Rubrik Admits To Security Incident

Posted in Commentary with tags on March 4, 2025 by itnerd

Cybersecurity company Rubrik disclosed recently disclosed a security incident where an unauthorized actor gained access to a server containing log files. While the company states the intrusion was limited to a single server and there’s no evidence of customer data or internal code being compromised, they did confirm that some “access information” was obtained by the threat actor. Rubrik has rotated keys as a precautionary measure, though they found no evidence this access information was misused.

If you want to go down the rabbit hole on this, the company posted a write up on this incident.

 James Winebrenner, CEO at Elisity had this comment:

“The Rubrik breach emphasizes once again that traditional network security approaches are inadequate for protecting critical business assets. While details are still emerging, the familiar pattern of initial compromise followed by lateral movement clearly highlights the urgent need for a paradigm shift in cybersecurity. Identity-based microsegmentation establishes precise, zero-trust boundaries around every resource, not just the network perimeter, which ensures users and devices only access what’s absolutely necessary. Organizations relying on legacy security models should view incidents like these as urgent signals to modernize their defenses proactively, rather than risk becoming tomorrow’s headline.”

While it does sound like that this isn’t that bad, you should consider that Rubrik were part of the massive GoAnywhere breach that the Cl0p ransomware gang was running. Thus I hope Rubrik takes this opportunity to make sure that their security is top shelf to avoid something really bad happening to them.

Leave a comment »

Fubo launches unlimited DVR for all Canadian packages

Posted in Commentary with tags on March 4, 2025 by itnerd

Fubo has expanded its Unlimited DVR ​feature ​​​to all Canadian packages. This enhancement allows subscribers in Canada to enjoy even more flexibility​, personalization,​and convenience in ​streaming​​​their favorite content, at no extra cost. 

With Unlimited DVR, Fubo users can now record live programs on most channels either before or during the program’s airing. Recorded content will remain on the user’s Cloud DVR for 9 months.​Perfect for households with diverse viewing preferences, this feature allows viewers to record​as many​​ programs​as they choose on any Fubo compatible device​​, ensuring they never miss a moment of their favorite programming. 

The Unlimited DVR service is available immediately to all new and existing Fubo subscribers in Canada.  

For more information, you can read the news that was on a Reddit post here

Leave a comment »

LCBO Website Goes Dark While They Remove US Alcohol In Response To Trump’s Tariffs… And The Starlink Deal With Ontario Gets Canned

Posted in Commentary with tags , on March 4, 2025 by itnerd

A reader alerted me to the LCBO website going dark. When you go to lcbo.com, this is what you currently get:

No doubt that this was ordered by Ontario Premier Doug Ford who has threatened to take US alcohol off of LCBO shelves if Donald Trump levied tariffs against Canada. Well he did so Ford followed through on that threat. For context, the LCBO because it is located in Canada’s biggest province makes it the single biggest buyer of alcohol on the planet according to Wikipedia. Thus this move will absolutely hurt US producers of alcohol.

But that’s not all that Ford is doing:

The premier cancelled the province’s $100 million satellite internet deal with Elon Musk’s Starlink and threatened 25 per cent export taxes on electricity sent from Ontario to 1.5 million customers in New York, Michigan and Minnesota.

“We need to make sure America feels the pain. Stop buying U.S. goods,” Ford told reporters at Queen’s Park.

“We’re ripping up Ontario’s contract with Starlink. It’s done, it’s gone. We won’t award contracts to people who enable and encourage economic attacks on our province and our country,” he said.

Taking aim at Musk, the world’s richest man and one of Trump’s most influential advisers, Ford reminded people that the Tesla tycoon used to live in Ontario.

“Isn’t it ironic that … part of his education was at Queen’s and he’s attacking the country and the province that gave him the opportunity to go to Queen’s University. They should be embarrassed that he went to Queen’s,” the premier said.

“He should be embarrassed to attack the people that took care of him for a number of years with his family.”

Elon may not notice this deal being cancelled. But it’s the latest problem for Elon as Tesla sales are tanking along with Tesla’s stock value because of his association with Donald Trump along with his own ill advised antics. Whether that is going to make enough of a difference to make Elon suggest to Trump to call off the tariffs is an open question. But it’s clear that Canada isn’t taking this lying down.

Leave a comment »

Specops Software Boosting Multi-Factor Authentication Layers for Active Directory With Specops Secure Access

Posted in Commentary with tags on March 4, 2025 by itnerd

 Specops Software, an Outpost24 company and leading provider of password management and user authentication solutions, today announced the launch of Specops Secure Access, a new capability that provides multi-factor authentication (MFA) to Windows logon, Remote Desktop Protocol (RDP), and VPN connections. This new innovation adds a vital layer of security to on-premises or hybrid Active Directory environments, strengthening protection against unauthorized access and credential-based attacks.

Password-based threats are on the rise. Specops Software’s 2025 Breached Password Report uncovered over a billion passwords stolen by malware over a 12-month period, while data by Microsoft revealed that 7,000 password attacks were blocked every second as it tracked more than 600 million identity-based attacks against organizations in 2024. Worryingly, 99.9% of breached accounts lacked multi-factor authentication, highlighting the current landscape of password security necessitates improved defenses against password-related threats and MFA.

Specops Secure Access tackles this issue by integrating MFA into the logon process, enabling organizations to safeguard both user passwords and authentication workflows, reinforcing overall cybersecurity without compromising ease of use. Specops Secure Access provides user-friendly MFA at key points where Active Directory passwords are used. With flexible options, it ensures secure authentication for logon, RDP, and VPN, whether users are online or offline.

Organizations that deploy Speops Secure Access will also meet compliance for a variety of industry standards including:

  • National Institute of Standards and Technology (NIST) requires an MFA for AAL2/3 and access to any personal information in NIST SP 800-63B.
  • Payment Card Industry Data Security Standard (PCI DSS) increased MFA requirements with PCI DSS 4.0, requiring MFA for all access (not just admin) into the cardholder data environment.
  • Cyber Essentials requires organizations to implement MFA, where available, for all user access in v3.1.
  • The Network and Information Systems Directive 2 (NIS2) requires MFA for access to network and information systems, prioritizing strong authentication methods to enhance cybersecurity and mitigate unauthorized access risks.

By using Specops Password Policy, continuous scanning against an up-to-date compromised password database enables organizations to block the use of weak passwords and check Active Directory passwords against a growing database of over 4 billion unique compromised passwords.

Specops Secure Access is available now to all Specops Breached Password Protection customers.

To learn more about Specops Secure Access, click here.

Leave a comment »

Red Canary Expands Its Security Data Lake, Allowing IT and Security Teams to Meet Compliance and Audit Requirements While Significantly Reducing Costs

Posted in Commentary with tags on March 4, 2025 by itnerd

Red Canary has announced new capabilities for Red Canary Security Data Lake, a service that enables IT and security teams to efficiently store, search, and access large volumes of infrequently accessed logs—such as firewall, DNS, and SASE data—without overspending on legacy SIEMs.

Security teams struggle to balance data retention costs with ensuring they have the relevant logs available when needed for threat investigations and response. In fact, new research surveying 300 IT and security professionals, commissioned by Red Canary and conducted by Censuswide in February 2025, found that:

  • Just 35% of data stored in legacy SIEMs delivers tangible value for threat detection.
  • Only 13% of organizations separate out low value data for cheaper storage in a raw data repository. 
  • Due to SIEM storage costs, 68% of IT security decision makers discard low value data and have to hope they won’t regret it.
  • 84% of IT security decision makers say having a security data lake to store low value logs at reduced costs would maximize the value of their SIEM spend.
  • 62% of IT security decision makers say they are fed up with pouring money down the drain storing useless data just to tick a box for compliance.

Red Canary’s new Security Data Lake capabilities help organizations tackle these issues head on. Whether organizations are looking to complement an existing SIEM investment by storing lower-value data more efficiently or need a standalone solution for managing security logs without a SIEM, Red Canary’s Security Data Lake delivers flexibility, cost savings, and seamless access to critical data when it matters most.

What’s new:

Ingest logs from any source

  • Retain high-volume, infrequently accessed logs, such as firewall, DNS, and SASE data.
  • Store raw, line-delimited data (e.g., JSON strings, Syslog messages) that is writable to an Amazon S3 bucket or Syslog collector.

Demonstrate compliance in highly regulated industries, such as financial services and healthcare

  • Store logs indefinitely to meet retention requirements.
  • Export logs on demand to compile audit reports when needed.

Ensure data availability for threat investigations

  • Use SQL search to run ad-hoc queries during incident investigations.
  • Search data by attributes such as hostnames, IPs, URLs, and date/time ranges.
  • Perform basic statistical analysis to enhance detection workflows.

Additional resources:

Methodology:

Research based on a survey of 300 IT security decision makers in the U.S. (200) and UK (100) in enterprises with over 1,000 employees. It was commissioned by Red Canary and conducted by Censuswide in February 2025.

Leave a comment »

Google Warns of Two Critical Android Vulnerabilities

Posted in Commentary with tags on March 4, 2025 by itnerd

Google has published a security bulletin warning of two critical and actively exploited Android vulnerabilities, CVE-2024-43093 and CVE-2024-50302, being used in attacks targeting devices running Android 12 through 15. CVE-2024-50302 appears to be the zero-day exposed by Amnesty International in a 2/28 report about an attack against a Serbian political activist.

Javvad Malik, lead security awareness advocate at KnowBe4, commented:

“Google’s disclosure of CVE-2024-43093 and CVE-2024-50302 serves as a stark reminder of the perils lurking in our pockets. These vulnerabilities, affecting over a billion Android devices, highlight the importance of deploying patches in a timely manner. 

The involvement of Serbian authorities and Cellebrite’s UFED tools in exploiting these vulnerabilities adds a layer of complexity in that it blurs the lines between state-sponsored surveillance and cybercrime.


The real challenge lies in the fragmented nature of the Android ecosystem. With dozens of manufacturers and carriers, patching becomes a logistical nightmare, leaving countless devices vulnerable long after fixes are available. Unfortunately, many cheaper Android devices running older versions of the operating system can’t be updated at all.


This incident underscores the urgent need for a more cohesive approach to security updates in the Android world. Google, OEMs, and carriers must pull together to ensure patches reach users swiftly, regardless of device or location.” 

This is something that I have been saying for years. Android needs a more cohesive approach as the way thing are right now isn’t workable from a security standpoint. In short, they need to be more like Apple where if a security issue exists, a fix is pushed out and mitigated on the majority of devices in short order. Hopefully Google decides to eventually move in that direction.

Leave a comment »

Bell Officially Announces The Return Of 8 Gbps Fibre

Posted in Commentary with tags on March 4, 2025 by itnerd

Following up on my story on the weekend where I noted that Bell had started to offer 8 Gbps fibre again, I now have a statement from Bell that makes this official. Here’s the statement:

At Bell, we’re always striving to deliver the best Internet experience for our customers and are excited to announce that Bell Pure Fibre is now offering download and upload speeds of up to 8 gigabits per second (Gbps) for residential customers in select areas of Ontario and Québec – the fastest speeds available on the market today. 

Bell Pure Fibre is already recognized as Canada’s fastest Internet by Ookla Speedtest Awards – an achievement we’ve earned for the fourth consecutive time. We’re also proud to be Canada’s most awarded Internet service provider. With 8 Gbps, we’re continuing to push the boundaries of what’s possible.

With Bell Pure Fibre 8 Gbps, customers will experience next-level connectivity that is sure to transform the way they work, stream, game and connect. New and existing customers can upgrade to Canada’s fastest home Internet today by calling Bell or visiting Bell.ca.

So it’s now official. 8 Gbps fibre is back for those who feel they need that sort of speed. Will you be upgrading to 8 Gbps fibre? If you are, please leave a comment and tell us why.

1 Comment »

Darktrace Releases Report On Security Professional’s View On AI Threats

Posted in Commentary with tags on March 4, 2025 by itnerd

Darktrace today released the findings of its second annual 2025 State of AI Cybersecurity report, which includes insights from over 1500 global security professionals on their attitudes and understanding of AI’s evolving role in cybersecurity.   

The report includes new data points that reinforce a few key trends:  

  • A majority of Canadian CISOs are feeling the impact of AI-powered threats. The offensive use of AI is now very real for CISOs with these tools helping attackers increase the speed, scale and sophistication of attacks. 
  • Canadian security professionals feel slightly more prepared for AI threats since last year but still cite challenges around lack of personnel as a key inhibitor to defending against these threats.  
  • There is a growing gap between confidence in AI tools and understanding AI tools. Nearly all Canadian security professionals are confident in the impact AI can have on cyber defense, but few report a strong understanding of the AI technology used today.  

The report is linked here.

Leave a comment »

SIOS High Availability Software Now Validated for Cimcor’s CimTrak Integrity Suite

Posted in Commentary with tags on March 4, 2025 by itnerd

 SIOS Technology Corp., a leading provider of application high availability (HA) and disaster recovery (DR) solutions, today announced that SIOS LifeKeeper and SIOS DataKeeper clustering software have been validated for use with Cimcor’s cybersecurity solution, the CimTrak Integrity Suite. This collaboration allows Cimcor customers to seamlessly integrate high availability and disaster recovery into their CimTrak environments, ensuring continuous protection against cyber threats and minimizing downtime in critical cybersecurity operations.

SIOS LifeKeeper is a high availability solution that ensures critical applications are always available, automatically detecting failures and initiating failover to standby systems to maintain uninterrupted service. SIOS DataKeeper offers synchronous data replication, ensuring that data is consistently mirrored across multiple servers for fast recovery in case of server failure. Together, these solutions provide comprehensive protection for business-critical applications like CimTrak, helping organizations minimize the risk of downtime and data loss while maintaining secure, highly available systems.

CimTrak is the industry’s leading System Integrity Assurance platform that provides real-time monitoring and protection of critical IT assets – from servers and networks to cloud configurations, containers, databases, and industrial control systems. Its patented real-time detection technology lets CimTrak instantly detect and remediate unwanted and unexpected changes across your infrastructure while maintaining system integrity. The platform helps organizations strengthen their security posture, maintain continuous compliance, and protect against external and internal threats through automated workflows and comprehensive change management.

Leave a comment »

Balancing Innovation and Sustainability: AI’s Environmental Dilemma

Posted in Commentary with tags on March 4, 2025 by itnerd

The vpnMentor team has a new report out that explores the environmental impact of AI, while also shedding light on how it can be used to benefit the environment so we can better understand how to innovate responsibly and create a sustainable future for all.

Key findings at a glance:

  • A 2024 study published in Nature Computational Science found that generative AI’s e-waste could reach 2.5 tons per year by 2030 if no waste-reduction measures are implemented.
  • Researchers at UC Riverside found that by 2027, the global demand for water from AI-related activities could reach up to 6.6 billion m3 — roughly equivalent to the yearly water consumption of half of the United Kingdom. 
  • Apple’s electricity usage increased by 35% from 2020 to 2023, reaching 3,487,000 MWh. Similarly, water usage at corporate facilities rose from 4,872,474 m3 in 2020 to 6,094,513 m3 in 2023, correlating with the cooling needs of AI activities and expanded infrastructure. 
  • The most polluting servers are located in Mumbai, India, emitting 36.80 kg of CO2. The next most polluting servers are located in Sydney (32.08 kg of CO2) and Hong Kong (28.02 of CO2).

As we navigate the complexities of AI’s environmental impact, it becomes clear that innovation must go hand in hand with sustainability. While AI holds the promise of solving pressing global challenges, its development and operation can lead to significant carbon emissions and electronic waste.
You can access the report here: https://www.vpnmentor.com/blog/environmental-impact-of-ai-research/

Leave a comment »

« Older Entries
Newer Entries »