Upgrading My Home Network To Fully Leverage My Fibre Internet Connection

Posted in Products with tags on January 30, 2025 by itnerd

Since I reviewed the ASUS RT-BE86U and discovered how fast it was at routing traffic to and from the Internet, it made me think that I could use it improve my connection to the Internet. You see, back when my ISP of the moment was Bell and more recently with Distributel, I’ve had issues maximizing the speed that I was getting from my Internet connection. With Bell I had to bypass their hardware using some really complicated methods to do so. And when I moved to Distributel, I suffered from the PPPoE speed limitations of the hardware that I was using, which was the ASUS ZenWiFi XT8.

I started to research how I could do this in a cost effective manner because after all, networking gear is expensive. After some research, I soon came up with a way to leverage my existing ZenWiFi XT8 gear while using the RT-BE86U at the same time. Let me lay it out graphically for you and then go down the rabbit hole in terms of my logic:

My plan was to use the RT-BE86U as a pure router. As in turn off its WiFi 7 capabilities. Because that would give me 1 Gbps downstream and upstream from the Internet which is something that I do value. Then use the existing Zen WiFi XT8’s with their routing functions turned off to deliver WiFi in my condo. Now you’re likely wondering why I would use a pair of WiFi 6 mesh routers to deliver WiFi. The fact is that the fastest device that I have in my home from a WiFi perspective is a M2 Pro Mac mini that does WiFi 6E. And while it is capable of maxing out my Internet connection on WiFi 7, only having one device that is capable of doing that doesn’t justify making the switch to WiFi 7. Also, while WiFi 6 devices would see a speed boost if I made the switch to WiFi 7, I also value stability above all else. And I knew that this setup works with everything that I own. The final point that I would like to make is that this sort of setup is what I do my business and enterprise clients all the time and is proven to work. Which is to have a fast router connect to the Internet. Then install access points wherever they are needed with an Ethernet backhaul to the router. Though I am deviating from that in my use case. While I have one XT8 connected via an Ethernet cable. That XT8 is communicating to the second XT8 via a wireless backhaul. I’m doing that because I have never been able to run Ethernet cable in the walls of my condo as they are solid concrete. Thus a wireless backhaul setup from the point where my connection to the Internet terminates to the far end of my condo is the only option that is available to me.

Another factor in my decision to go this route is that it leaves open the option of using the RT-BE86U as the base for a mesh setup in the future as it supports the Ai Mesh feature. For example if I wanted to switch to WiFi 7 in the future, I just have to buy a second ASUS WiFi access point or router and add it via a few clicks to the RT-BE86U to create a mesh network. But at the same time I also have the option of doing the WiFi 7 version of what I am about to describe which is to have a pair of mesh nodes set up as access points only. Finally, the fact that I can repurpose the networking gear that I already own to make my network better means that something that I spent a lot of money on doesn’t sit in a box unused while you try to sell it on Craigslist, or worse it ending up as eWaste is a big win for me.

The first thing that I had to do is to configure the router to connect to Distributel via PPPoE. That was easy enough as I had already figured that part out with the XT8’s. Thus I carried that configuration over to the RT-BE86U router. The one issue that I ran into is that I could not get this working on the RT-BE86U’s 10 Gbps Ethernet port when I plugged it into the Nokia ONT (Optical Networking Terminal) that was supplied by Distributel to in layman’s terms convert fibre to Ethernet. But it worked perfectly fine on the 2.5 Gbps port. I found that unusual because the Nokia ONT is at least on paper capable of doing 10 Gbps via Ethernet. I really didn’t go too far down the rabbit hole on this as I have a 1 Gbps downstream Internet connection which meant connecting the ONT to the RT-BE86U’s 2.5 Gbps port is fine. But it was clear that the Nokia ONT and the RT-BE86U couldn’t negotiate a stable 10 Gbps Ethernet connection for reasons that I could not discern. Thus it’s a good thing that the RT-BE86U gave me another option to make this work via having a separate 2.5 Gbps port. And on top of that, I now have a 10 Gbps for the LAN should I need it in the future.

Once I confirmed that I had stable Internet access, I went about locking down the router. Which means doing the following:

  • I disabled UPnP for the reasons I outlined here.
  • I also disable WPS for the reasons outlined here.
  • I never use any sort of cloud management for the router nor do I expose the admin page to the outside world as those are great ways to get pwned by hackers. 
  • I make sure that the firmware of the router is up to date. 
  • I use a third party DNS service rather than my ISP’s DNS service. At the moment, I am using Quad9 as that blocks threats at the DNS level. And my ISP doesn’t get to monitor my browsing habits and sell that data to third parties.
  • I disabled PING, Telnet, SSH, and HNAP to make sure that the router isn’t accessible or seen from the Internet.

I then penetration tested it and declared it to be secure. Or at least as secure as I can make it as nothing is ever truly secure these days.

I also turned on the Trend Micro AiProtection feature as I have found over the years that it is effective in terms of keeping my network secure with no noticeable impact to the speed of my network. Now for full disclosure, it does send data to Trend Micro, but I wrote an article as to why that’s a total non issue if that is a concern.

So with that out of the way, I moved onto reconfiguring the XT8 nodes. Prior to this project I had the XT8 nodes set up with one being the router and primary mesh WiFi node, and the other one as a secondary WiFi node connected via using the second 5 GHz band as a dedicated wireless backhaul. Meaning that this 5 GHz connection does nothing other than provide bi-directional communication between the nodes. The first task was that I had to turn off the routing functions as there was no need for these to do any routing, and turn on what’s called access point mode. Meaning that these units are simply access points. To do that, I followed these steps outlined by ASUS which are mostly clear and require you to first factory reset your router. But one thing that I would like to point out is that when you put the nodes in access point mode, the 2.5 Gbps ports on each of the XT8 nodes become uplink ports rather than being WAN only ports. That’s something that this documentation doesn’t make clear and I only found that out when I was doing some testing with this configuration. Thus I used the 2.5 Gbps port on the first XT8 to connect to one of the 2.5 Gbps ports on the RT-BE86U to make sure that I was getting the highest possible speed from the router to the first XT8 node. The other thing that I found is that even though the first XT8 unit got an IP address from the RT-BE86U, I couldn’t access it over the network to do the initial setup. Instead I had to connect to it directly via WiFi to do that. Which didn’t match what the instructions from ASUS had online. Regardless, I was able to get them set up in access point mode. And what was interesting is that both nodes automatically configured themselves. Which is another deviation from the instructions that ASUS provided. I am assuming that this is due to the fact that the XT8’s come pre paired from the factory. Now to be fair to ASUS, the instructions used a scenario that involved a different product and not the XT8. But if I could offer ASUS a piece of advice, they should consider rewriting their instructions to cover a wider variety of use cases.

Pro Tip: When you get to the part about selecting an automatic IP address or manual IP address, always choose manual and pick an IP address that you can remember and document. That way you know what IP address the unit has so that you can log in and do firmware updates or tweak something.

Once I confirmed that everything was working with the XT8 nodes with their factory configuration, I next had to enable the wireless backhaul. That required me to turn on a feature called “Smart Connect” which combines all the bands into a single network that you can see rather than having a distinct 2.4 GHz network and 5 GHz network. But at the same time it turns on the wireless backhaul feature. One I turned it on I had to let the XT8’s reboot, and then turn “Smart Connect” off again which leaves the wireless backhaul feature enabled. ASUS could have made life easier if they split out the wireless backhaul feature from “Smart Connect” as turning on an unrelated feature and then turning it off again to turn on the feature that you want is a bit “janky” as the kids say, but this was only five minutes of time spent to do this so I am not complaining.

Sidebar: The reason why I don’t run “Smart Connect” is that I find that routers that combine the bands into a single network sometimes have issues with devices connecting. By separating them out, I completely avoid that problem. But I will admit that I will have the rethink that when I eventually move to WiFi 7 as part of the reason why you get the crazy speeds that WiFi 7 offers is by having this feature turned on.

I then put in all the tweaks that I have done over the years to make everything from HomeKit devices to specific devices like my wife’s ChefSteps Joule work properly over WiFi. That was a trivial exercise as I had documented all of that up front. Which by the way is something that you should do before embarking on an exercise like this. After that, I turned off the ability for all this hardware (meaning both the XT8’s and the RT-BE86U) to automatically receive firmware updates. To be clear, I do update the firmware on all my gear as firmware updates often bring security fixes and improvements that should be rolled out a soon as possible. But I do it on my schedule so that I don’t wake up one morning to no Internet access or some other weird network issue such as this situation from a few years back.

The second to last step was to shut down WiFi on the RT-BE86U as I would have no use for it. At least not today. This document from ASUS will help you to do that. And the final step is to save the configurations of both XT8’s and the RT-BE86U. This document from ASUS will walk you through doing that. That way if I needed to swap out hardware or I needed to put something back to a known good configuration, I could do that without a problem.

I’ve been running this for a number of days, and while I have not noted any dramatic differences, I can say that there are some “marginal gains” to borrow a phrase from Dave Brailsford (backstory on “marginal gains” here). I do notice that when I do VPN sessions to clients, that those sessions are consistently more fluid. I also notice that MS Teams and Zoom meetings are also a bit more fluid and natural feeling. As for why, one possibility is that my upstream bandwidth went from this:

To this:

It is also possible that the fact that the RT-BE86U is much better than routing versus the ZenWiFi XT8 was could also be playing a role as well. Or it is both at the same time. Or perhaps it’s something else that I am not able to discern. Without going into the weeds to figure it out, it’s hard to say. But I will take any improvements that I can get, no matter how marginal. One thing that I have to say is that I am paying to have 1 Gbps downstream and 750 Mbps upstream from Distributel, and I am getting more than I am paying for by making this change which is great.

Do you have any questions about what I’ve done here? If you do, leave a comment and I will be happy to answer them as doing this was a win for me, and it might be a win for you as well.

1 Comment »

CIRA unveils new Internet Performance Test to help Canadians better understand broadband speeds

Posted in Commentary with tags on January 30, 2025 by itnerd

Today, CIRA is proud to unveil a completely redesigned version of its popular Internet Performance Test (IPT) as part of its Net Good program. First launched in 2015, CIRA’s Internet Performance Test enables Canadians to test their mobile and home broadband performance across dozens of data points while gathering comprehensive and accurate data on broadband coverage and quality nationwide. The latest version of IPT provides users with an enhanced test-results dashboard, to ensure users understand critical aspects of their internet performance including how their connection supports common online activities like streaming services or video calls.

While Canada has made great strides to bridge the digital divide in the past few years, there is still work to be done to ensure the speeds that are being promised are actually attained. The new IPT will allow Canadians to verify whether they are receiving the speeds and quality of service advertised. CIRA will then leverage Canadians’ anonymous broadband data and real-world daily experience to help municipalities, local and federal governments and consumers create a heat map of where connectivity upgrades are most urgently needed.

Key features

  • The new user interface guides participants intuitively through the testing process, improving accessibility for users of all technical backgrounds.
  • Enhanced user interface makes running a test faster and easier on smartphones, tablets and desktops.
  • Through a new, interactive dashboard, users can now explore trends and performance data from previous tests, gaining a deeper understanding of internet performance changes. These insights empower individuals, researchers and policymakers to track progress and identify gaps.
  • More accurate user location estimation improves the quality of location-specific internet performance data, which is vital in analyzing broadband access across regions or within a community or neighbourhood.

To run a test and learn more about CIRA’s Internet Performance Test, visit: https://www.cira.ca/en/net-good/internet-performance-test/


Leave a comment »

KnowBe4 Launches Threat Labs Research and Analysis Initiative to Mitigate Human-Targeted Cybersecurity Attacks

Posted in Commentary with tags on January 29, 2025 by itnerd

KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, today announced its new Threat Labs to mitigate human-targeted cybersecurity attacks. 

This initiative specializes in researching and mitigating email threats and phishing attacks, using a combination of expert analysis and crowdsourced intelligence. The cybersecurity researchers and analysts behind KnowBe4 Threat Labs discover and investigate the latest phishing techniques and develop strategies to preemptively combat these threats.

The first publication from KnowBe4 Threat Labs, Using Genuine Business Domains and Legitimate Services to Harvest Credentials, analyzes a sophisticated phishing campaign targeting multiple organizations to harvest Microsoft credentials. During this campaign, threat actors utilized a compromised domain, its subdomains, bulk email services, and open redirect vulnerability to evade detection and increase click success rates.

Research conducted by KnowBe4 Threat Labs will be published on the KnowBe4 Blog. For more information on KnowBe4, visit www.knowbe4.com.

Leave a comment »

IBM and Palo Alto Networks Find Platformization is Key to Reduce Cybersecurity Complexity

Posted in Commentary with tags , on January 29, 2025 by itnerd

New global research from the IBM Institute for Business Value (IBV) and Palo Alto Networks, found that surveyed organizations are facing security complexity challenges as they juggle an average of 83 different security solutions from 29 vendors. It also shows 7 out of 10 surveyed companies with a high degree of security platformization report their cybersecurity investments have helped business outcomes such as operational efficiencies and revenue generation.

In the study, “Capturing the cybersecurity dividend: How security platforms generate business value,” more than half (52%) of surveyed executives note fragmentation of security solutions is limiting their ability to deal with cyber threats, but 75% of organizations that have embraced security platformization agree that better integration across security, hybrid cloud, AI, and other technology platforms is crucial. The analysis suggests the trend of adding more solutions to combat evolving security threats is contributing to inefficiency – impacting both performance and the bottom line – while moving to a platformized security approach can help businesses achieve reduced response times and costs without sacrificing security efficacy.

Cybersecurity Complexity is a Daunting Reality
Increased digital interconnectedness expands attack surfaces and can create new cybersecurity vulnerabilities. Cyberattacks are becoming more sophisticated and harder to defend against, while AI is being used by both defenders and attackers, creating a race in cybersecurity capabilities.

In an evolving threat landscape, surveyed executives estimate security fragmentation and complexity costs their organizations an average of 5% of their annual revenue. For a $20 billion annual revenue company, that’s a $1 billion cost to the business in aggregate. Tally the costs of security incidents, lost productivity, failed digital transformations, stalled AI initiatives, loss of customer trust and reputational damage and the numbers add up.

Key insights from surveyed business leaders:

  • 52% of executives say complexity is the biggest impediment to their cybersecurity operations;
  • 80% agree they face pressure to reduce the cost of security, and 41% say security fragmentation has driven up procurement costs;
  • 4 out of 5 non-platform organizations say their security operations cannot effectively deal with the sheer quantity of threats and attacks;
  • 80% of platformization adopters say they have full visibility into potential vulnerabilities and threats; and,
  • For platformized organizations, mean time to identify (MTTI) and mean time to contain (MTTC) security incidents are shorter by an average of 72 and 84 days, respectively.

Enhancing Businesses with Platformization: Unleashing the Power of Digital Transformation
In today’s world, the research finds effective security requires platformization. Consolidating multiple tools into a unified platform not only bolsters security posture but enables organizations to experience nearly 4 times better return on investment (ROI) from their cybersecurity investments, leading to revenue generation and increased operational efficiencies.

When it comes to AI, a platform approach can also enable an organization to better ingest and analyze data to deliver actionable insights. With 90% of surveyed executives expecting to scale, optimize, or innovate with AI within the next two years, integrating AI into their platforms can play a critical role in advancing their security preparedness. For example, accelerating adoption of agentic AI for security and tapping platformization for fewer investment cycles; or, using platformization to create the common governance needed to deliver the AI capabilities shaping the future.

By adopting a platformization approach, businesses can align technologies, drive innovation, and prioritize security as a core business requirement. Through IBM and Palo Alto Networks’ strategic partnership, the companies are bringing together leading security platforms, AI, and transformation capabilities to help organizations confidently navigate their digital transformation journey, achieve their desired outcomes and drive substantial business value.

Tips for Platformization Success

  • Choose partners that streamline your security mission and trim those that don’t. Critically evaluate current and potential technology, services, and support partners, and make hard decisions about where to double down and when to part ways.
  • Run your playbook. Stage incident response drills to assess where a unified platform can deliver the greatest impact. Take action to improve your incident response capabilities.
  • Help your business get prepared to respond to threats by putting it to the test. Visit a cyber range to prepare business and technical teams to address the latest cyber threats through an immersive, organization-wide business-focused engagement. IBM and Palo Alto Networks now provide a joint Cyber Range experience in Cambridge, Massachusetts, where clients can leverage the facility to support continuous improvement, training, and change management as they transform their security operating models with platformization.

Additional Resources:

Study Methodology
This IBM Institute of Business Value (IBV) research, conducted in collaboration with Oxford Economics and published in partnership with Palo Alto Networks, surveyed 1,000 executives across 21 industries and 18 countries from July through September 2024. The IBM IBV team then analyzed insights and data from respondents to facilitate the creation of a “platformization index,” which measures the extent to which an organization has moved toward security platformization, then used that index to ascertain the relationship between security platformization and security and business outcomes.

The IBM IBV, IBM’s thought leadership think tank, combines global research and performance data with expertise from industry thinkers and leading academics to deliver insights that make business leaders smarter. For more world-class thought leadership, visit: www.ibm.com/ibv.

Leave a comment »

SailGP selects Ericsson as global technology supplier for the 2025 Season

Posted in Commentary with tags on January 29, 2025 by itnerd

 SailGP, the most exciting racing on water, is set to benefit from the fastest mobile connectivity possible as the SailGP F50 catamaran fleet teams up with Ericsson at iconic venues across the globe in 2025. 

Ericsson Enterprise Wireless Solutions will provide teams and personnel with seamless, high-quality 5G connectivity, improving fan experiences and race operations. Additionally, the solutions will support SailGP umpires to adjudicate on race protocol through the enhanced capabilities of 5G-enabled live camera streaming from competing F50s and insights into team locations, tactics, and strategy. 

Split-second human responses across the various teams will make the difference between victory and defeat across the SailGP fleet. To support those decisions, each team will have access to the fastest connectivity possible under some of the most challenging physical conditions. Ericsson’s solutions deliver instant real-time data and statistical feedback, despite the F50s reaching speeds up to 100 km (about 62.14 mi) per hour over open waters. 

Ericsson’s Cradlepoint edge routers – installed in the wings of each F50 – are expected to handle more than 53 billion data points across the fleet per race day, including IoT, video and critical communications from competing boats connecting to Ericsson Private 5G during each race day. It was important that 5G connectivity solutions could be deployed across a diverse landscape and connect to multiple carriers. They also required a ruggedized edge router in each F50 that could withstand rough maritime conditions. For the safety of the athletes and the boat, neither may leave the dock until the F50 and its crew are fully connected and communicating.

SailGP initially worked with Ericsson and T-Mobile to test and deploy the Ericsson Private 5G solution over T-Mobile’s 5G spectrum at U.S. events in Season 4. The solution will be installed and deployed in all F50s and rolled out globally for the 2025 season. Key outcomes include:

  • Performance Optimization: The real-time transport of extensive data between off- and on-shore teammates on boat speed, wind conditions, and other factors, allowing real-time data analysis to maximize speed and efficiency by adjusting sail settings and boat trim.
  • Enhanced Tactical Decision-Making: The immediate availability of data on race position, course layout, and wind direction enables teams to make informed tactical decisions during races, such as choosing optimal sailing angles, deciding when to tack or gybe, and strategizing for mark roundings.
  • Increased Fairness and Transparency: The real-time transportation of data directly and securely into Oracle Cloud (OCI) enables racers to share data with all teams, including boat speed, wind direction and course layout, and race position. This helps SailGP prevent any unfair advantages and promotes fair competition.
  • Enhanced Spectator Engagement: Data sharing and improved bandwidth also enhance the spectator experience by providing insights into the intricacies of sailing tactics and strategy, making races more engaging and understandable for viewers.

You can learn more about how Ericsson’s 5G solutions support SailGP here.

Leave a comment »

Wallarm Releases 2025 API ThreatStats Report Revealing that APIs are the Predominant Attack Surface

Posted in Commentary with tags on January 29, 2025 by itnerd

Wallarm, a global leader in API security, today released its 2025 API ThreatStats Report, revealing that APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks. Wallarm’s annual report bridges a critical gap between technical and strategic aspects of API security by sharing actionable insights tailored to the distinct responsibilities of CISOs and CIOs.

Wallarm’s researchers tracked 439 AI-related CVEs, a staggering 1,025% increase from the prior year. Nearly all (99%) were directly tied to APIs, including injection flaws, misconfigurations, and new memory corruption vulnerabilities stemming from AI’s reliance on high-performance binary APIs. With the exponential rise in AI adoption and exploits, Wallarm introduced a new ThreatStats Top 10 category, Memory Corruption and Overflow. This new category addresses vulnerabilities that arise from improper memory handling and access, resulting in security breaches such as unauthorized data access, crashes, and arbitrary code execution, and was driven by Wallarm’s analysis of how AI workloads interact with hardware, exposing APIs to issues like buffer overflows and integer overflows.

Additionally, more than 50% of all recorded CISA exploited vulnerabilities were API-related for the first time, a 30% increase from the year before, and this highlights the growing prevalence and criticality of API security in modern threat environments. API vulnerabilities surpass traditional exploit categories like kernel, browser, and supply chain vulnerabilities, underscoring their central role in cyberattacks.

Key insights and observations include:

  • AI as a catalyst for new vulnerabilities: In Wallarm’s survey of 200 US-based enterprise leaders on AI and API security, over 53% reported engaging in multiple AI deployments. These deployments are primarily enabled by API technology, cementing APIs as the foundation of enterprise AI adoption. However, while AI integration drives rapid API adoption across industries, it also introduces unique risks. For instance, Wallarm’s threat intelligence flagged significant vulnerabilities in AI tools like PaddlePaddle and MLflow, which underpin enterprise AI deployments. These tools were exploited at API endpoints, compromising training data, siphoning intellectual property, or injecting malicious payloads into machine learning pipelines. Additionally, APIs facilitating real-time data exchanges between AI models and applications often lack adequate security measures, making them susceptible to injection, abuse, and memory-related exploits.
  • Legacy and modern APIs both under attack: While legacy APIs such as those used in Digi Yatra and Optus incidents remain vulnerable due to outdated designs, modern RESTful APIs are equally at risk due to complex integration challenges and improper configurations. APIs now represent the largest category of exploited vulnerabilities in CISA KEV, with modern APIs representing over 33%. Exploits include improper authentication, injection attacks, and API endpoint misconfigurations, targeting enterprise-grade platforms with prominent attacks, including Invanti and Palo Alto Networks. Legacy APIs in web applications represent over 18% of exploited vulnerabilities. These vulnerabilities arise in older APIs typically used within web applications for AJAX backends, URL parameters, or direct calls to .php files. Often integrated into devices like cameras or IoT systems, these APIs lack the robust security measures of their modern counterparts, with key exploit types including URL-based injection, CSRF attacks, and outdated session handling mechanisms.
  • Growing exploitation of authentication and access control: The Twilio and Tech in Asia breaches demonstrated how attackers exploit weak authentication and access control mechanisms to gain unauthorized access. These issues are exacerbated by the decentralized nature of API management in large organizations, as API-related breaches escalate in frequency and severity. For instance, in last year’s Wallarm Annual Report based on 2023 data, API-related breaches were significant but sparse, with only a few incidents reported each quarter. In 2024, this picture changed dramatically, with an average of three monthly incidents—and, at times, as many as five to seven breaches each month. The rise of API-driven systems in sectors like healthcare, transportation, technology, and financial services has led to a surge in vulnerabilities, placing APIs squarely at the center of the cybersecurity landscape.

Underscoring the report’s central findings is that AI security is API security. As APIs drive innovation, particularly in AI-enabled systems, organizations need real-time API controls to protect their business operations, customer trust, and long-term success. Looking ahead to 2025, organizations must prioritize API security to safeguard their systems and unlock the full potential of APIs as the key driver of business transformation.

To download the report, visit https://www.wallarm.com/resources/2025-api-threatstats-tm-report.

Leave a comment »

Deepgram Accelerates Into 2025, Empowering 200,000+ Developers From Startups to Global Enterprises to Build Voice AI

Posted in Commentary with tags on January 29, 2025 by itnerd

Deepgram, the leading voice AI platform for developers building speech-to-text (STT), text-to-speech (TTS), and full speech-to-speech (STS) offerings, today announced record business growth and technical milestones achieved in the past year. Today, over 200,000 developers build with Deepgram’s voice-native foundational models, choosing Deepgram due to its unmatched accuracy, low latency, and pricing, as well as the flexibility for all voice-native AI models to be accessed through cloud APIs or self-hosted / on-premises APIs. Organizations that build on Deepgram’s infrastructure for STT, TTS, and AI Voice Agents include technology ISVs building voice products or platforms, co-sell partners working with large enterprises, and enterprises solving internal use cases. 

Looking forward to 2025, Deepgram will continue to innovate to extend its unique value proposition of offering the highest accuracy and lowest COGS at scale and highest model adaptability, and lowest latency. Through continued innovation, Deepgram expects to end 2025 as the industry’s only end-to-end speech-to-speech solution built to solve the four critical challenges of enterprise-ready voice AI:

  1. Accuracy / audio perception: Enterprise use cases require high recognition, understanding, and generation of specialized vocabulary in often challenging audio conditions. Deepgram solves this through novel, non-lossy compressions of these spaces for rapid processing paired with generation, training, and evaluation on synthetic data that precisely matches Deepgram customers’ real-world conditions.
  2. COGS at scale: Deepgram customers need to profitably build and scale voice AI solutions. Deepgram delivers this through its unique latent audio model with extreme compression combined with deep expertise in high-performance computing.
  3. Latency: Real-time conversation requires near-instantaneous responses. Deepgram achieves this using streaming state space model architectures, optimized specifically for the underlying hardware to deliver minimal processing delays.
  4. Context: Effective conversations are deeply contextualized. Deepgram will pass the speech Turing test thanks to its ability to train on vast bodies of data that thoroughly represent its customers’ use cases and pass that context through the entire system and interaction.

Additional Resources:

●      Read about Deepgram’s groundbreaking voice agent API

●      Watch a fun demo of Deepgram’s voice agent API

●      Try Deepgram’s interactive demo

●      Get $200 in free credits and try Deepgram for yourself

Leave a comment »

Threat Actors Mimic Amazon Prime Membership to Steal Credit Card Data 

Posted in Commentary with tags on January 28, 2025 by itnerd

Researchers have uncovered a new hacking campaign using PDF documents announcing an expired Amazon Prime membership with links to phishing pages that impersonate Amazon and request credit card data:

Javvad Malik, lead security awareness advocate at KnowBe4, commented:

“The initial attack vector, where users are beguiled into opening an email attachment containing a PDF file, is a stark reminder of the importance of remaining vigilant of emails. Emails still remain the most popular attack avenue for phishing, so it’s important that people have the right education and tools at their disposal to be able to effectively identify and report any suspicious activity. 

“Amazon’s proactive steps, including the takedown of numerous phishing websites and the implementation of advanced email verification technology, are commendable. However, the incident is a reminder that takedowns are like a game of whack-a-mole and more malicious sites will continue to crop up. So it’s important that users remain ever vigilant and informed about the potential threats we face online.”

This serves as a reminder that you need to treat anything and everything that hits your inbox with suspicion. On top of that, you should never click on links from any random email because bad things may happen to you.

Leave a comment »

KnowBe4’s Top 10 Tips to Take Charge of Your Data on Data Privacy Day

Posted in Commentary with tags on January 28, 2025 by itnerd

KnowBe4, the world-renowned cybersecurity platform that comprehensively addresses human risk management, celebrates Data Privacy Day with practical and impactful recommendations to help individuals and organizations take charge of their data security.

In an age where data is constantly collected, shared, and monetized, Data Privacy Day serves as an annual reminder about the importance of protecting and facilitating online privacy. Data Privacy Day began in the United States in January 2008 as an extension of the Data Protection Day celebration in Europe and is officially led by NCSA in North America. The National Cybersecurity Alliance has expanded it into Data Privacy Week, with the 2025 theme ‘Take Control of Your Data’, which encourages individuals to reclaim their digital autonomy through simple, actionable steps to make informed privacy choices. For organizations, the message emphasizes the need to respect and prioritize users’ data privacy.

Data privacy is more critical than ever, especially when social media platforms, AI chatbots and connected devices have increased publicly available digital footprints. This creates opportunities for the misuse of personal information and data traces which can lead to incidents of identity theft, financial fraud, and even psychological harm.

Recognizing the shared responsibility of safeguarding data, DePaula shares the 10 top tips for individuals and organizations to help take control of their data in 2025:

Tips for Individuals

  1. Vet your apps and tools: Before using new apps, check their data usage policies, control options, and origin to ensure they are trustworthy.
  2. Optimize IoT device privacy: Adjust settings in your IoT device apps to enhance privacy, such as disabling voice recordings, limiting data storage, or controlling ad preferences.
  3. Educate your family: Discuss online safety with family members, especially children, covering topics like avoiding sharing personal information, recognizing suspicious links, and managing location sharing.
  4. Set up a reputable password manager: Use it for critical accounts and generate strong, unique passwords.
  5. Enable multi-factor authentication (MFA): Activate MFA, preferably with a FIDO token, for critical accounts as an added layer of protection.

Tips for Organizations

  1. Minimize data collection: Only collect and store data that is essential for business operations. Eliminate unnecessary personal or payment information.
  2. Communicate transparency in privacy policies: Clearly explain what data is collected, how it is used, and with whom it is shared.
  3. Train employees: Educate all employees on data protection regulations, while training them to recognize the latest social engineering attacks and other security risks.
  4. Encrypt personal data: Protect personal data—at rest and in transit—from unauthorized access or exposure.
  5. Vet vendors and partners: As a ‘responsible party’, your organization is responsible and accountable for protecting the data of its subject – even if the processing is outsourced to third parties. Ensure that any external parties handling your organization’s data maintain a high standard of privacy and protection.

For more insights and best practices on data privacy, visit www.knowbe4.com.

Leave a comment »

Cyware Launches Industry’s First Pre-Configured Threat Intelligence Platform with Team Cymru

Posted in Commentary with tags on January 28, 2025 by itnerd

Cyware, the leading provider of threat intelligence management, low-code/no-code security automation, and cyber fusion solutions, today announced an important collaboration with Team Cymru to pre-configure Team Cymru’s industry-leading threat feeds into Cyware’s Threat Intelligence Platform (TIP). This packaged solution delivers real-time visibility into botnets, malware, command and control (C2) infrastructure, and external malicious activity, empowering organizations to detect and respond faster to even the most sophisticated adversaries.

By incorporating Team Cymru’s threat feeds—including the Botnet Analysis and Reporting Service (BARS) feed and the Controller (C2) Feed—into Cyware’s advanced TIP, organizations gain access to more accurate and up-to-date intelligence. This enhanced intelligence is designed to allow security teams to identify, analyze, and mitigate malware and botnets with precision and speed to help fortify their defenses against cyberattacks.

With this solution, customers benefit from approximately 10,000 unique IPs daily and the processing of approximately 6-7 million unique events, providing detailed threat indicators and attributes that are often missing in traditional threat feeds. When combined with Cyware’s operationalized threat intelligence capabilities, it is designed to enable security teams to:

  • Stop malware and DDoS attacks before they impact networks and infrastructure
  • Harden network defenses by integrating threat indicators with firewalls, intrusion prevention systems (IPS), and intrusion detection systems (IDS)
  • Automate threat hunting for DNS-based attacks and monitor malicious communications
  • Gain geolocation, victimology information, and detailed campaign histories to contextualize threats

The combined solution also offers unique and critical insights into malware families, unique control protocols, and encryption mechanisms, allowing organizations to prioritize and block malicious activity more effectively. With these capabilities, Cyware and Team Cymru are redefining what it means to stay ahead of cyber threats as global adversaries gear up for disruption.

For more information on Cyware and Team Cymru’s integration, visit https://www.cyware.com/partners/technology-alliances/team-cymru.

Leave a comment »

« Older Entries
Newer Entries »