Appdome Stops AI-Deep Fakes at the Mobile Doorstep

Posted in Commentary with tags on February 18, 2025 by itnerd

Appdome, the leader in protecting mobile businesses, today announced it is extending its Account Takeover Protection suite with 30 new dynamic defense plugins for Deep Fake Detection in Android & iOS apps. The new plugins are designed to guarantee the integrity of Apple Face ID, Google Face Recognition and 3rd party face and voice recognition services against AI-generated and other deepfake attacks. Like all Appdome defenses, each of the 30 new dynamic defense plugins for Deep Fake Detection is available by choice using the Appdome platform without the need to integrate code, perform manual coding, implement SDKs, or deploy servers.

The mobile economy trusts Face ID and facial recognition for authentication, Know Your Customer (KYC) compliance, and to combat on-device fraud (ODF). Mobile brands rely on facial recognition, including liveness checks, to build and maintain trust with their users. These brands tell users that facial recognition will ensure that only the authorized account holder can access their apps, accounts, and services. However, the number and sophistication of attacks targeting every aspect of facial recognition and biometric authentication have exploded in the last nine months, driven by the rise of AI-generated deepfakes, virtual cameras, image substitution, buffer attacks, voice cloning and other methods. Deepfake attacks easily generate hyper-realistic, adversarial, replications or manipulations that fool facial and voice verification systems. Sometimes attackers use virtual cameras to inject pre-recorded or live video streams into the facial recognition process. Other times, image buffer attacks manipulate face data processing in real time to bypass liveness detection processes. The speed of evolution, ease of use, and ubiquity of deepfake attacks make deepfake detection one of the top anti-fraud and anti-ATO objectives for brands and enterprises in 2025.

Despite the growing sophistication of Face ID and facial recognition services for mobile applications, Face ID bypass techniques, which manipulate biometric authentication processes, use virtual cameras and use AI-generated synthetic images or streams to mimic legitimate users, have started to outpace biometric authentication methods. Additionally, malicious actors are developing tools and techniques to exploit vulnerabilities in device hardware, face recognition software and face recognition APIs to compromise the integrity of biometric authentication. These challenges highlight the need for enhanced security measures around the biometric authentication workflows, to safeguard Face ID and facial recognition against deepfake attacks. 

Appdome’s Deep Fake Detection plugins sit on top of OS-native or third-party Face ID, facial recognition and voice recognition methods, including face verification SDKs. This approach ensures that any facial recognition process is secure from deepfake attacks and provides enhanced integrity and security for authentication workflows, regardless of the provider. Specific attack vectors that Appdome’s Deep Fake Detection protects against include:

  • Face ID Bypass: Detects attempts to bypass Native Android and iOS biometric, facial recognition authentication systems on mobile devices, including FaceID and Biometric API calls, hardware abstraction layers and more.
  • Deep Fake Apps: Detects deepfake and face swap apps that can be used to spoof facial recognition services used by Android and iOS applications, including in combination with virtual camera and video injection tools.
  • Deepfake Video Detection: Detects synthetic identity attacks, video injection, frame and image buffer attacks, Direct Memory Access (DMA) attacks, monitors face embeddings and more.
  • Appdome Liveness Detection: Applies primary or secondary liveness check to ensure a real face is used during the facial recognition process, applying AI models to verify 3D depth, skin texture, lighting, eye reflectiveness, the strength of liveness image, and more.
  • Voice Cloning:  Detects synthetic voice spoofing and voice cloning apps when in use with the protected application, perfect for applications that rely on “my voice is my password” authentication workflows.

Brands and businesses can expect each Appdome defense to detect the Deep Fake attack as well as its variants. Appdome dynamic defense plugins use real-time behavioral analysis to detect the behaviors and methods that the multitude of FaceID bypass and AI-based Deep Fake and Voice Cloning Tools use to exploit authentication checks in Android & iOS apps. As a learning system, it constantly evolves to ensure continuous defense against Deep Fakes and related threats.

Like all Appdome mobile app defenses, the new deep Fake Detection plugins combine the power of choice-driven defense in depth, and no-code, no SDK delivery with innovative on-device detection, defense, and intelligence options to satisfy any implementation objective. All Android & iOS Deep Fake Detection Plugins are available with Appdome’s Threat-Events™ Intelligence and Control Framework and ThreatScope™ Mobile XDR service. Threat-Events allows mobile brands and facial recognition SDK and API providers to gather data on each attack and use the data to control the application or user experience when deepfake attacks happen. Mobile brands and facial recognition SDK and API providers can use Threat-Events to gather deeper threat intelligence and create unique workflows and user messages leveraging the power of their brand voice when threats are present. Mobile brands can track and monitor Deepfake attacks via Appdome’s ThreatScope™, either before or after the deployment of the anti-Deep Fake features.

For more information about Appdome’s Deep Fake Detection, click here.

Leave a comment »

Now Book It Expands Global Reach to Power Bookings for Restaurants in Canada

Posted in Commentary with tags on February 17, 2025 by itnerd

Australia and New Zealand’s top rated hospitality reservation solution, Now Book It, together with Canadian parent company, Montreal-based Valsoft Corporation, are thrilled to announce Now Book It’s official launch in Canada today. This milestone reflects their shared commitment to be the global leader in trusted hospitality solutions, empowering venues all over the world to increase operational efficiency and boost profitability.

The Demand for Better Booking Solutions

As consumer preferences shift toward convenience and excellent guest experiences, seamless reservation solutions have become an essential tool for the modern restaurant industry.

With more than 100,000 foodservice locations across Canada generating $112 billion in annual sales, Canadians make 23 million visits to restaurants every day (Source: Restaurants Canada). This crystallizes the clear demand for reservation solutions that can support customers not only to optimize operations but to scale their venues sustainably.

The increasing need to manage high booking volumes as well as adapt with additional revenue streams such as gift cards, events and experiences is a hallmark of a growing restaurant business such as those in Montreal.

Serving Up Industry Experience & Innovation 

Founded and run by a team with years of experience in hospitality, Now Book It is focused on its mission to help customers control, grow and manage their business profitably. The company builds its suite of solutions based on pain points that restaurants owners, managers and staff face, resulting in features that teams truly need and use on a daily basis.

The software is anchored by its leading online restaurant reservation system, replete with bookings, table management, floor plans, waitlisting, and gift card features. It also comes packed with powerful integrations for events, marketing and payments, allowing restaurants to manage everything they need in one place.

In its most recent innovation, the company introduced its first to market, proprietary AI phone agent. Sadie™ works 24/7, assuming the vital role of a staff member who handles every restaurant call. Even better, the AI assistant works exclusively with Now Book It’s reservation system to automatically integrate phone bookings to the diary, helping businesses save time and focus on delivering better guest experiences.

Empowering Restaurants with Customer Data

A key value that Now Book It brings to the booking system landscape in Canada is its integral commitment to keep guest database with restaurants. This unique proposition allows businesses to gain a competitive edge as any value they generate with diner data belongs exclusively to them.

By always putting the needs of customers first, Now Book It will continue innovating on its restaurant tech ecosystem to provide world class solutions that can take hospitality businesses in Canada to the next level.

Leave a comment »

Review: EnGenius ECW516L WiFi 7 Access Point

Posted in Products with tags on February 17, 2025 by itnerd

The planet has really started to embrace WiFi 7. And companies are trying to get products out there that fill that need. EnGenius is no different as they have released the ECW516L which rolls up with the following WiFi specs:

  • 6 GHz: 3×3 BE with up to 8,700 Mbps (20/40/80/160/320MHz)
  • 5 GHz: 3×3 BE with up to 4,300 Mbps (20/40/80/160MHz)
  • 2.4 Ghz: 2×2 BE with up to 700 Mbps (20/40MHz)

In terms of looks, it doesn’t look any different than any other EnGenius WiFi access point that I have reviewed. Though I will note that it does seem to be a bit thinner than I am used to.

Being a PoE product, there’s no power adapter in the box. And the Ethernet port that is included is a 2.5GB PoE+ port. That’s way less than the speed on the WiFi side of things which makes the inclusion of a port that runs at this speed a bit of a head scratcher. I would argue that this access point is a lower priced alternative to some other access points that are way more expensive than this. And if you really need lots of speed from your backbone to the access point to the client, EnGenius has the EnGenius Wifi 7 2x2x2 ECW526 Access Point for you to buy instead as that has a 10GB PoE+ port. And that’s a bit faster as well on the WiFi side of things.

As is typical for EnGenius products, it’s trivially easy to set up and manage via the web based portal or via their app which is on Android and iOS. And neither option requires a subscription. But let’s get to the speed testing as that is the only thing that really matters. In my case, I don’t have a WiFi 7 device handy to do some tests, but I do have an M2 Pro Mac mini that has WiFi 6E which support the 6GHz band and I got the following results:

  • 1 Meter from the access point: 1.01 Gbps per second
  • 5 Meters from the access point: 912 Mbps per second
  • 10 Meters from the access point: 763 Mbps per second

In short, this access point with the Mac mini is still capable of maxing out my 1 Gbps symmetrical Internet connection under the right conditions. Thus I would recommend this access point to “prosumer” home users or a small business given what I am seeing here. And the price that EnGenius is selling it for reinforces that. You can get it directly from them for $199 USD. If you’re building out your home network or you’re a small business that wants to have WiFi 7 at a lower price, this access point is totally worth your time to look at.

Leave a comment »

You Can’t Stop SIM Swap Attacks… But There Are Mitigation Strategies That You Can Employ

Posted in Commentary with tags on February 16, 2025 by itnerd

Recently a friend of my wife’s was doomscrolling on her phone and suddenly her phone went into SOS mode. Meaning it had no service. Confused by this she hopped into her car and drove to her local Bell store. The Bell employees had a look and determined that something weird was going on. Specifically her phone number was linked onto a Bell account that had the numbers of 20 other people on it. The Bell employee then went into action to get “the fraud department” involved. But while that was going on, someone was trying to use her credit card to buy some high value items. As in $14,000 worth of items. She would later find out about this when the Bell employee told her to phone her bank to see if her credit cards and bank accounts okay. When she made that call, that’s when she got that bad news. He bank told her that what likely happened was that before the purchase went through, Visa who was the credit card company in question would have sent her phone a two factor authentication code to authorize the purchase. Fortunately for her, her bank seeing clear evidence of fraud reversed the charges. But she had to be issued brand new credit cards and a new bank account to boot.

Welcome to the modern reality of the SIM swap attack.

So let’s go down the rabbit hole of what a SIM swap attack is and why it is one of the most common ways that people get hacked, if you want to call it that. SIM stands for Subscriber Identity Module. That’s telco speak for the chip that goes inside your phone to allow you to get cell phone service. Your cell phone number is associated with that SIM and what the threat actor is going to try and do is to either trick a telco employee into moving your number to a SIM that they control, or have an accomplice inside the telco who will help them move your number to a SIM that they control. This is an example of the latter. And this is an example of a Freedom Mobile customer who fell victim to the former.

And before those of you who might have an eSIM which is an electronic SIM that is sent over the air, or via a QR code, or via an app to a special chip inside your cell phone says that you can’t get pwned in this manner. You can absolutely be pwned in this manner. eSIM’s are simply non-physical SIM’s. The attack method is still the same.

These attacks are either highly targeted, or opportunistic. The former involves the threat actor learning a whole lot about you to not only to figure out if you are a target worth their time, but to know how to quickly take over the accounts that they are interested in. In terms of the latter, I have begun to hear of situations where a target is sent a text message that purports to be a telco, and the victim is sent to a phishing website that gathers enough information about the victim to allow the attack to proceed. Here’s an example of another Freedom Mobile customer who fell for this.

So in short, a SIM swap attack is a means for a threat actor to take control of your number to get access to two factor authentication codes that allow the threat actor to take control of anything from social media accounts, to bank accounts, to crypto wallets. That’s because two factor authentication codes are often sent by text message. And since the threat actor is unlikely to get direct access to your phone, taking over your SIM is the next best option.

The question is, what can you do to protect yourself? Sadly, there’s very little that you can do to stop this from happening. The reality is that telcos need to come up with far better security to stop SIM swap attacks from being executed. The fact that insiders who work for a telco can help to execute a SIM swap, or someone can simply walk into a telco store and execute a SIM swap with enough information about you along with fake ID in most if not all cases reflects poorly on telcos and their ability to protect their customers. Now I’ve highlighted Bell and Freedom Mobile in this story. But all telcos need to step up their game here because they are all not doing enough to stop SIM swaps from happening.

Having said that, you can mitigate the dangers that SIM swaps pose. Instead of using text message based two factor authentication, you can use an app-based authentication program, like Google Authenticator. For another level of security, you can choose to purchase a physical authenticator token, like the YubiKey or Google Titan Key. All of this assumes that the online accounts support these options of course. But by doing any or all of these means that if a SIM swap happens, the threat actors get nothing.

You should also check to see if your online accounts directly support sending authentication codes via an app on your phone. For example my bank allows me to send two factor authentication codes via their app and not via text message. That makes accessing my bank account way more secure because again, a threat actor gets nothing if a SIM swap happens.

Finally, if your telco has the option to add a PIN or personal identification number to your account, do it. And pick one that isn’t associated with anything like a phone number or a license plate number for example. And if possible see if your telco has the option to set your PIN yourself. That way a rogue telco employee can’t use it against you.

So what happens if you are a victim of a SIM swap? As in you notice that your phone is in SOS mode meaning that it has no service. Time is of the essence if you are a victim. This is what you need to do in order:

  • First, call your bank and credit card companies and request a freeze on your accounts. This will prevent the attacker from using your funds for fraudulent purchases.
  • Try to “get ahead” of the attackers by moving as many accounts as possible to a new, un-tainted email account. Unlink your old phone number, and use strong (and completely new) passwords. For any accounts you’re unable to get to in time, contact customer service.
  • Call the police and file a report. This is a crime and it needs to be reported without fail.
  • Contact credit bureaus and request a freeze on your credit. Or at least credit monitoring.
  • Contact the telco in question, preferably in person and get them to not only reverse the swap, but to investigate how it happened. Though from what I have heard, telcos often don’t want to properly investigate SIM swap incidents. And if they do, they tend not to want to talk about it.

Finally, I should also note that some homeowner’s insurance policies include protection for identity theft. But that only means something if you’ve filed a police report. So you should look into that.

As I mentioned earlier, all telcos need to step up here and make these sorts of attacks less viable. But until telcos take meaningful action on SIM swap attacks, you need to take action to protect yourself from being a victim.

1 Comment »

So, Am I An ASUS Fanboy Again?

Posted in Commentary with tags on February 15, 2025 by itnerd

I’ve got a couple of emails from people who wonder if I am on Team ASUS again so to speak given that I gave a positive review of the RT-BE86U router and I now use it as the main router in my network with good results. Well, here’s the short answer. No, I have not become an ASUS fanboy again.

The long answer goes something like this.

First of all, the RT-BE86U is a very good router. With this router, ASUS has a router that does WiFi 7, and delivers excellent performance at a half decent price. By performance, I mean that it handles PPPoE traffic better than most routers that I have tested lately, and a WiFi 6E client based on my testing can mostly take full advantage of the bandwidth on offer. From that perspective, this router is a winner.

Now is it perfect? No, the price in my opinion could be a bit lower as most of its competition with a similar feature set (which to be clear is dual band WiFi 7) is priced lower. But the flip side of that argument is that it comes with a lot more in the box so to speak as opposed to the competition in question. AI Protection and parental controls which are subscription free. So while ASUS could make an argument that its price is justified, people don’t go into the weeds when they walk into Best Buy to buy a router. Thus a price drop to bring it in line with its competition would be something that I would advise.

Here’s why I haven’t jumped onto the ASUS bandwagon. While the hardware is solid, I question whether ASUS has improved their ability to support customers. For example I had this experience when I needed assistance with my ZenWiFi XT8 mesh router. At the time, I said this:

Now I would like to comment on the tech support that ASUS provides. It’s horrifically bad. I spent over two weeks with them running around in circles trying to help them understand what my problem was, which was that this router performs poorly via a PPPoE bypass setup, but performs just fine in the setup that I describe above. Then I ended up sending them endless sets of logs and exchanging endless emails with them to see if they could debug what was going on. The case ended up going to the “next level of support” (their words not mine) at ASUS. And the best that they could come up with is that I had a bad cable between the HH4000 and the XT8. Which is illogical as the PPPoE bypass setup created the slow upstream issue, and a DHCP setup like the one that I had outlined above does not create this issue. Which following that logic chain eliminates the cable as a possibility for the slow upstream issue, and points to a problem with the XT8 router. An organization the size of ASUS should have tech support people who can follow that logic and come to that conclusion. But clearly they don’t and out of frustration, I asked them to close the case. 

What is worse is that all this troubleshooting was done via email which is the absolute worst way to provide tech support. Especially with complex issues like this. Getting onto a Zoom session or a phone call would have likely resulted in some sort of positive progress, and maybe even a solution. But they didn’t go that route and the net result of this rather negative experience is that it drove me to look at other options that avoided the use of PPPoE to get better performance from the XT8. It also made me decide that I won’t be recommending ASUS gear to my home and prosumer clients anymore. And chances are, my next router at home won’t be an ASUS product. While ASUS has great hardware, their support doesn’t meet the mark. Having competent tech support adds to the value of the gear that a vendor like ASUS makes. Or in this case, not having competent support detracts from the value of the gear that ASUS makes. So if the people at ASUS are reading this, they might want to look at this negative situation and make changes internally to make sure that they’re not on the wrong side of a public post like this as this sort of #Fail reflects poorly on ASUS as a brand. And will likely affect their future sales.

So while the RT-BE86U has become my “next router”, I have not recommended ASUS gear to my clients since that post. And that’s due to not only my experience with them, but also its due to browsing around places like Reddit where it becomes clear very quickly that the the quality of their support has not changed for the better. Add to that the accusations by YouTubers like Gamers Nexus among others who highlighted how “shady” ASUS has been when it comes to warranty issues. Now I have no direct experience with that, but again, plenty of people on Reddit do. And I am still finding examples of people who have had issues with ASUS on this front.

That’s honestly not a good place to be if you are ASUS.

So where does that leave me? Well, for starters the setup that I have with the RT-BE86U being my router with the XT8’s being purely WiFi access points is in my mind a stopgap while I continue to do research on what gear that I need to replace it. I have narrowed things down to a couple of brands and I need to confirm that those brands will have gear that will work for me while being secure at the same time. And not to mention provide competent technical support and warranty support as well. Now ASUS corporate (not a PR firm, but the folks directly from ASUS) are free to reach out to me and convince me why I should believe that the issues that I have highlighted here are no longer issues. Because I am always willing to re-evaluate my position on an issue if empirical evidence is presented to support a given argument. But in the here and now, while ASUS does seem to have some well performing hardware, there’s no evidence that their technical support and warranty support have changed for the better. And until that does, if it ever does, I’m not going to be an ASUS fanboy.

Leave a comment »

IT-ISAC offers 2025 predictions based on 2024 observations

Posted in Commentary with tags on February 14, 2025 by itnerd

According to a recent report, Exploring the Depths: Analysis of the 2024 Ransomware Landscape and Insights for 2025 published by the IT-ISAC, the organization tracked approximately 3,500 ransomware incidents in 2024, up from 3,000 in 2023, with the top three critical infrastructure sectors impacted being critical manufacturing (733 attacks/20%), commercial facilities (614 attacks/17%) , and healthcare (332/9%) in 2024.

“As cybercriminals continue to evolve their methods, it is crucial for organizations to adopt a proactive, multi-layered defense strategy to keep their systems secure.

“These groups are leveraging advanced tactics and exploiting unknown vulnerabilities to maximize their impact,” said Scott Algeier, Executive Director of the IT-ISAC.

Based on current data and new threat actor TTPs observed by researchers, the IT-ISAC expects several key developments in 2025:

1.    Continued Rise in Critical Sector Targeting

“As long as there is a high likelihood of the bad actors making money and a low likelihood of them getting caught, the attacks will certainly continue.”

2.    Increased Use of Zero-Day Exploits

3.    Continued Movement to Double Extortion and Data Theft

“Double extortion is particularly effective against industries handling sensitive data, such as Healthcare and Financial Services, where organizations face relentless pressure to maintain confidentiality and comply with HIPAA and GDPR regulations.” 

4.    AI-Powered Ransomware Evolution

“IT-ISAC warns of a recently identified FunkSec ransomware group that has built its ransomware using AI tools, which helps it evade security tools. The malware is capable of self-modifying its behavioral patterns and can change tactics in real-time by analyzing the target’s security posture. Despite only emerging at the end of 2024, 54 companies were attacked.”

5.    Increasing Geographic Spread

“Countries with expanding digital infrastructures could face an increase in threats as they adopt new technologies.”

6.    Continued Ransomware-as-a-Service (RaaS) Model Growth

“[…] particularly targeting organizations with less robust security measures, such as small and medium-sized.”

7.    Enhanced Data Exfiltration Techniques

8.    Supply Chain Attacks Become More Common

Jawahar Sivasankaran, President, Cyware:

  “As threats evolve and attackers grow more sophisticated, timely and actionable cyber threat intelligence plays an increasingly important role in protecting organizations against leaks.

  “Research shows that 72% of security professionals struggle with prioritizing vulnerabilities, delaying remediation efforts, and 17% of IT assets are invisible to vulnerability scans, leaving them exposed.

  “Although competing organizations may be reluctant to work with each other, when it comes to cybersecurity, we really are stronger together. Taking part in collective defense efforts – such as by joining sector-specific Information Sharing and Analysis Centers (ISACs) and operational collaboration frameworks that leverage public-private partnerships – grants organizations greater visibility into exploitable vulns and threats the business faces, allowing for more efficient and effective threat intelligence management and proactive response.”

CIO’s and others should read this report as it will help them to focus on what they need to do to secure their environments. And they should also consider playing nice with others so to speak as that will help us all to be safer.

Leave a comment »

Zachs Investment Research leaks 12 million unsalted passwords, user names & more 

Posted in Commentary with tags on February 14, 2025 by itnerd

Zacks Investment Research (Zacks), stock performance assessment tool provider, had a leaked database added to Have I Been Pwned on Wednesday of this week that included 12 million unique records. HIBP confirmed that the file included 12 million unique:

  • Email addresses
  • IP addresses
  • Names
  • Passwords in the form of unsalted SHA-256 hashes
  • Phone numbers
  • Physical addresses
  • Usernames

Scammers and other threat actors will have “fun” with all that data…. At your expense if you’re on this list.

Lawrence Pingree, VP, Dispersive had this to say:

   “When leaks occur, it allows investigators to determine more quickly where they need to look to investigate. E.g. They normally know at least in theory where the data came from. The important thing is to have zero trust connectivity between systems, isolating them from lateral movements from compromised systems, limiting the blast radius of the breach. In this case, it is most likely an application layer attack or SQL injection into the application that resulted in the database exposure, but I am speculating based on the scenario.”

Jawahar Sivasankaran, President, Cyware follows with this:

   “Research shows that 72% of security professionals struggle with prioritizing vulnerabilities, delaying remediation efforts, and 17% of IT assets are invisible to vulnerability scans, leaving them exposed.

   “When it comes to cybersecurity, competing financial services organizations are better protected and more resilient when they work together. Joining sector-specific Information Sharing and Analysis Centers (ISACs) such as the Financial Services ISAC ( FS-ISAC) and operational collaboration frameworks that leverage public-private partnerships – gives financial services organizations new visibility into exploited vulns, threats the sector faces, data protection best practices, issues on emerging risks such as generative AI, and more efficient and effective threat intelligence management and proactive response strategies.”

Hopefully the 12 million people on this list have credit monitoring services in place. Because they’re going to need it.

Leave a comment »

Guest Post: Microsoft, SUSE, & DH2i: A Comprehensive Dream Team for HA SQL Server in the Cloud

Posted in Commentary with tags on February 14, 2025 by itnerd

By Josh Achtemeier

Our collaborations with technology partners over the years have been critical in engineering the most flexible and impactful software solutions for our customers. 

DH2i has worked in different capacities with Microsoft for years. We’ve maintained a collaborative, mutually-beneficial relationship that has fostered some massive advances in SQL Server high availability technology, especially in the Linux space. E.g. DH2i’s groundbreaking SQL Server Operator for Kubernetes has become Microsoft’s officially recommended SQL Server Operator, even receiving dedicated documentation articles within their SQL Server resource library. 

Over the last couple years, we have started working closely with the fantastic team over at SUSE as well—pioneering some powerful new solutions to facilitate SQL Server modernization with unparalleled ease. E.g. Take a look at this demo video featuring DxOperator and Rancher Prime to facilitate the easiest possible approach to a SQL Server Kubernetes deployment in AKS.  

From robust, certified platforms to meticulously developed Kubernetes orchestration and security technologies, SUSE provides perfectly complementary capabilities to enhance our existing solution stories with Microsoft. The functional possibilities and applications of our combined solution portfolios are wide-ranging, but this blog will focus on the ability of our three companies to unlock easy deployment of highly available SQL Server in the cloud with Microsoft Azure, SUSE Linux Enterprise Server (SLES), and DxEnterprise. 

A Full Suite of Services and Security for Cloud Databases 

Microsoft Azure: Azure is Microsoft’s public cloud platform, which provides a wide range of services, including computing, storage, networking, and database management. Azure supports various operating systems, including SUSE Linux Enterprise Server (SLES). 

SUSE Linux Enterprise Server: SUSE is an open-source software company that offers a range of products, including the SLES operating system. SLES is a popular choice for enterprise environments due to its stability, security, and scalability. 

DxEnterprise: DxEnterprise is Smart High Availability Clustering software developed by DH2i, which provides an easy-to-mange, flexible, secure, and highly available clustering framework for managing SQL Server databases on Windows, Linux, and Kubernetes.  

When used together, Azure, SLES, and DxEnterprise can provide a robust solution for deploying and managing highly available databases in the cloud. Here’s how they work together: 

  1. Azure as the cloud platform: Azure provides the underlying infrastructure for deploying and running SLES virtual machines (VMs) or containers. 
  2. SUSE Linux Enterprise Server: SLES is installed on Azure VMs or used as a container runtime, providing a stable and secure operating system environment for running databases. 
  3. DxEnterprise: DxEnterprise is deployed on top of SLES, providing a high availability framework that can manage multiple database instances across the Azure (and any mix of) infrastructure. 

The benefits of using Azure, SUSE, and DxEnterprise together include: 

  1. Scalability: Azure provides a scalable cloud infrastructure that can be effortlessly integrated with the DxEnterprise HA management framework, regardless of region or Availability Zone. 
  2. High availability: DxEnterprise ensures high availability of databases by providing real-time monitoring, load balancing, and automatic failover (for instances AND containers) to ensure that workloads are always running in their respective best execution venues. 
  3. Security: SLES provides a secure operating system environment, while DxEnterprise offers the additional capability of encrypted, app-level zero trust network access connections across any mix of clouds and infrastructure. 
  4. Simplified management: DxEnterprise simplifies high availability management by providing a unified platform for managing multiple database instances across Azure and any mix of infrastructure or platforms. 

Use Cases for the Azure, SLES, & DxEnterprise Solution Stack 

Some possible use cases for using Azure, SUSE, and DxEnterprise together include: 

  1. Database consolidation: Consolidate multiple databases into a single DxEnterprise high availability cluster running on SLES in Azure.
  2. Easy Multi-Site DR in the Cloud: If organizations need the real-time replication provided by Always-On Availability Groups (AGs), DxEnterprise can be used to easily stretch the AG across multiple Azure regions or availability zones, ensuring high availability and disaster recovery capabilities between sites.
  3. Cloud migration: Migrate on-premises databases to Azure using DxEnterprise and SLES, taking advantage of proprietary tools like DxEnterprise’s SQL Server Operator for Kubernetes.

For organizations looking to deploy highly available SQL Server in the cloud, it’s impossible to outdo the benefits provided by Azure cloud infrastructure and its tight, out-of-the-box integration with SQL Server. Microsoft and SUSE’s longstanding partnership has culminated in an incredibly stable and secure operating system environment with SUSE Linux Enterprise Server. And SLES provides a cost-effective platform that is inherently optimized for SQL Server workloads. Lastly, DxEnterprise delivers the perfect high availability solution to manage all your workloads across Azure—instances or containers—and easily unifies mixed infrastructure and multi-site deployments for disaster recovery. 

Together, Azure, SLES, and DxEnterprise provide the go-to solution stack for deploying and managing SQL Server databases in the cloud. Their close integration and robust management capabilities stand head and shoulders above the competition in terms of scalability, high availability, and security.

Check out other resources detailing Microsoft, SUSE, and DH2i’s continued collaborations below:

Leave a comment »

CISA issues Medical Advisory on Qardio Heart Health app

Posted in Commentary with tags on February 14, 2025 by itnerd

The CISA has just issued an ICS Medical Advisory alert on the Qardio Heart Health app for vulnerabilities that may result in exposure of private personal information to a cyber attacker, and that successful exploitation of these vulnerabilities could allow an attacker to obtain sensitive information, cause a denial-of-service condition, or other implications. All of which are bad.

George McGregor, VP, Approov had this to say:

   “This recent vulnerability shows once more that mobile apps are the weakest link in the healthcare ecosystem and that it’s not just consumer access to PHI that is the issue.

   “Medical practitioner apps are increasingly used from personal devices, outside the security provided by campus networks. In addition, mobile apps have become a key means of access and control for every new medical device.

   “This is why the upcoming HIPAA Security Rule (https://www.regulations.gov/document/HHS-OCR-2024-0020-0001) must be updated to explicitly target known mobile app attack surfaces and eliminate the risks to US Healthcare posed by the proliferation of Healthcare apps.”

Given how much we all have become reliant on apps to manage our health in some way, this is not good news. But at least there is some good news coming in the form of the HIPAA rule that is inbound. Hopefully that will make something like this an edge case.

Leave a comment »

Guest Post: The Privacy Trade-Off: Balancing Security and Convenience in Smart Homes

Posted in Commentary on February 14, 2025 by itnerd

Provided by Geonode

Smart homes are all the rage. Thermostats, cameras, voice assistants—they promise ease and security. But there’s a catch: privacy and security risks. Let’s break it down.

Convenience at a Price

Imagine controlling your lights or thermostat with a tap on your phone or a voice command. Sounds great, right? Devices like Amazon Alexa and Google Home make life smoother and more efficient. But these gadgets need data to function, and that data includes your daily routines and private conversations.

The Hidden Cost of Data

All this convenience comes at a cost. Your smart devices collect heaps of data, often stored in the cloud. This means you’re losing control over who sees your info. Companies might share it with third parties, sell it to advertisers, or even hand it over to the government. Not so smart, huh?

Security Vulnerabilities

And let’s talk about hacking. Many smart home devices aren’t as secure as you’d think. Weak passwords, outdated software, and insecure APIs are open doors for hackers. Think your home security system is impenetrable? High-profile breaches in devices like Ring and Nest suggest otherwise.

Legal Landscape

Lawmakers are catching on. The American Data Privacy and Protection Act (ADPPA) aims to give you rights to your data. You can access, correct, and delete it. Companies must limit data collection to what’s “reasonably necessary.” Sounds good, but enforcing these rules is another ballgame.

How to Protect Yourself

So, what can you do? Be smart about your smart home.

  1. Strong Passwords: Use unique, strong passwords for each device.
  2. Update Regularly: Keep your device firmware up to date.
  3. Know Your Rights: Familiarize yourself with privacy laws like the ADPPA.

Real-World Incidents

Data misuse in smart homes is real. From unauthorized data collection to hacking, your private moments could end up exposed. High-profile cases have shown how easily these devices can be compromised, underscoring the need for robust security measures.

Industry Responsibility

Manufacturers also have a role to play. They need to implement strong security protocols and be transparent about data usage. Compliance with standards like the Matter interoperability and security standard can help build trust and protect user data.

Consumer Awareness

Consumers must stay informed. Understand what data your devices collect and take steps to safeguard it. Use strong passwords, update regularly, and know your rights.

Josh Gordon, a technology infrastructure expert at Geonode, emphasizes the importance of robust privacy measures: “The key to balancing convenience and security lies in understanding the data flows and ensuring that access is secure and controlled.” Gordon’s insights align with the industry’s growing emphasis on data privacy and secure access solutions, reinforcing the critical need for consumers to stay vigilant.

By staying vigilant and informed, you can enjoy the perks of a smart home without sacrificing your privacy.

Leave a comment »

« Older Entries
Newer Entries »