Archive for November 15, 2023

ContraForce Is A Participant In Microsoft’s Security Copilot Partner Private Preview

Posted in Commentary on November 15, 2023 by itnerd

ContraForce today announced its participation in the Microsoft Security Copilot Partner Preview. ContraForce was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.

ContraForce is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility. To learn more, read the announcement.

Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft’s unique global threat intelligence and more than 65 trillion daily signals.

Leave a comment »

OVHcloud Launches Second Generation Bare Metal Scale Servers

Posted in Commentary with tags on November 15, 2023 by itnerd

OVHcloud, the European cloud leader, today announced the launch of its second generation of dedicated Bare Metal Scale servers. Hot on the heels of the critically-acclaimed first Scale line-up launched in 2021, this new generation of high-performance dedicated servers brings even more compute power.

Addressing verticals such as healthcare, finance, industry, public sectors and media, the new generation of Scale Bare Metal servers uses powerful processors from AMD and NVIDIA to answer customers’ most intensive use cases such as confidential computing, big data, analytics as well as virtualization and container orchestration or grid computing.

Modern CPU for Integrity, Compute Power for Big Data and Analytics

In a world where data is at the center of every modern business, customers need robust platforms where they can process their sensitive data. The new OVHcloud Bare Metal second-generation Scale servers benefit from AMD Secure Encrypted Virtualization (SEV) found in the fourth generation of AMD EPYC processors to allow for strengthening VM isolation.

Offering high-performance and scalable Bare Metal servers, OVHcloud can take advantage of the high core count of AMD EPYC processors, in single- or dual-socket configurations. This allows the hardware to deliver tremendous compute power so customers can process and analyze large sets of data, in real time. Customers can gain insights from their data, facilitating decision-making. Not only can customers process, treat and harness data in a snap, they can also store large amounts of data with up to 46 TB of NVMe storage.

Best-of-Breed CPU, DDR5 and Large IO

Leveraging AMD’s most advanced Zen 4 CPU architecture, the second generation of Scale servers boasts fourth-generation EPYC processors, code named Genoa. The range starts with AMD EPYC 16 cores / 32 threads and scales to 96 cores / 192 threads in a single-socket configuration (SCALE-a1 to SCALE-a6). 

The second-generation Scale line-up is offered in a dual socket configuration with core counts all the way up to 256 cores and 512 threads, leveraging fourth-generation AMD EPYC processors, code named Genoa and Bergamo, with the latter featuring Zen 4C cores. SCALE-a7 offers a total of 192 cores / 384 threads (2P AMD EPYC 9654 code named Genoa) and the SCALE-a8 variant comes with 256 cores / 512 threads (2P AMD EPYC 9754 code named Bergamo). 

Available for the first time at OVHcloud with DDR5 memory configuration ranging from 128 GB to 1 TB (4800 MHz), new Scale references can benefit from generous storage options – from the included 2 x 960 GB NVMe up to 6 x 7,68 TB SSD NVMe.

NVIDIA L4 Tensor Core GPU for Machine Learning

Alongside new second-generation Scale CPU-based references, OVHcloud is also introducing SCALE-GPU dedicated servers leveraging the NVIDIA L4 GPU for data centers.

Based on the NVIDIA Ada Lovelace GPU architecture, the NVIDIA L4 is a universal GPU for efficient video, AI and graphics-intensive workloads. The hardware is optimized for use cases like machine learning with image classification, natural language processing, object detection and VDI.

Unmetered Guaranteed Bandwidth with up to 25 Gbps Private Network

OVHcloud’s new second-generation Bare Metal Scale benefits from all the advantages of dedicated servers when it comes to flexibility, control, performance, or availability as well as 1 Gbps to 10 Gbps guaranteed and unmetered public bandwidth and up to 25 Gbps of unmetered private bandwidth. Through this offering, OVHcloud also provides companies with the best possible support for their workloads, environments, and ad-hoc technologies, while guaranteeing predictable pricing.

Data Protection and Sustainability

Second generation Scale Bare Metal servers also benefit from OVHcloud’s well-known expertise in infrastructure, offering a trusted cloud in environmentally friendly data centers. With the highest security and data protection standards in the form of ISO 27001 certification and HDS, data is immune to extra-territorial laws. OVHcloud data centers take advantage of the company’s unique industrial model with a water-cooling system that contributes in a sustainable cloud allowing to reach best-in-class PUE/WUE indexes (see more data here).

Availability

Bare Metal SCALE-a1 (16c/32t), SCALE-a2 (24c/48t), SCALE-a3 (32c/64t), SCALE-a4 (48c/96t), SCALE-a5 (64c/128t) and SCALE-a6 (96c/192t) are available for order now, in our datacenters located in Canada, France, Germany, Poland, UK and USA. Roll-out in the APAC region is planned from December to March. Bare Metal SCALE-a7 (192c/384t) and SCALE-a8 (256c/512t) are available now as build-to-order references. SCALE-GPU with NVIDIA L4 GPUs are planned for early December availability. 

Leave a comment »

Bad News…. Toronto Public Library Confirms That Personal Information Was Swiped When They Got Pwned By Ransomware

Posted in Commentary with tags on November 15, 2023 by itnerd

A couple of weeks ago, I wrote about the fact that the Toronto Public Library was pwned by ransomware. I’ve been tracking this story since and I haven’t updated you on this despite the fact that they’ve been silent since that went public. Today they said something new, and what they said isn’t good:

At this point in our investigation, we believe current and former staff employed by Toronto Public Library (TPL) and the Toronto Public Library Foundation (TPLF) from 1998 are impacted. Information related to these individuals was likely taken, including their name, social insurance number, date of birth and home address.

Copies of government-issued identification documents provided to TPL by staff were also likely taken.

Our cardholder and donor databases are not affected. However, some customer, volunteer and donor data that resided on the compromised file server may have been exposed. It will take us time to analyze data to determine who is affected and how. We will continue to be transparent and notify those affected as appropriate and in light of our findings.

That’s not good at all. And it seems like a well known threat actor is behind this according to Bleeping Computer:

While the library hasn’t yet attributed the attack to a specific ransomware operation, BleepingComputer has learned that the Black Basta ransomware gang was behind the October 28 attack after seeing a photo of a ransom note shown on a TPL workstation.

As a TPL employee told BleepingComputer, the attack occurred overnight on October 27, disrupting numerous services by Saturday morning.

It will be interesting to see what the Toronto Public Library does from this point onwards given the fact that they now know what’s out there. Will they alert these people? Will they offer free credit monitoring? Those are things that I’ll be looking for in the days and weeks to come.

Leave a comment »

HYAS & Cyware Announce That They Are Participants In The Microsoft Security Copilot Partner Private Preview

Posted in Commentary with tags , on November 15, 2023 by itnerd

Cyware  and HYAS Infosec each today announced their participation in the Microsoft Security Copilot Partner Private Preview.

Cyware was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft. 

HYAS Infosec was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting-edge functionality, and close relationship with Microsoft. 

Cyware is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility. HYAS Infosec is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility. To learn more, read the announcement

Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft’s unique global threat intelligence and more than 65 trillion daily signals.

You can read both companies releases here:

Press release – Cyware is a Proud Participant in the Microsoft Security Copilot Partner Private Preview: https://www.businesswire.com/news/home/20231115247824/en/Cyware-is-a-Proud-Participant-in-the-Microsoft-Security-Copilot-Partner-Private-Preview

Press release – HYAS is a Proud Participant in the Microsoft Security Copilot Partner Private Preview: https://www.businesswire.com/news/home/20231115833995/en/HYAS-is-a-Proud-Participant-in-the-Microsoft-Security-Copilot-Partner-Private-Preview

Leave a comment »

Zoho Introduces Zoho Practice for Accountants

Posted in Commentary with tags on November 15, 2023 by itnerd

Zoho, a global technology company, today announced that the Zoho Finance Platform has achieved 45% increase in new customers globally. The company also made significant expansion to its Finance Platform with 230+ extensions in Zoho Marketplace, and a dedicated developer portal. Additionally, it also launched Zoho Practice, an end-to-end practice management solution for accounting professionals. These additions strengthen the Finance Platform’s ecosystem, helping businesses tailor their applications and collaborate with their accountants to enhance their operations.

Zoho Practice, a Modern Solution for Accountants
Today, accountants are expected to go beyond providing traditional services like day-to-day accounting, bookkeeping, financial reporting, auditing, and tax filing. Clients also expect insights on an organizational level, like how to curb spend, identifying additional revenue sources, and accelerating business growth. However, to provide these bespoke services with excellence, accounting professionals would require a holistic view of their clients’ businesses, in addition to efficiently running their own firm’s operations.

Zoho Practice, a one-stop solution meticulously crafted for the modern accounting firm, launches with extensive client management, document management, task management, timesheet and billing capabilities. The application also offers industry-first functionalities built from the ground up for distributed firms, including AI-driven anomaly detection for client records; built-in collaboration through chat, voice, or video calls; and a unified platform to act as a single source of truth for all client services. This practice management solution comes pre-integrated with Zoho Books (accounting app) and Zoho Expense (travel and expense management app), providing a comprehensive central repository while enabling seamless interoperability between an accounting practice and their clients’ finances. 

Continued Growth of Zoho Finance Platform

Regionally, Zoho recently launched the Germany edition of Zoho Finance Platform, introduced a free student edition of Zoho Books in India to empower future financial professionals, and added corporate tax capabilities to help UAE businesses stay compliant. The company also introduced Zoho Billing, a multifaceted solution built for growing businesses to experiment with pricing and quickly go to market. The finance platform ecosystem also experienced a63% increase in the global accounting partner network last year.

Continuing on this momentum, the company also launched an enterprise-grade Developer Portal. This allows third-party developers to build solutions easily that customize specific functions of their finance applications, automate routine processes, and publish the extensions in Zoho Marketplace. Additionally, businesses can use the portal to build their own extensions for use within their organizations. 

Today, there are 230+ extensions in Zoho Marketplace extensions for the Finance Platform that go beyond the functionalities offered natively, helping solve advanced requirements. Some of the most common uses of extensions include:

  • Connections to local payment gateways to offer more convenient payment methods to customers
  • Verifying a contact’s email address, and their bank account details to ensure data accuracy 
  • Syncing financial data automatically with other business intelligence and forecasting apps
  • Adding pin location within a map while recording customer or vendor addresses

Pricing and Availability

Zoho Practice is available for use immediately, and is free for accounting firms with up to 3 users.  Additional users can be added by purchasing the add-on which works up to $2.5 monthly, per user. 

Customers of Zoho Finance Platform can install the extensions offered in the Zoho Marketplace from within the applications. The pricing will depend on the monetization model that the developer follows for that extension. 

Leave a comment »

Canadian Office Workers Spend Nearly Two Workdays Per Week on Menial Tasks & View AI Tools as Key Driver to Help Alleviate Workloads: ServiceNow

Posted in Commentary with tags on November 15, 2023 by itnerd

ServiceNow today announced the results of its fourth annual World of Work study. The study reveals Canadian office workers are spending nearly two workdays per week on menial tasks and see AI tools as a key driver to help alleviate workloads. Despite only 20% of workers currently using AI, half believe that training will give them a competitive advantage at work.

Canadian office workers recognize the potential for AI to drive productivity, reduce menial work, and future-proof their skills. Furthermore, 66% cite inadequate technology, training, and innovation as notable reasons to leave their current role. Companies that want to attract and retain talent need to identify and put into practice innovative solutions that boost employee productivity and growth opportunities.

Turning to AI as menial tasks surge

The majority of Canadian office workers (2 in 3) need to do meaningful work. Today, companies are presented with a unique opportunity to consider the role of AI-powered tools and technologies in alleviating the impact of menial, repetitive work on employees. This ultimately helps reduce employee burnout and attrition. The study highlights several key findings:

  • Employees are bogged down with menial tasks: Canadian office workers are spending more than one-third of each day on repetitive work, equating to nearly 14 hours, or two workdays, each week. And it’s on the rise. Despite rapid advancements in technology, the proportion of time spent on menial tasks increased by 6% in 2023.
  • Employers need to better enable productivity and efficiency: The majority (63%) of office workers feel their employer does not currently have adequate solutions in place to help alleviate repetitive work. As a result, 58% of Canadian office workers are looking to their employers to invest in solutions that enable productivity.
  • The potential for AI to transform work is clear: Office workers recognize the potential of AI to enhance productivity (45%), minimize errors (42%), and provide more time for strategic and creative tasks (30%). This contributes to better work-life balance among employees (29%) and reduced stress (28%).
  • The range of AI use cases is growing: Employees see AI tools that automate work as the most helpful, particularly automating routine and repetitive processes (41%), IT services (38%), analytics and reporting (37%), and summarization of meetings, documents, and emails (37%).

Embracing AI for career growth and job security

Recognizing the critical role of AI in their professional growth and development, Canadian office workers are increasingly looking to embrace AI to enhance their skillsets and remain competitive in the job market. According to the report:

  • Employees will future-proof their skillsets with AI: Canadian office workers recognize developing AI skills is important for career progression. More than half (57%) anticipate getting additional education or training in AI at work, while 49% plan to pursue AI education or training on their own. Notably, only 33% fear they won’t be able to keep up with the technology.
  • Current training programs aren’t cutting it: Having a comprehensive understanding of how to use AI is a priority for Canadian office workers but only 37% of employees perceive AI as easy to use. Further, current training programs are seen as insufficient. Only half (51%) consider the current training programs available to them as conducive to their career development.
  • Leaders and individual contributors need equal access to AI training: While most Canadian office workers assert that their employer is responsible for providing job-relevant training (62%), there exists a disparity in training access between leaders and individual contributors. Specifically, 59% of leaders report greater training opportunities compared to individual contributors (48%). And while 61% of leaders believe their workplace invests in their career growth, only 41% of individual contributors feel the same.

For more information about the World of Work survey findings, please visit here.

Survey Methodology

The 12-minute online survey was facilitated by SAGO (Asking Canadians). The study was in field between August 15 and September 1, 2023, and surveyed a nationally representative sample of 1,504 English and French-Canadian office workers. To qualify for the survey, respondents must have been currently working at an office or remotely at companies with 500+ employees.

The precision of Asking Canadians online polls is measured using a credibility interval. In this case, the poll is accurate to within +/- 3.19 margin of error at a 95% confidence level. The credibility interval will be wider among subsets of the population. All sample surveys and polls may be subject to other sources of error, including, but not limited to coverage error, and measurement errors that may be off by +/- 1%.

Leave a comment »

Living Security Announces Partnership with Zscaler to Manage Human Risk 

Posted in Commentary with tags on November 15, 2023 by itnerd

Living Security, Inc.has announced a new partnership and technology integration with Zscaler, the leader in cloud security. Joint customers will realize the benefits of secure internet and SaaS access, secure private access, and human risk quantification, enabling them to reduce risk.

The majority of cybersecurity incidents are the result of human error. No matter how often employees are trained or phished or new technology is deployed, it all comes back to the people. According to the Verizon DBIR 2023, 74% of breaches involve the human element – making it still the single most significant risk to organizations, a continually relevant industry trend to call out that is a consistent concern for enterprise security. 

Key Integration Features

  • Seamless Data Aggregation: Automatically aggregate data from Zscaler through secure APIs and correlate events and activities to get a holistic view of employee behaviors. These risks are quantified and actionable with data-driven insights.
  • Distinguish Real Threats: Living Security’s Human Risk Index scores make apparent the riskiest individuals and attributes susceptible to risk. The algorithms and contextual features specific to various roles reduce false positives and pinpoint genuine threats.
  • Real-Time Visibility: Get instant access to real-time human risk scores and insights across organizations with an intuitive interface that ensures security operations teams can monitor and prioritize events effectively, allowing for proactive risk mitigation.

The partnership significantly empowers joint customers to reduce risk through greater control and deeper visibility. Living Security leverages Zscaler Zero Trust Exchange™ platform telemetry to get visibility into user activity. This data is integrated into the Unify HRM platform to quantify human risk across multiple cybersecurity tools to drive proactive, efficient action. 

Zscaler and Living Security’s tight integration will empower security, risk, and compliance leaders to make risk-based decisions by improving detection of malicious behavior, increasing efficiency by only targeting risk areas, improving security posture through reduced risk, and providing actionable data. Additionally, joint customers can launch user training based on risk from Living Security, communicate via email, Slack, or MS Teams, and adjust policies within Zscaler.

Enterprises can immediately get technical documentation on Living Security’s strategic technology partnership with Zscaler and the company’s ecosystem integration offerings. To learn more about managing human risk with Zscaler and Living Security, please visit https://www.livingsecurity.com/zscaler-brief

Leave a comment »

Living Security Announces Industry’s First Human Risk Operations Center (HROC)

Posted in Commentary with tags on November 15, 2023 by itnerd

Living Security, Inc. announced today the industry’s first Human Risk Operations Center (HROC) fueled by Living Security’s Unify Platform. 

The HROC unites Security Operations Center (SOC) Security Awareness and Training (SAT), and Governance, Risk, and Compliance (GRC) teams by providing granular visibility into human risk and insider threats. Living Security’s Unify platform powers the HROC by aggregating and correlating employee behaviors using data from your organization’s existing security tools. It offers ​​one pane of glass that provides real-time visibility into a company’s riskiest people, departments, and programs. This helps SOC and GRC teams efficiently plan next actions and measures the impact of improving policies and behaviors. 

While Security Operations Centers (SOC’s) continue to improve their visibility into security events across different layers of infrastructure and data, correlating disparate events to individual people or programs remains a significant challenge. Living Security Unify aggregates data and events across the cybersecurity technology stack showing risk at the granular employee level.

The Living Security HROC supports API integrations for dozens of the most popular security tools empowering SOC and GRC teams to rapidly derive real-time insights, recommendations, and action plans that speed time to mitigation.

The HROC provides visibility around segments risk by department, role, location, and even a lens into risk specific to those who have elevated access to sensitive data. Looking at risks this way provides important context for cybersecurity organizations.

Key Benefits:

  • Improve security visibility by Identifying and correlating risk at the human level rather than the device, data, or event layer
  • Speed time to mitigation through the implementation of targeted behavior and policy actions
  • Shrink organization’s attack surface by reducing insider threats

Learn more about Living Security’s Unify HROC (Human Risk Operations Center) by signing up for their December 5th webcast, Introducing the Human Risk Operations Center. 

Learn more at www.livingsecurity.com.

Leave a comment »

NY Proposes Healthcare Cybersecurity Regulations With $500 Million In Funding 

Posted in Commentary with tags on November 15, 2023 by itnerd

Yesterday, New York Governor Kathy Hochul proposed a new set of cybersecurity regulations that would apply to hospitals across the state. The proposal also included $500 million in funding to help healthcare facilities upgrade their technology systems to meet the requirements of the proposed rules.
 
If adopted by the Public Health and Health Planning Council this week, the regulations will be published in the State Register on December 6th requiring hospitals to implement infrastructure to defend against and prevent cyberattacks and develop incident response plans.
 
New York hospitals will also be required to:

  • Establish a CISO role  
  • Use MFA  
  • Establish policies for evaluating and testing third-party security
  • Run tests to ensure patient care would continue should there be an incident

“Our interconnected world demands an interconnected defense against cyber-attacks, leveraging every resource available, especially at hospitals,” Hochul stated.
 
“These new proposed regulations set forth a nation-leading blueprint to ensure New York State stands ready and resilient in the face of cyber threats.”

Emily Phelps, Director, Cyware had this to say:

   “Governor Kathy Hochul’s new cybersecurity regulations proposal for New York hospitals represents a significant step in reinforcing the resilience of healthcare facilities against cyber threats. Mandating the establishment of a Chief Information Security Officer (CISO) role and enforcing Multi-Factor Authentication (MFA) aim to fortify the defenses of healthcare systems.

   “With our interconnected world, it is true we need interconnected defenses. A crucial aspect is a focus on collective defense and software supply chain security in healthcare. Collective defense involves leveraging shared knowledge and resources to improve the overall cybersecurity posture of all involved entities. In healthcare, where organizations deal with sensitive data across modern and legacy systems, leveraging healthcare ISACs and trusted intelligence sharing help these entities become more proactive.

   “Furthermore, the emphasis on evaluating and testing third-party security is a proactive measure to secure the software supply chain. Healthcare organizations rely heavily on various software solutions and third-party services, making them vulnerable to supply chain attacks. Regular testing and policy establishment for third-party security will help mitigate these risks.”

Paul Valente, CEO & Co-Founder, VISO Trust follows with this:

   “The lack of funding for security within the healthcare sector has led to the industry becoming a primary target for cyber criminals.  Ransomware has become endemic with healthcare organizations, more frequently leaving them with no choice but to pay the ransom, rather than risk patient safety.  

   “Third-party risks pose significant challenges for hospitals due to their complex relationships with supply chain vendors and the evolving nature of cyber threats. Understaffing and outdated and complex techniques further hinder effective cyber risk management. Governor Hochul’s funding and requirements are just a starting point in safeguarding these institutions. It’s great to see New York taking the lead and it will be intriguing to see which states follow suit.”

Given that the negative outcome that can happen when cybersecurity in health care isn’t top of mind was in the news recently, this is a good move by New York State as prevention is better than pwnage.

Leave a comment »

Denmark’s Energy Infrastructure Pwned Via Zyxel Zero Day

Posted in Commentary with tags on November 15, 2023 by itnerd

Denmark’s, Non-profit SektorCERT reported on the nation’s largest cyber incident on record where attackers gained access to the systems of 22 Danish companies overseeing various components of energy infrastructure in May by exploiting a zero-day vulnerability in popular Zyxel firewalls.
 
Unfortunately, many of the observed attacks were possible because the companies had not updated their firewalls and had opted out of the software update because:

  • There was a charge for installation  
  • It was assumed the ‘new’ Zyxel firewall was the latest update
  • It was believed Zyxel was responsible for implementing the updates

 11 companies were “immediately” and simultaneously compromised allowing the attackers to gain control of the firewall and access the critical infrastructure behind it while preventing the energy companies from warning others in advance.

Several of the breached companies avoided significant impact by disconnecting the local or national power networks.

Ted Miracco, CEO, Approov Mobile Security had this to say:

   “It comes as no surprise to see this attack linked to a Russian military group such as VooDoo Bear, as many European countries that have supported Ukraine have become targets, especially in the energy sector. With eyes now turned to the Middle East, we may see even more aggressive and increasingly sophisticated attacks on the Ukraine and its allies, as the Russians perhaps see support from the West potentially wavering or at least seeing signs of fatigue.

   “Another take away from this incident is the short-sighted decision making that led to critical infrastructure providers not patching a known zero-day vulnerability in the Zyxel firewalls.”

Dave Ratner, CEO, HYAS follows with this:

   “Bad actors will build their own databases of which organization utilizes which suppliers, so that when a new zero-day vulnerability becomes known they can strike almost instantaneously.  Staying current on patches is of course always recommended; however, even this may not be enough if the criminals exploit the zero-day first.  It’s just one more reason to implement an operational resiliency strategy and ensuring a complete security-in-layers approach.”

Really, in 2023 there should be no excuse for not being proactive about updates. At this example illustrates, bad things will happen to those who don’t update all the things.

Leave a comment »