Archive for the Commentary Category

« Older Entries
Newer Entries »

Introducing SanicDNS: The Ultra-Fast Open-Source DNS Scanner

Posted in Commentary with tags on August 8, 2024 by itnerd

Netherlands-based cybersecurity service Hadrian has launched SanicDNS, the latest open-source DNS scanning tool developed that redefines speed and efficiency in network enumeration.

DNS resolution is a critical process in offensive security, enabling the discovery of DNS records, subdomains, and IP addresses essential for identifying vulnerabilities and potential attack vectors. Traditional tools have often been limited by slow scanning speeds, hindering the ability of security practitioners to conduct thorough and timely assessments.

Enter SanicDNS, developed by cybersecurity innovators Jasper Insinger and Geert Custers. SanicDNS leverages cutting-edge parallelization techniques and advanced networking methodologies, including DPDK (Data Plane Development Kit), to achieve speeds up to 100 times faster. This remarkable enhancement enables security professionals to perform DNS scanning tasks with unprecedented efficiency, significantly reducing the time required to identify misconfigurations and potential threats across networks.

Key features of SanicDNS include:

  • Ultra-fast Scanning: Capable of processing up to 5 million packets per second (Mpps), compared to 0.05 Mpps of traditional tools.
  • Modular Design: Flexible architecture supporting diverse scanning scenarios and use cases.
  • Real-time Feedback: An intuitive interface provides live statistics and JSON output for easy integration into existing workflows.

SanicDNS is being released as open-source software, available for download and implementation by cybersecurity professionals, researchers, and enthusiasts worldwide. It promises to empower security teams with a robust tool for comprehensive network reconnaissance and proactive threat mitigation.

For more information about SanicDNS and to download the tool, visit https://github.com/hadriansecurity/sanicdns

Leave a comment »

Guest Post: Expanding Our Presence in Canada: New Procore Partnerships Aim to Advance Diversity and Inclusion in the Construction Industry

Posted in Commentary with tags on August 8, 2024 by itnerd

Diversity and inclusion are at the heart of Procore’s values. We recognize the importance of creating opportunities for underrepresented groups within the construction industry – and today we are proud to announce our deepened expansion into Canada through strategic partnerships with the Afro Canadian Contractors Association (ACCA) and the Canadian Association of Women in Construction (CAWIC). These partnerships mark a significant milestone in our commitment to supporting diversity, inclusion, and innovation within the construction industry. By joining forces with ACCA and CAWIC, we aim to empower Canadian contractors and construction professionals with the tools, resources, and support they need to thrive in today’s dynamic market. 

Through our partnerships, we will provide training, technology solutions, and support to minority contractors, diverse-owned firms, and women in construction across Canada. Procore will offer comprehensive training programs, access to our industry-leading construction management platform, and discounted buying programs to eligible members. These initiatives aim to equip contractors and construction professionals with the skills and resources they need to succeed in today’s competitive landscape. Whether it’s project management, collaboration, or resource planning, Procore’s platform is designed to streamline workflows and drive efficiency at every stage of the construction process.

“As the President of the Afro Canadian Contractors Association, I am proud to partner with Procore in this significant initiative. This collaboration is a testament to our shared commitment to fostering diversity and inclusion within the construction industry. By providing minority contractors with cutting-edge technology and comprehensive training, we are equipping them with the tools they need to thrive in a competitive market. Together, we are paving the way for a more equitable and innovative future in construction,” said Stephen Callender. 

“We are excited to partner with ACCA and CAWIC to empower minority contractors and diverse firms in Canada with the technical tools and skills they need to thrive in the construction industry,” said Dr. Irish Horsey, Procore’s director of industry advancement. “By providing access to Procore’s innovative construction management solutions and training resources, we aim to break down barriers and foster a more inclusive ecosystem.”

In addition to providing access to technology and training, Procore, ACCA, and CAWIC will collaborate on thought leadership initiatives, including webinars, articles, and industry insights. These efforts will provide valuable insights and best practices to support the growth and success of our partners and their members. By sharing knowledge and expertise, we can collectively drive innovation and excellence within the Canadian construction industry. 

“I am thrilled to see Procore’s commitment to diversity and inclusion within the construction industry. This partnership with Procore represents a powerful step towards providing women in Canada with the resources and opportunities they need to succeed. Together, we can break down barriers and foster a more inclusive and innovative construction industry,” said Lisa Laronde, President, Canadian Association of Women in Construction (CAWIC).

Procore is proud to partner with ACCA and CAWIC in expanding our presence in Canada and supporting the growth and success of contractors and construction professionals across the country. Together, we will empower diversity, foster innovation, and build a brighter future for the construction industry in Canada. 

We invite contractors, construction professionals, and industry stakeholders across Canada to join us in building a better future for the construction industry. Together with ACCA, CAWIC, and our valued partners, we can drive innovation, diversity, and inclusion within the Canadian construction industry. To learn more about Procore’s commitment to empowering diversity and inclusion, visit procore.org

More about Procore.org:

In Canada, Procore.org currently works with 15 colleges and universities, offering free accounts with unlimited user licenses, access to all of Procore’s tools and features, and several complimentary training sessions for professors led by Procore’s implementation training team. These educational institutions in Canada include Red Deer Polytechnic, Northern Alberta Institute of Technology, Southern Alberta Institute of Technology, University of Alberta, Centennial College, Conestoga College, Algonquin College, George Brown College, Lambton College, Cégep de Saint-Laurent, Concordia University, Cégep du Vieux-Montréal, La Cité Collégiale, New Brunswick Community College and University of New Brunswick.

Recently, Procore.org created an Educators’ Training Centre for instructors with educational resources such as presentations, student exercises, sample project data, and a special video certification course for Canadian students.

Leave a comment »

H-ISAC and AHA issue joint call-to-action after 3 ransomware attacks on mission-critical suppliers

Posted in Commentary on August 8, 2024 by itnerd

Health-ISAC and the American Hospital Association (AHA) have issued a joint threat bulletin following three ransomware attacks on blood suppliers, causing blood shortages and disrupting patient care.

  1. On July 30, the attack on OneBlood prompted the Florida Hospital Association to recommend hospitals activate their critical blood shortage protocols.
  2. On early June, the attack on UK based Synovis caused massive disruption with more than 800 operations and 700 outpatient appointments being canceled and resulted in major blood shortages.
  3. On April, the attack on Octapharma Plasma resulted in the temporary closure of its 190 U.S. plasma donation centers and plasma manufacturing facilities.

Ransomware groups have been increasingly targeting third-party infrastructure as the possible massive disruption caused by an attack increases the likelihood of a ransom being paid by the providers.

Health-ISAC and the AHA said the nature and proximity of these three attacks should serve as a wake-up call for the healthcare industry. while attacks prevent access to electronic health records and cause disruption, these three attacks demonstrated how attacks on suppliers can cause disruptions to patient care at multiple hospitals and health systems.

“The outcomes of these attacks highlight the need to incorporate mission-critical and life-critical third-party suppliers into enterprise risk management and emergency management plans to maintain resiliency and redundancy in the modern digitally connected healthcare ecosystem,” the bulletin reads.

Health systems should identify essential suppliers to the healthcare mission, and redundancy should be built into the supply chain strategy by identifying alternative suppliers or using multiple suppliers to minimize the impact of an attack on critical medical suppliers, the bulletin suggests.

Neal Dennis, Sr. Threat Intelligence Analyst, Cyware had this to say:

   “The recent ransomware attacks targeting blood suppliers underscore the critical importance of strengthening cybersecurity measures in the healthcare supply chain. ISACs play a vital role in providing health entities with access to real-time threat intelligence and resources, especially for organizations with limited capacity to manage these threats independently. Through information sharing and collaboration facilitated by ISACs, healthcare organizations can respond more effectively to cyber threats and protect patient care. By integrating mission-critical and life-critical third-party suppliers into their enterprise risk management plans, organizations can enhance resilience. Proactively identifying essential suppliers and establishing redundancy in the supply chain further mitigates the impact of cyberattacks on critical medical supplies.”

This highlights the need for health care organizations of all sorts to step up their game when it comes to cybersecurity. Because if they don’t step up their game, it will only be a matter of time before something really bad happens.

Leave a comment »

Apple Is Making A Change To Sequoia That You Won’t Like, But Will Make You Safer

Posted in Commentary with tags on August 7, 2024 by itnerd

Change sometimes sucks. But sometimes change is something that is needed to move the world forward. Today, I’m going to give you one of those changes.

At present, when you try to run an app that hasn’t been signed and notarized by Apple, you’ll get this error message:

This is meant to protect you from spyware, malware, etc. Which is fine. But there was always a way around this. If you held down the control key and then clicked on the app, you would get this:

Choosing Open would allow you to open the app. And by extension, also expose you to getting pwned by something nasty. That ability is about to go away as according to this note the upcoming macOS Sequoia will take away this ability. This will stop users from accidentally pwning themselves by running an unsigned app. And there is a way to get around this if forever reason you want to run an unsigned app. You can navigate to System Settings –> Privacy & Security to allow the app to run.

Now let me be clear, I do not recommend that you ever run unsigned, and un-notarized apps. Ever. It’s too big of a risk. And at the same time, I also want to say that even signed and notarized apps have some amount of risk associated with them as some sort of threat actor could leverage the fact that their evil app is signed and notarized to launch an attack. But this change is a good one as it will make macOS more secure in the long run. Even if a handful of users aren’t going to be happy with this change.

Leave a comment »

Elon Musk Decides To Sue Advertisers Who Had The Audacity To Avoid Twitter Because Of How Toxic It Is

Posted in Commentary with tags on August 6, 2024 by itnerd

A reader pointed me towards this Tweet from Twitter sock puppet for Elon CEO Linda Yaccarino which is firmly in the realm of mind blowing:

Here’s what the actual Tweet says:

Every day, hundreds of millions of people come to X to be part of the only global, real-time conversation. They come to share their thoughts and hear others. To share their content and see more. To debate and be debated. To entertain and be entertained. To inspire and be inspired. There is no substitute for X.

The power of this community to bring global conversations to life was the reason I was so excited to join X as CEO in June 2023.

After a career in media and advertising, I thought I had seen everything. Then I read the U.S. House of Representatives Judiciary Committee’s report entitled “GARM’s (Global Alliance for Responsible Media) Harm” last month. The report disclosed that their investigation had found evidence of an illegal boycott against many companies, including X. As their report found: “Evidence obtained by the Committee shows that GARM and its members directly organized boycotts and used other indirect tactics to target disfavored platforms, content creators, and news organizations in an effort to demonetize and, in effect, limit certain choices for consumers.”

The consequence – perhaps the intent – of this boycott was to seek to deprive X’s users, be they sports fans, gamers, journalists, activists, parents or political and corporate leaders, of the Global Town Square.

To put it simply, people are hurt when the marketplace of ideas is undermined and some viewpoints are not funded over others as part of an illegal boycott.

This behavior is a stain on a great industry, and cannot be allowed to continue.

That is why, today, X has filed an antitrust lawsuit against the Global Alliance for Responsible Media (GARM), the World Federation of Advertisers (WFA), and GARM members CVS Health, Mars, Orsted and Unilever. This is not a decision we took lightly, but it is a direct consequence of their actions.

The illegal behavior of these organizations and their executives cost X billions of dollars.

Since arriving at X, I made it my mission to continue to build a platform where people, brands and advertisers can thrive in our unique, dynamic and safe environment.

And because of this commitment to our users, even despite the boycott, usage has reached all time highs. Using a Twitter legacy metric, user active minutes, in August 2022, people spent 7.2 billion active minutes on the platform. Today, that number is more than 9 billion, a 25% increase.

The same is true for video – even compared to last year, daily video views are up 45% to 8.2 billion. X is innovating and growing.

We have met and surpassed the requests made by advertisers and groups such as GARM for new tools, both to improve advertiser controls and the effectiveness of our products to drive increased value for our customers.

We have proven our platform provides advertisers a way to showcase their brands and reach their target audiences safely, efficiently and effectively. That’s why I’ve worked in good faith with marketers across the globe to showcase our innovations and allay any concerns with brands whom I’ve partnered with for decades. The unfortunate reality is that despite all our efforts, hundreds of meetings and research to the contrary, many companies chose to dismiss the facts.

To those who broke the law, we say enough is enough. We are compelled to seek justice for the harm that has been done by these and potentially additional defendants, depending what the legal process reveals.

It’s also clear that there are likely others who suffered at the hands of this activity. This case is about more than damages – we have to fix a broken ecosystem that allows this illegal activity to occur.

We will continue to innovate and ensure X has a vibrant future while the courts will hold accountable those who engaged in illegal behavior.

To all of you who have been part of the transformative journey we are on, thank you. Rest assured, we will not stop defending our global town square.

Linda

This was retweeted by Elon Musk, along with this:

Now let me add some context here, because context is important:

  • The committee that is being referred to in this lawsuit is led by Republicans on Capitol Hill. Given Elon and Linda’s right wing leanings, along with the fact that Twitter has gone toward the right since Elon took over, that’s enough to make one say “hmmmmm…”
  • The lawsuit’s allegations appear to canter on the early days of Musk’s Twitter takeover and not a more recent dispute with advertisers that came a year later which caused advertisers to flee the platform en masse.

This really seems to me to be a “Hail Mary” of sorts from Elon. As in he’s sending a message to say that if you don’t back him and his toxic platform, he’ll sue you. Which in turn should make it clear what the response of anyone who is still advertising on that platform should be. Which is that you should flee the platform now. Don’t wait for this case to play out in court. Leave now. By extension, if you as an individual happen to still be on Twitter, you should leave as well. Elon needs eyeballs to make money, and if you don’t consume the content on Twitter, you deprive him of money. Because to be frank, Elon and his sock puppet CEO Linda have lost the plot here. And there is zero reason why they need to be accommodated any longer.

Leave a comment »

France’s Grand Palais Discloses That It Pas Pwned During The Olympics

Posted in Commentary with tags on August 6, 2024 by itnerd

The Grand Palais Réunion des musées nationaux in France has disclosed it suffered a cyberattack on Saturday night.

French cyber crime police are investigating a ransomware attack against the Grand Palais exhibition hall in Paris where Olympic events including fencing and Taekwondo are being held, Paris prosecutors said on Tuesday.

They said cyber criminals had targeted the institution’s central computer system, but the incident had not caused any disruption to Olympic events taking place in the iconic glass-roofed exhibition hall in the centre of the French capital.

The computer system at the venue also handles data for 40 mainly small museums with which it is affiliated, the prosecutors said in an email.

Franceinfo radio said the attackers had demanded payment of a ransom within 48 hours, threatening to post online the financial data they had obtained if they did not receive the unspecified sum of money.

The attack may not have disrupted anything, but it’s not a good look. Rogier Fischer, CEO, Hadrian

It is highly likely that the cyberattack on Grand Palais Rmn was initiated through stolen credentials,. Incidents like these show time and again that preventive measures are essential but not foolproof, as sophisticated cyberattacks continually evolve, exploiting new vulnerabilities and human error. While prevention is a critical component of cybersecurity, it must be complemented by robust detection and response capabilities. This involves implementing advanced threat detection systems that can identify and respond to suspicious activities in real time.

This incident puts cybersecurity in front of the world because of the fact that this happened during the Olympics. Which in turn illustrates that if you don’t want your bad news to be on CNN, you need to ensure that your defences against this sort of thing need to be on point.

Leave a comment »

AppSOC Unveils AI Security Platform 

Posted in Commentary with tags on August 6, 2024 by itnerd

AppSOC, an innovation leader in security and risk management, today announced the launch of pioneering capabilities for safeguarding artificial intelligence (AI) applications and agents while providing the visibility and governance that enterprises need to leverage AI with confidence.

Businesses across sectors are recognizing the immense potential of AI, but the rush to deploy new AI solutions has outpaced security, introducing substantial new risks. As the first application security vendor to address the unique challenges of AI security, AppSOC is setting a new industry standard by integrating these capabilities directly into their robust platform. This powerful combination of AI and application security enables customers to detect, prioritize, and remediate issues across AI and connected applications, without creating new security silos. 

The AppSOC solution leverages new industry frameworks for categorizing AI risk including the OWASP Top 10 LLM Risks. AI security issues detected are mapped to these frameworks providing customers with confidence that they are aligned with industry best practices.

AppSOC’s new AI security and governance capabilities include:

  • Shadow AI Discovery: providing visibility into unsanctioned AI models and agents to ensure security best practices and compliance
  • AI Governance: proactively creating resource inventories, use-case repositories, and approval workflows for AI projects to ensure trust, safety and accountability
  • AI Posture Management & Data Protection: detecting security misconfigurations, applying guardrailsand protecting against data leaks
  • Content Anomaly Detection and Data Compliance: runtime analysis of prompts and responses to address application abuse and attacks such as prompt injection
  • AI Supply Chain Security: ensuring the integrity of AI applications and agents to mitigate security, reliability, and licensing risks associated with open-source models and datasets
  • Protection for Connected Applications: safeguarding critical enterprise applications connected to AI systems against security breaches

To learn more about AppSOC AI security and see a live demonstration, please register for an upcoming webinar on August 13, at 10:00 am PDT.

Leave a comment »

Tech Mahindra and Horizon3.ai Partner On AI Security

Posted in Commentary with tags on August 6, 2024 by itnerd

Tech Mahindra announced a strategic partnership with Horizon3.ai, a leader in autonomous security to elevate the cybersecurity landscape. The partnership will integrate Horizon3.ai’s cutting-edge NodeZero™ platform, delivering integrated threat detection, AI-powered pentesting, and Governance, Risk, and Compliance (GRC) insights, with Tech Mahindra’s comprehensive suite of cybersecurity services.

Tech Mahindra will leverage Horizon3.ai’s NodeZero™ autonomous penetration testing platform to empower its customers to uncover exploitable vulnerabilities and validate security measures across on-premises, cloud, and hybrid network infrastructures. The partnership will combine Tech Mahindra and Horizon3.ai’s cybersecurity domain expertise and global reach to drive innovation, excellence, and proactive defense. It will provide customers with the tools and expertise needed to safeguard their digital assets.

Tech Mahindra will offer customers real-time vulnerability assessments, enabling prompt identification and remediation of vulnerabilities. The real-world attack testing capability will simulate cyber attackers’ tactics to assess security resilience. Additionally, customers will benefit from comprehensive reporting that prioritizes risks and provides actionable remediation recommendations. The enhanced compliance and cost-effective capabilities will ensure organizations meet regulatory standards and access scalable, advanced penetration testing.

The partnership with Horizon3.ai aligns with Tech Mahindra’s mission to enhance its offerings and provide customers with an unprecedented level of security assurance. Tech Mahindra has earned a reputation as a leading cybersecurity partner by delivering technology implementations, managed security and risk services, and compliance solutions to organizations worldwide. Their comprehensive approach ensures overall cyber resilience and provides cutting-edge proactive protection, detection, and remediation across diverse security domains. 

Leave a comment »

Fortinet Acquires Next DLP

Posted in Commentary with tags on August 6, 2024 by itnerd

Fortinet today announced that it has acquired Next DLP, a leader in insider risk and data protection. With this acquisition, Fortinet will improve its position in the standalone enterprise data loss prevention (DLP) market and strengthen its leadership in integrated DLP markets within endpoint and SASE in alignment with Fortinet’s business strategy.

Next DLP has been recognized by industry analysts for its technology innovation and was recently named a Representative Vendor in the 2023 Gartner Market Guide for Data Loss Prevention1 and the 2023 Gartner Market Guide for Insider Risk Management Solutions.2 The company delivers a leading next-generation, cloud-native SaaS data protection platform that extends from endpoint to cloud.

As part of its commitment to offering enterprises a top-tier Unified SASE solution, Fortinet plans to integrate Next DLP’s technology to add advanced data loss prevention capabilities to Fortinet’s security service edge (SSE) offering, as well as integrate additional insider risk and data protection capabilities across the Fortinet Security Fabric.

Transaction Details
The deal has been signed and closed as of August 5, 2024.

Leave a comment »

Foxit Releases Research On How Can AI Enhance Traditional Document Workflows

Posted in Commentary with tags on August 6, 2024 by itnerd

Foxit has announced the release of Forrester research examining how organizations are currently handling their document workflows and the potential for AI to revolutionize these processes.

This news has implications across virtually every industry vertical such as healthcare, finance, manufacturing, education, media and entertainment, insurance, legal, and others. Certainly, it applies to human resources (HR) and hybrid work environments. And of course, it is important to those that think about their organization’s business acumen and agility, data protection, and data security. 

DeeDee Kato, Vice President of Corporate Marketing at Foxit, has written a blog detailing the research conducted and highlighting the key findings. You can read it here.

Leave a comment »

« Older Entries
Newer Entries »