Archive for April 16, 2025

MITRE Gets Saved…. For Now

Posted in Commentary with tags on April 16, 2025 by itnerd

This is one hell of a turnaround from this news.

Earlier today, the newly established CVE Foundation announced that it aims to transition the program to a dedicated non-profit model that isn’t dependent on a single government sponsor. The Foundation’s organizers revealed they had been preparing for this possibility for the past year. Which is kind of scary if you think about it as they clearly saw this coming.

But there’s more.

Following the CVE Foundation’s announcement, the CISA has said the U.S. government is extending funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program. Here’s the story via Bleeping Computer:

 CISA says the U.S. government has extended MITRE’s funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program.

“The CVE Program is invaluable to cyber community and a priority of CISA,” the U.S. cybersecurity agency told BleepingComputer. “Last night, CISA executed the option period on the contract to ensure there will be no lapse in critical CVE services. We appreciate our partners’ and stakeholders’ patience.”

BleepingComputer has learned that the extension of the contract is for 11 months.

 Roger Grimes, Data-Driven Defense Evangelist at KnowBe4 had the following commentary:

“It is fantastic to hear that MITRE’s CVE program is being extended, although we could do with less last-minute reprieves. But I’m glad it is being funded. Now the question is — is it being funded at the same level, less, or even better? Because the program has always had a ton of deficiencies for years that the community has been hoping could be improved. That program has been existing on a shoestring budget for years, hanging on by a thread, ready to collapse in usefulness at any minute.”

“MITRE leaders have been begging for more private funding for years. This isn’t a type of program where the program leaders should be begging for funding. It should be fully funded, correctly resourced, and able to do a superb job for its mission. It’s an incredibly valuable resource and the entire cybersecurity community wants to know if it will be given the attention and funding it has always needed for the seriousness of its mission. Great to hear it’s being extended, but the devil is in the details. I hope we can all go to sleep better at night knowing that it is not only getting extended, but will actually be improved and become the service it should have always been…so that the program’s leaders can do less begging for funding and more managing and improving the program.”

While this is something, it’s not good enough. There needs to be consistent stable funding in my opinion given how important this program is as that is one of the key ways that we all stay safe from cyberthreats.

Leave a comment »

Vantiq and Obayashi Corporation Collaborate to Power the 2025 Osaka-Kansai Expo

Posted in Commentary with tags on April 16, 2025 by itnerd

Vantiq announced today a new collaboration with Obayashi Corporation to deliver real-time experiences at the Panasonic Group Pavilion “The Land of NOMO” during the 2025 Osaka-Kansai Expo. The global Expo is expected to draw over 28 million visitors from around the world, making it one of the most ambitious showcases of innovation, culture and future-shaping ideas this decade. 

Powering this unprecedented experience will require more than infrastructure—it demands intelligence in real-time. That’s why Obayashi Corporation has integrated the Vantiq Intelligent Platform into WELCS place®—a smart building system engineered to instantly sense, analyze and respond to conditions like crowd movement, weather and on-site operations. This dynamic platform will serve as the real-time nervous system for the Panasonic Group Pavilion “The Land of NOMO,” and is set to play a critical role across the Expo, making Vantiq the engine behind one of the most intelligent environments ever built.

Originally designed to enhance comfort and safety across a wide range of facilities—including office buildings, shopping centers, hospitals, hotels and factories—WELCS place® uses intelligent data integration to support smarter environments. For the Expo pavilion, Obayashi selected Vantiq to enable instantaneous processing of real-time data, allowing the space to autonomously adapt to weather fluctuations and crowd dynamics.

Vantiq continues to evolve the Vantiq Intelligent Platform by integrating generative AI, including connections to large language models (LLMs) and retrieval-augmented generation (RAG) frameworks. These capabilities are enabling systems to draw on intuition and human experience—factors that were previously difficult to translate into code—to make smarter, context-aware decisions in real time.

By combining WELCS place®’s proven services and operational knowledge with Vantiq’s real-time processing power and AI-driven adaptability, both companies aim to create intelligent environments that deliver optimal solutions the moment they’re needed.

Leave a comment »

Frenos Appoints Former KnowBe4 CIO Colin Murphy as Chief Hacking Officer

Posted in Commentary with tags on April 16, 2025 by itnerd

Frenos today announced the appointment of Colin Murphy as its Chief Hacking Officer. Murphy brings over a decade of expertise as a recognized cybersecurity researcher, practitioner and technology innovator—including his most recent role as CIO for KnowBe4, where he helped guide the company from startup to its $1 billion unicorn status, IPO and subsequent private equity acquisition. Murphy’s appointment as Chief Hacking Officer marks a return to his roots as an ethical hacker, building on years of red teaming experience alongside the late Kevin Mitnick at Mitnick Security, where he continues to collaborate while delivering on the shared Frenos mission of advancing offensive security innovation and making the digital world a safer place. 

In the role of Chief Hacking Officer, Murphy will oversee product engineering and operations, as well as foster the cybersecurity community and continuing research, to ensure the Frenos platform provides significant value to users. 

The Frenos vision centers around combining a digital twin with an AI reasoning agent, named SAIRA (Simulated Adversarial Intelligence Reasoning Agent), to continuously simulate adversary and hacker techniques at scale across both IT and OT environments. Traditional hands-on security or penetration testing in OT environments occurs infrequently due to the sensitivity and potential operational impacts of IT tools and techniques, resulting in point in time “paper assessments” or “audits” that leave organizations with a poor understanding of their security posture in their most critical environments. Frenos changes that paradigm by enabling continuous tactics, techniques, and procedures (TTP) modeling against a digital twin of the operational technology environment, identifying critical exposure pathways and providing tactical proactive risk mitigations that the operator can take action on. 

Murphy sees Frenos’ digital twin approach as revolutionary for testing sensitive OT environments where traditional penetration testing methods could disrupt operations. “Traditional security assessment, vulnerability and penetration tools cannot be trusted to not impact operational reliability” Murphy stated. “By creating a digital twin, we can model attacks against critical systems with zero impact on operations.”

Murphy envisions Frenos becoming an essential tool in every security practitioner’s toolkit. “My goal is to help build a platform that helps security teams stay ahead of threat actors by predicting potential attacks rather than just reacting to them. The security industry needs to move from reactive to proactive, and AI gives us the opportunity to finally close that gap.”

The strategic hire follows Frenos’ recent $3.88 million seed funding round led by DataTribe and complements the company’s growing advisory board, which includes industrial cybersecurity expert Robert M. Lee, Co-founder and CEO of Dragos. 

Leave a comment »

Every Intel Mac Is Now Vintage Or Obsolete

Posted in Commentary with tags on April 16, 2025 by itnerd

Apple has a list of vintage and obsolete products. And as of today Apple has added the 2018 Mac mini. By adding that Mac to the list, every single Intel Mac is now either vintage or obsolete. So what does that mean? We’ll there’s a couple of things:

  • A device is vintage after five years since it was put on the market. Vintage devices can still be supported for repairs though.
  • When the device hits seven years, it is given the ‘obsolete’ label. At this point, you can’t get repairs.

But the larger issue is that if you have an Intel Mac you should start considering making a move to an Apple Silicon Mac as clearly the days of Intel Macs are clearly numbered.

Leave a comment »

Mitre Says Funding Set To Expire For Its Work On Crucial Vulnerability Program…. WTF?????

Posted in Commentary with tags on April 16, 2025 by itnerd

The non-profit research and development organization MITRE put out a statement saying that their funding which allows them to run the Common Vulnerabilities and Exposures (CVE) program is about to get cut as of TODAY.

Let me get to the point. This is the single dumbest thing that anyone can do as this underpins a huge chunk of vulnerability management, incident response and critical infrastructure protection efforts. In short, we as a whole are screwed from an INFOSEC perspective.

Debbie Gordon, CEO and Founder, Cloud Range had this to say:

“A network is only as secure as the known vulnerabilities that have been patched. Given that our Nation’s Critical Infrastructure is operating under heavy reliance on the CVE repository to discover and resolve reported vulnerabilities, this transition will surely cause major gaps to their level of security. In these times of constant cyber threats, organizations will now need to increase their levels of visibility and awareness, and their defense teams need to have even greater critical thinking and situational awareness to detect and respond to threats.”

Buckle up folks because INFOSEC is about to get really rocky. And I have to admit, I am really, really scared as to what is about to come down the track.

1 Comment »

Strategic Investors Back Hammerspace as New Standard for AI Data Performance

Posted in Commentary with tags on April 16, 2025 by itnerd

 Hammerspace, the high-performance Data Platform for AI, today announced that several strategic venture investors, who were early backers of transformative companies like NVIDIA, Meta, Palantir, SpaceX and Tesla, have invested $100 million in new strategic growth capital in Hammerspace.

This is not a typical venture round. Altimeter Capital, ARK Invest, and other hand-selected strategic investors are participating not just for returns—but for the opportunity to drive the next era of AI infrastructure. These partners bring more than funding. They bring strategic insight, deep sector experience, and an active commitment to our long-term success.

Data performance has evolved from a competitive edge to a requirement in the race to scale AI infrastructure. Hammerspace delivers that edge across every dimension of unstructured data: storage, access, movement, and deployment. Whether training thousands of GPUs on-premises or in the cloud, deploying large-scale inference or maximizing NVMe performance in local GPU servers, Hammerspace is purpose-built to unleash data performance at scale.

The Investors Betting on Performance at Scale

Altimeter Capital, which identified industry shifts early with investments in Meta, MongoDB, NVIDIA, Snowflake and Uber, led the Series B round.

ARK Invest, led by Cathie Wood, joined the round through its ARK Venture Fund. Known for its conviction-based investing in disruptive technology companies—including early bets on Tesla, NVIDIA and Palantir—ARK sees Hammerspace as foundational to the performance infrastructure AI demands.

The remainder of the funding round was filled out by a combination of new and existing investors. Early investors identified Hammerspace as a disruptive force in data infrastructure well before AI workloads reshaped enterprise, hyperscaler and cloud priorities. With demand for high-speed, scalable access to data now surging, existing supporters continue to invest in Hammerspace to support its expansion into a fast-growing market.

The Next Era of Data Infrastructure

Global technology leaders, including Hitachi Vantara (a subsidiary of Hitachi Ltd., HTHIY) and Supermicro (SMCI), are building solutions on Hammerspace’s software for customers like Meta, the U.S. Department of Defense, the National Science Foundation, and major life sciences organizations. These deployments demonstrate a new standard in performance across hybrid, multi-cloud, and edge environments—without complexity or vendor lock-in.

Hammerspace gives organizations a Linux-native, standards-based, parallel file system and object store that delivers unmatched performance across file and object protocols using standard Ethernet or high-speed interconnects like InfiniBand. The platform uniquely overcomes data gravity by combining instant data-in-place assimilation from other sources with high-speed movement across hybrid environments – all in the service of delivering peak performance everywhere.

Hammerspace stands apart as the first platform built entirely around the performance needs of modern computing. From unmatched GPU throughput to instant access across file and object data to deployment time measured in minutes—not weeks—every capability of the platform is designed to remove bottlenecks, maximize speed and deliver scale.

With this latest investment, Hammerspace will accelerate global expansion and deepen its position as the performance platform of record for AI, HPC and hybrid cloud environments.

Leave a comment »

Over a third of finance leaders fear geopolitical tensions and economic conditions in 2025, SAP Concur find

Posted in Commentary with tags on April 16, 2025 by itnerd

New data from the latest annual SAP Concur CFO Insights Survey* reveals the evolution of top priorities for Canadian finance leaders amid challenging economic conditions and geopolitical tensions – from AI to cybersecurity. The 2025 research highlights the opportunities and barriers finance leaders face today, while also providing comparisons with previous years’ results.

Economic conditions are the greatest external challenge

External factors are playing a big role in the decision-making of Canadian finance leaders. The following highlights demonstrate the uphill battle finance leaders now face:

  • The highest ranked external challenge is worsening economic conditions, with 50% placing the concern in their top 3
  • However, geopolitical tensions soared this year (30%) as a concern for finance leaders when compared with 2024 results (15%)
  • Regulatory compliance related to climate change is no longer as much of a worry in 2025, remaining in the top three for just 30% of respondents – compared with 83% in 2024

Though the challenges businesses face externally are outside of the finance leaders’ control, being able to mitigate their impact is within their remit – and it comes down to the software solutions and tools they have available. Yet, a lack of data visibility is impacting      53% of Canadian finance leaders – with problems with ease-of-use and adoption (43%), and limited reporting and analytics (47%) next in line.

Unlocking AI & Cybersecurity

Manual processes are a top internal challenge for more than a third of Canadian finance leaders (43%). This has risen significantly in the past few years, with just 1% ranking manual processes as the top challenge in 2023.

However, finance departments are embracing AI today, with over half (63%) highly automating general office tasks – a significant increase on 2024’s results with just 7% reporting this level of automation in their organisation. That’s a significant uptick in usage in the space of a year.

  • Other top AI automation use cases include journal entries and bookkeeping (63%), monitoring for fraud (47%) and financial planning (33%).
  • Finance leaders report AI is having a positive impact on various areas of their organisation including decision-making (97%), risk reduction (83%) or achieving ESG goals (40%).

When it comes to cybersecurity, more than half of finance leaders (63%) plan to increase their cybersecurity budget. Only 17% plan to enhance collaboration with the Chief Information Security Officer (CISO) and across the IT department though.

In fact, finance leaders today are split about who in the C-Suite should be responsible for driving progress on the increasing cybersecurity threat: 47% of finance leaders believe that driving progress on cybersecurity should be the reserve of IT leaders only, while 53% report it should be finance and IT leaders.

This sentiment comes at a time where the evolving cybersecurity landscape has the potential to influence organisation’s ability to pursue upcoming growth initiatives.

  • A third (43%) of finance leaders report that their growth plans will proceed as planned, while half (47%) say they will adapt growth initiatives to align with the cybersecurity landscape.
  • Just 10% say they will slow down growth initiatives to focus on cybersecurity.

Growth in 2025

For Canadian finance departments in 2025, optimising costs and efficiency is a key priority to drive growth (80%) – with investments in AI technology (70%) and focusing on sustainability and ESG (60%) next in line.

But they know they can’t do it alone – ensuring cross-functional collaboration is vital for driving growth.

  • All respondents (100%) rate themselves as ‘excellent’ or ‘good’ at communicating to get buy-in from the wider business on new growth initiatives – and 83% of HR leaders and 67% of IT leaders agree.
  • Yet, there’s controversy among those working in finance over who should be responsible for this growth – with 81% of CFOs believing the CFO is the primary driver of growth despite only 52% of finance Senior Vice Presidents (SVPs) agreeing.
  • Finance SVPs are more likely to think CFOs should support – but not lead – growth initiatives (20%) or that growth leadership should be shared across the c-suite (28%). While just 9% of CFOs agree that growth leadership should be shared.

*SAP Concur surveyed 350 chief financial officers and senior finance leaders, 115 HR leaders and 115 IT leaders for its latest CFO Insights report.
The research, conducted between December 2024 and January 2025, covered Canada, Australia, Brazil, Germany, Japan, Mexico, the United Kingdom and the United States.

Leave a comment »