset management within IT infrastructure bolsters the risk management of environments, providing valuable and unique benefits which will greatly aid in efforts to avert incursions impacting national security.
The NetRise platform is well positioned and aligns with the CDM program’s goals by providing next-generation firmware analysis, identifying risks in device firmware and software components. NetRise provides firmware visibility, vulnerability management, and insights into the underlying “ingredients” of firmware devices, identifying the latent risks and vulnerabilities within IoT, ICS, connected vehicles, medical devices, satellites, and telecom devices.
CDM-approved key features and capabilities of the NetRise platform include:
To learn more about how the NetRise platform supports government agencies with visibility into devices’ underlying risks, please visit https://www.netrise.io/platform.
Leave a comment »