Specops Software Boosting Multi-Factor Authentication Layers for Active Directory With Specops Secure Access

Posted in Commentary with tags on March 4, 2025 by itnerd

 Specops Software, an Outpost24 company and leading provider of password management and user authentication solutions, today announced the launch of Specops Secure Access, a new capability that provides multi-factor authentication (MFA) to Windows logon, Remote Desktop Protocol (RDP), and VPN connections. This new innovation adds a vital layer of security to on-premises or hybrid Active Directory environments, strengthening protection against unauthorized access and credential-based attacks.

Password-based threats are on the rise. Specops Software’s 2025 Breached Password Report uncovered over a billion passwords stolen by malware over a 12-month period, while data by Microsoft revealed that 7,000 password attacks were blocked every second as it tracked more than 600 million identity-based attacks against organizations in 2024. Worryingly, 99.9% of breached accounts lacked multi-factor authentication, highlighting the current landscape of password security necessitates improved defenses against password-related threats and MFA.

Specops Secure Access tackles this issue by integrating MFA into the logon process, enabling organizations to safeguard both user passwords and authentication workflows, reinforcing overall cybersecurity without compromising ease of use. Specops Secure Access provides user-friendly MFA at key points where Active Directory passwords are used. With flexible options, it ensures secure authentication for logon, RDP, and VPN, whether users are online or offline.

Organizations that deploy Speops Secure Access will also meet compliance for a variety of industry standards including:

  • National Institute of Standards and Technology (NIST) requires an MFA for AAL2/3 and access to any personal information in NIST SP 800-63B.
  • Payment Card Industry Data Security Standard (PCI DSS) increased MFA requirements with PCI DSS 4.0, requiring MFA for all access (not just admin) into the cardholder data environment.
  • Cyber Essentials requires organizations to implement MFA, where available, for all user access in v3.1.
  • The Network and Information Systems Directive 2 (NIS2) requires MFA for access to network and information systems, prioritizing strong authentication methods to enhance cybersecurity and mitigate unauthorized access risks.

By using Specops Password Policy, continuous scanning against an up-to-date compromised password database enables organizations to block the use of weak passwords and check Active Directory passwords against a growing database of over 4 billion unique compromised passwords.

Specops Secure Access is available now to all Specops Breached Password Protection customers.

To learn more about Specops Secure Access, click here.

Leave a comment »

Red Canary Expands Its Security Data Lake, Allowing IT and Security Teams to Meet Compliance and Audit Requirements While Significantly Reducing Costs

Posted in Commentary with tags on March 4, 2025 by itnerd

Red Canary has announced new capabilities for Red Canary Security Data Lake, a service that enables IT and security teams to efficiently store, search, and access large volumes of infrequently accessed logs—such as firewall, DNS, and SASE data—without overspending on legacy SIEMs.

Security teams struggle to balance data retention costs with ensuring they have the relevant logs available when needed for threat investigations and response. In fact, new research surveying 300 IT and security professionals, commissioned by Red Canary and conducted by Censuswide in February 2025, found that:

  • Just 35% of data stored in legacy SIEMs delivers tangible value for threat detection.
  • Only 13% of organizations separate out low value data for cheaper storage in a raw data repository. 
  • Due to SIEM storage costs, 68% of IT security decision makers discard low value data and have to hope they won’t regret it.
  • 84% of IT security decision makers say having a security data lake to store low value logs at reduced costs would maximize the value of their SIEM spend.
  • 62% of IT security decision makers say they are fed up with pouring money down the drain storing useless data just to tick a box for compliance.

Red Canary’s new Security Data Lake capabilities help organizations tackle these issues head on. Whether organizations are looking to complement an existing SIEM investment by storing lower-value data more efficiently or need a standalone solution for managing security logs without a SIEM, Red Canary’s Security Data Lake delivers flexibility, cost savings, and seamless access to critical data when it matters most.

What’s new:

Ingest logs from any source

  • Retain high-volume, infrequently accessed logs, such as firewall, DNS, and SASE data.
  • Store raw, line-delimited data (e.g., JSON strings, Syslog messages) that is writable to an Amazon S3 bucket or Syslog collector.

Demonstrate compliance in highly regulated industries, such as financial services and healthcare

  • Store logs indefinitely to meet retention requirements.
  • Export logs on demand to compile audit reports when needed.

Ensure data availability for threat investigations

  • Use SQL search to run ad-hoc queries during incident investigations.
  • Search data by attributes such as hostnames, IPs, URLs, and date/time ranges.
  • Perform basic statistical analysis to enhance detection workflows.

Additional resources:

Methodology:

Research based on a survey of 300 IT security decision makers in the U.S. (200) and UK (100) in enterprises with over 1,000 employees. It was commissioned by Red Canary and conducted by Censuswide in February 2025.

Leave a comment »

Google Warns of Two Critical Android Vulnerabilities

Posted in Commentary with tags on March 4, 2025 by itnerd

Google has published a security bulletin warning of two critical and actively exploited Android vulnerabilities, CVE-2024-43093 and CVE-2024-50302, being used in attacks targeting devices running Android 12 through 15. CVE-2024-50302 appears to be the zero-day exposed by Amnesty International in a 2/28 report about an attack against a Serbian political activist.

Javvad Malik, lead security awareness advocate at KnowBe4, commented:

“Google’s disclosure of CVE-2024-43093 and CVE-2024-50302 serves as a stark reminder of the perils lurking in our pockets. These vulnerabilities, affecting over a billion Android devices, highlight the importance of deploying patches in a timely manner. 

The involvement of Serbian authorities and Cellebrite’s UFED tools in exploiting these vulnerabilities adds a layer of complexity in that it blurs the lines between state-sponsored surveillance and cybercrime.


The real challenge lies in the fragmented nature of the Android ecosystem. With dozens of manufacturers and carriers, patching becomes a logistical nightmare, leaving countless devices vulnerable long after fixes are available. Unfortunately, many cheaper Android devices running older versions of the operating system can’t be updated at all.


This incident underscores the urgent need for a more cohesive approach to security updates in the Android world. Google, OEMs, and carriers must pull together to ensure patches reach users swiftly, regardless of device or location.” 

This is something that I have been saying for years. Android needs a more cohesive approach as the way thing are right now isn’t workable from a security standpoint. In short, they need to be more like Apple where if a security issue exists, a fix is pushed out and mitigated on the majority of devices in short order. Hopefully Google decides to eventually move in that direction.

Leave a comment »

Bell Officially Announces The Return Of 8 Gbps Fibre

Posted in Commentary with tags on March 4, 2025 by itnerd

Following up on my story on the weekend where I noted that Bell had started to offer 8 Gbps fibre again, I now have a statement from Bell that makes this official. Here’s the statement:

At Bell, we’re always striving to deliver the best Internet experience for our customers and are excited to announce that Bell Pure Fibre is now offering download and upload speeds of up to 8 gigabits per second (Gbps) for residential customers in select areas of Ontario and Québec – the fastest speeds available on the market today. 

Bell Pure Fibre is already recognized as Canada’s fastest Internet by Ookla Speedtest Awards – an achievement we’ve earned for the fourth consecutive time. We’re also proud to be Canada’s most awarded Internet service provider. With 8 Gbps, we’re continuing to push the boundaries of what’s possible.

With Bell Pure Fibre 8 Gbps, customers will experience next-level connectivity that is sure to transform the way they work, stream, game and connect. New and existing customers can upgrade to Canada’s fastest home Internet today by calling Bell or visiting Bell.ca.

So it’s now official. 8 Gbps fibre is back for those who feel they need that sort of speed. Will you be upgrading to 8 Gbps fibre? If you are, please leave a comment and tell us why.

1 Comment »

Darktrace Releases Report On Security Professional’s View On AI Threats

Posted in Commentary with tags on March 4, 2025 by itnerd

Darktrace today released the findings of its second annual 2025 State of AI Cybersecurity report, which includes insights from over 1500 global security professionals on their attitudes and understanding of AI’s evolving role in cybersecurity.   

The report includes new data points that reinforce a few key trends:  

  • A majority of Canadian CISOs are feeling the impact of AI-powered threats. The offensive use of AI is now very real for CISOs with these tools helping attackers increase the speed, scale and sophistication of attacks. 
  • Canadian security professionals feel slightly more prepared for AI threats since last year but still cite challenges around lack of personnel as a key inhibitor to defending against these threats.  
  • There is a growing gap between confidence in AI tools and understanding AI tools. Nearly all Canadian security professionals are confident in the impact AI can have on cyber defense, but few report a strong understanding of the AI technology used today.  

The report is linked here.

Leave a comment »

SIOS High Availability Software Now Validated for Cimcor’s CimTrak Integrity Suite

Posted in Commentary with tags on March 4, 2025 by itnerd

 SIOS Technology Corp., a leading provider of application high availability (HA) and disaster recovery (DR) solutions, today announced that SIOS LifeKeeper and SIOS DataKeeper clustering software have been validated for use with Cimcor’s cybersecurity solution, the CimTrak Integrity Suite. This collaboration allows Cimcor customers to seamlessly integrate high availability and disaster recovery into their CimTrak environments, ensuring continuous protection against cyber threats and minimizing downtime in critical cybersecurity operations.

SIOS LifeKeeper is a high availability solution that ensures critical applications are always available, automatically detecting failures and initiating failover to standby systems to maintain uninterrupted service. SIOS DataKeeper offers synchronous data replication, ensuring that data is consistently mirrored across multiple servers for fast recovery in case of server failure. Together, these solutions provide comprehensive protection for business-critical applications like CimTrak, helping organizations minimize the risk of downtime and data loss while maintaining secure, highly available systems.

CimTrak is the industry’s leading System Integrity Assurance platform that provides real-time monitoring and protection of critical IT assets – from servers and networks to cloud configurations, containers, databases, and industrial control systems. Its patented real-time detection technology lets CimTrak instantly detect and remediate unwanted and unexpected changes across your infrastructure while maintaining system integrity. The platform helps organizations strengthen their security posture, maintain continuous compliance, and protect against external and internal threats through automated workflows and comprehensive change management.

Leave a comment »

Balancing Innovation and Sustainability: AI’s Environmental Dilemma

Posted in Commentary with tags on March 4, 2025 by itnerd

The vpnMentor team has a new report out that explores the environmental impact of AI, while also shedding light on how it can be used to benefit the environment so we can better understand how to innovate responsibly and create a sustainable future for all.

Key findings at a glance:

  • A 2024 study published in Nature Computational Science found that generative AI’s e-waste could reach 2.5 tons per year by 2030 if no waste-reduction measures are implemented.
  • Researchers at UC Riverside found that by 2027, the global demand for water from AI-related activities could reach up to 6.6 billion m3 — roughly equivalent to the yearly water consumption of half of the United Kingdom. 
  • Apple’s electricity usage increased by 35% from 2020 to 2023, reaching 3,487,000 MWh. Similarly, water usage at corporate facilities rose from 4,872,474 m3 in 2020 to 6,094,513 m3 in 2023, correlating with the cooling needs of AI activities and expanded infrastructure. 
  • The most polluting servers are located in Mumbai, India, emitting 36.80 kg of CO2. The next most polluting servers are located in Sydney (32.08 kg of CO2) and Hong Kong (28.02 of CO2).

As we navigate the complexities of AI’s environmental impact, it becomes clear that innovation must go hand in hand with sustainability. While AI holds the promise of solving pressing global challenges, its development and operation can lead to significant carbon emissions and electronic waste.
You can access the report here: https://www.vpnmentor.com/blog/environmental-impact-of-ai-research/

Leave a comment »

New data shows staggering rise in fraud across the country as Fraud Prevention Month kicks off

Posted in Commentary with tags on March 4, 2025 by itnerd

 From auto theft to AI-generated documents and beyond, fraud continues to be one of the more pressing issues facing Canadian consumers and businesses in 2025.

As Fraud Prevention Month kicks off, new data from Aviva Canada has revealed a 46% increase in claim fraud detection – and a staggering 76% rise in fraud investigations – in 2024. Auto-related incidents alone accounted for two-thirds (67%) of all claim fraud investigations during the past year. Advancements in AI and its use by individuals to falsify information are expected to be on the rise in 2025.

Five Emerging Fraud Trends to Watch in 2025
The methods used by bad actors are constantly evolving, so it’s important for Canadians to stay current on emerging trends. Aviva Canada’s data shows five types of fraud that are growing in the Canadian market:

  • Vehicle Theft and ReVINing – Vehicle thefts remain above pre-pandemic levels, with a 58% increase in investigations in the latter half of 2024. Stolen vehicles are often shipped overseas, or their VIN numbers altered and resold to unsuspecting Canadian buyers with false documentation. With the tightening of Canada-US borders, more stolen vehicles could remain in Canada, increasing the likelihood of Canadians buying a stolen vehicle from online public marketplaces.
  • Staged Auto Accidents – Increasing in numbers and complexity, staging false auto accidents is a trend on the rise across Canada. Aviva Canada saw a 47% increase in the number of staged accidents caught in Q4 2024. This type of scam could be linked to organized crime groups operating in Canada.
  • AI-Enabled Falsified or Forged Documents – The use of technology AI to edit or falsify documents is increasingly evident in investigations. This technology is frequently seen in both staged claims and opportunistic fraud, where it is used to create false claims or inflate legitimate claims, such as personal and commercial property contents claims, by supporting them with false invoices.
  • Ghost Brokers – People posing as licensed insurance brokers to sell fake policies or manipulate information to secure lower premiums is a growing concern in Canada, often leaving unsuspecting consumers without valid coverage. Consumers should be extra vigilant when purchasing insurance. They are encouraged to check their provincial registries to ensure the person they’re dealing with is properly licensed and confirm proof of insurance directly with the insurer.
  • Policy Misrepresentation – Individuals may misrepresent or omit key information from their insurance policies such as their true address, the intended use of a vehicle or property, or not disclosing major construction or renovations being done. These incidents can unfortunately lead to honest customers paying disproportionately higher premiums.

For tips and more information on how to protect yourself or to report fraud, you can visit Aviva Canada’s Fraud Hub.

Leave a comment »

JavaGhost Uses Amazon IAM Permissions to Phish Organizations

Posted in Commentary with tags on March 3, 2025 by itnerd

Researchers have observed the JavaGhost threat actor group using phishing to targeting AWS environments. This group takes advantage of misconfigurations in the victim organizations’ environments that expose AWS credentials in the form of long-term access keys. More info from Palo Alto’s Unit 42 is available here:  https://unit42.paloaltonetworks.com/javaghost-cloud-phishing/

Jim Routh, Chief Trust Officer at cybersecurity company Saviynt had this to say:

“Cyber threat actors with sophisticated technical skills and solid business sense now know that maintaining persistence within enterprises using back doors with command and control capabilities is getting more difficult to sustain, due to improvements in endpoint monitoring and network-level behavioral analysis that comes with cybersecurity product maturity. As a byproduct, threat actors are doing what they do best: adjusting their tactics. 

Threat actors know that compromising credentials is most effective to both penetrate enterprise cyber defenses and to operate within an enterprise to escalate privilege and obtain access to digital assets to monetize in various ways. Obtaining cloud-based credentials used in identity access management (IAM) services for IaaS providers offers sophisticated threat actors an opportunity to gain access to digital assets, while minimizing the probability of detection. 

This news represents an acknowledgement by threat actors that cloud and IaaS account compromise continues to offer profitable opportunities for exploitation. Enterprises and the tech industry should look for different ways to more effectively manage IaaS and SaaS account configuration and management. The on-boarding of accounts for cloud-based services represents today a weakness that will continue to be exploited by sophisticated threat actors. Many enterprises struggle with the onboarding (registration, configuration) of cloud accounts due to backlogs for the many types of cloud accounts essential for meeting service levels for enterprise users. Enterprises need to get more creative in addressing the backlog and provide faster, more responsive onboarding for these accounts. Many established and mature IAM practices and processes were designed for managing access to systems within a proprietary data center. Providing effective IAM management for cloud accounts is a struggle for many enterprises that threat actors like JavaGhost are taking advantage of.” 

Roger Grimes, data-driven defense evangelist at KnowBe4 follows with this:

“This is another example of how not doing the basics better can hurt you. When clouds really took over a decade ago, “experts’ worried about all the new cloud-specific attacks we would see and become accustomed to. But what has proven true over time is that the same things that plague us in on-premise environments for over 2-3 decades are still what plagues us in cloud environments. In this case, overly permissive permissions and social engineering. Social engineering is responsible for 70% – 90% of successful attacks. Overly permissive permissions is also a top threat (but surpassed also by vulnerability exploits and stolen credentials). 

If you want to keep hackers and their malware creations out, concentrate on the long-time basics, not just as part of everything you are doing, but primarily what you are doing. If you’re not stopping social engineering, exploits against unpatched vulnerabilities, credential theft (79% of the time through social engineering), and misconfigurations, of which overly permissive permissions is one type, then you aren’t going to stop hackers. The only difference now is you need to learn how to do it in both on-premises and cloud environments. But the threats are the same.”

If your organization has any exposure to AWS, I’d set aside some time to read this report. Specifically the protections and mitigations section which should help to make you safer.

Leave a comment »

Introducing Nova-3 Medical: The Most Accurate Medical Transcription Model in the World 

Posted in Commentary with tags on March 3, 2025 by itnerd

Deepgram today announced the launch of Nova‑3 Medical, its next‑generation AI-powered speech‑to‑text (STT) model specifically engineered for the healthcare industry. Designed to meet the rigorous demands of clinical environments, Nova‑3 Medical enables developers to build highly accurate, customizable, and secure voice AI products and solutions tailored for healthcare settings. It seamlessly integrates with Deepgram’s enterprise runtime platform—including advanced text-to-speech (TTS) and speech-to-speech (STS) capabilities—providing a comprehensive suite of AI-driven tools that deliver enterprise-grade performance, adaptability, and cost efficiency. From streamlining clinical documentation to revolutionizing therapeutic scribing, Deepgram powers transformative medical transcription applications for industry leaders, driving exceptional outcomes across the healthcare spectrum.

Meeting the Growing Demand for AI-Powered Healthcare Transcription

As healthcare rapidly digitizes—with the widespread adoption of electronic health records, telemedicine, and digital health platforms—the demand for AI-powered transcription has never been greater. Traditional off-the-shelf speech-to-text models often struggle with the complexities of clinical terminology, leading to transcription errors and “hallucinations” that can compromise patient care. With the medical transcription market projected to grow from USD 85.3 billion in 2023 to USD 190.2 billion by 2032, developers building voice-AI applications for healthcare need infrastructure that not only delivers exceptional accuracy and speed but also provides the flexibility to meet diverse regulatory and operational requirements.

Built to meet these demands, Nova-3 Medical leverages advanced machine learning and specialized medical vocabulary training to set a new standard in healthcare transcription. Engineered for real-world clinical environments, the model accurately captures specialized medical terms, acronyms, and clinical jargon—even in challenging far-field audio conditions where providers step away from recording devices such as desktops and tablets. Moreover, it delivers structured transcriptions that seamlessly integrate with clinical workflows and EHR systems, ensuring vital patient data is accurately organized and readily accessible. Its flexible, self‑service customization—featuring Keyterm Prompting for up to 100 key terms—allows developers to tailor the solution to the unique needs of various medical specialties while versatile deployment options, including on‑premises and VPC configurations, ensure enterprise‑grade security and HIPAA compliance.

Benchmarking Nova-3 Medical: Accuracy, Speed, and Efficiency

Nova-3 Medical delivers industry-leading transcription accuracy, optimizing both overall word recognition and critical medical term accuracy for voice-driven healthcare applications.

WER Comparison (see figure 1)

With a median Word Error Rate (WER) of 3.45%, Nova-3 Medical outperforms competing models, achieving a 63.6% reduction in errors compared to the next best competitor. This improvement enhances documentation precision, minimizes manual corrections, and streamlines workflows for healthcare providers.

KER Comparison (see figure 2)

However, medical transcription accuracy isn’t limited to WER—correctly capturing critical medical terms is essential for minimizing patient care risks. Nova-3 Medical achieves a Keyword Error Rate (KER) of 6.79%, marking a 40.35% reduction in errors compared to the next best competitor. This ensures that fewer critical drug names, conditions, and procedures are misrecognized, reducing the chances of transcription errors that could lead to miscommunication, improper documentation, or even patient safety risks.

In addition to transcription accuracy, Nova-3 Medical’s performance excels in real-time applications, where speed and scalability are crucial. Optimized for real-time use, Nova‑3 Medical transcribes speech 5 to 40 times faster than most alternative speech recognition vendors, making it ideal for telemedicine and digital health platforms. Its scalable architecture ensures that as transcription volumes grow, healthcare tech companies can maintain high performance without incurring excessive costs. Starting at $0.0077 per minute of streaming audio, Nova‑3 Medical is more than 2x more affordable than leading cloud providers, reducing operational expenses and enabling companies to reinvest in innovation, accelerate product development, and offer competitive pricing to drive market adoption.

Visit Deepgram at Booth #136 in the AI Pavilion at HIMSS25, March 3-6, 2025, to see Nova-3 Medical in action; and don’t miss these sessions:

SessionFrom AI Scribes to EHR Automation: How Deepgram Enables Healthtech with Voice AI and Amazon Bedrock

When: Tuesday, March 4, 3:40 PM to 4:00 PM

Where: AI Pavilion, Venetian, Level 2, Hall A

SessionVoice AI Mixer with Deepgram & OneReach.ai

When: Wednesday, March 5, 6:00 PM to 7:30 PM

Where: Venetian, Palazzo Ballroom, Palazzo A

For more information about Nova‑3 Medical and how it is revolutionizing healthcare transcription, please visit www.deepgram.com.

Leave a comment »

« Older Entries
Newer Entries »