Palo Alto Networks Cyber Outlook for 2025: AI, Quantum, Security & More

Posted in Commentary with tags on November 14, 2024 by itnerd

Palo Alto Networks has posted their cybersecurity insights and outlook of what to expect in 2025. In their annual forecast, the company reveals what’s next on the horizon – from AI-driven cyber warfare to energy-efficient data centers and new roles for today’s business leaders. 

Key 2025 Predictions Include: 

  • Unified Cybersecurity Platforms through Platformization: Expect cloud security and Security Operations Center to merge into a single infrastructure that fuels AI-driven insights across every attack vector. This will enable organizations to centralize security data, empowering rapid detection and response at scale. 
  • Data as a Competitive Advantage: Organizations with vast, integrated data will hold a distinct advantage over startups due to the data-hungry nature of AI models. For the first time, incumbents will leverage their data stores to enhance AI performance, securing a lead in both innovation and cyber defense.
  • Adoption of Secure Enterprise Browsers: Adoption of secure enterprise browsers for work, so organizations may implement stronger security measures to protect against rising threats. 
  • Energy-Efficient AI: AI’s soaring energy demands have created a pressing need for sustainability. In 2025, we’ll see new techniques for reducing data center energy consumption while still supporting the essential growth of AI-powered cybersecurity.
  • Rethinking Quantum Security: As “harvest now, decrypt later” tactics rise, Palo Alto Networks urges organizations to fortify systems today against the anticipated power of quantum decryption technology—a measure essential for securing valuable IP and government data from future exploitation.
  • The New Power Duo: CIO & CMO: In an era of real-time, personalized engagement, customer expectations are soaring. Palo Alto Networks predicts that marketing and IT leaders will work in tandem to merge customer insights with robust IT strategies, meeting demand across all channels.

Palo Alto Networks has a news release on this here, and their annual forecast here.

Leave a comment »

Mission and CrowdStrike Launch Mission Cloud Secure to Deliver Advanced Cloud Detection and Response for AWS Customers

Posted in Commentary with tags on November 14, 2024 by itnerd

 Mission, a US-based Amazon Web Services (AWS) Premier Tier Services and ISV Accelerate Partner, today launched Mission Cloud Secure, a fully-managed Cloud Detection and Response (CDR) SaaS offering powered by the industry-leading CrowdStrike Falcon® cybersecurity platform. This new offering provides AWS customers with comprehensive managed security to stop cloud breaches.

With cloud exploitation cases growing 110% year-over-year and a widening cybersecurity skills gap, businesses need specialized, rapid-response services to combat cloud misconfigurations and breaches. Mission Cloud Secure combines Mission’s deep AWS expertise and Mission Control platform with CrowdStrike’s elite cyber expertise and best-in-class protection across endpoints, cloud workloads, identity and data, delivering comprehensive protection for AWS workloads.

Key features and benefits of Mission Cloud Secure include:

  • 24/7 Managed Detection & Response (MDR):  Leveraging CrowdStrike Falcon® Complete, AWS customers receive rapid threat detection and remediation across all areas of enterprise risk, supported by a 24/7 security team and backed by CrowdStrike’s breach prevention warranty.
  • Proactive Threat Hunting: With continuous threat hunting powered by the AI-native Falcon platform and CrowdStrike’s expert analysts, organizations can detect and neutralize sophisticated attacks in real time, preventing compromises in cloud environments.
  • Cloud-Native Security: Designed for distributed, cloud-native environments, securing both AWS services and endpoint devices seamlessly.
  • Compliance Readiness: Provides tools to assist organizations in meeting major compliance frameworks such as PCI, HIPAA, and SOC 2, with audit readiness and unified reporting for streamlined compliance management.

For more information on Mission Cloud Secure, visit our Mission Cloud Secure webpage.

Leave a comment »

RealWear acquires smartglasses AR startup Almer

Posted in Commentary with tags on November 14, 2024 by itnerd

 RealWear, the global leader in wearable computing for industrial applications, today announced its acquisition of Almer Technologies, a Swiss pioneer in ultra-compact, user-friendly AR headsets. This acquisition, strategically and financially backed by TeamViewer, the leading provider of enterprise AR software, marks a significant leap forward in the mission to empower frontline workers worldwide with cutting-edge AR technology.

As the industrial sector increasingly turns to digital solutions to enhance productivity and safety, the demand for intuitive, wearable AR devices has surged. This acquisition unites RealWear’s market leadership with Almer’s innovative approach to meet this demand.

The acquisition brings together a powerful combination of strengths. RealWear’s established market presence and rugged, voice-operated solutions are now complemented by Almer’s innovative, subscription-based AR headsets, known for their compact design and user-friendliness. With a relentless focus on execution and customer-centric solutions, Almer quickly gained recognition as a disruptive force in enterprise AR and set a new industry standard. 

As part of the acquisition, Almer’s co-founders will join RealWear’s executive team, creating a unified leadership focused on accelerating global AR adoption. Ultimately, this acquisition is set to make advanced technology more accessible and user-friendly for frontline workers across the globe.

With this strategic acquisition and the continued backing of TeamViewer, RealWear is poised to lead the charge in the industrial wearables market. By blending software and hardware, the company aims to deliver world class productivity solutions for maximum customer value.

Leave a comment »

New Online Holiday Retail Research Reports 60% Surge in Suspicious Domains Targeting Shoppers

Posted in Commentary on November 14, 2024 by itnerd

BforeAI has released the company’s 2024 Online Holiday Retail Threat Report. The report explores scammers attempting to impersonate top brands like Walmart, Amazon, Target, eBay, Etsy, Costco, Ikea, Home Depot, Tesco, Flipkart, Lululemon, and 7-Eleven.

BforeAI’s research shows a 60% surge in domain registrations in the last 90 days, with tactics ranging from domain abuse, typosquatting, fraudulent applications, phishing websites, poorly built suites, social engineering and investment scams, fake chatbot support and counterfeit mobile apps, and new exploits using AI and cryptocurrency. 

You can read the report here.

Leave a comment »

Arcitecta Partners with Wasabi Technologies 

Posted in Commentary with tags on November 14, 2024 by itnerd

Arcitecta, a creative and innovative data management software company, today announced it has partnered with Wasabi Technologies, the hot cloud storage company, enabling organizations to seamlessly and transparently integrate Wasabi’s cloud storage into their workflows. Arcitecta’s flagship product, Mediaflux, acts as a gateway, allowing users to access Wasabi cloud storage and all their data regardless of where it resides through one unified view to drive informed decision-making, greater insights and business value. 

While integrating cloud storage into an organization’s workflow can offer many advantages, such as improved scalability, accessibility, and collaboration, it can be challenging with concerns around data security, compliance, migration, compatibility, performance, latency and data governance. 

Data management across multiple environments presents more complexity. Storing data on-premises and in private or public clouds creates silos, making it difficult to have a unified view of the data. In addition, ensuring that data remains consistent and synchronized across different environments is complicated, especially when updates occur simultaneously in multiple locations. 

Arcitecta addresses these issues, making it easy for organizations to integrate Wasabi’s cloud storage into workflows. The Wasabi cloud appears as any other storage managed by Mediaflux.

Mediaflux enables customers to use any mix of storage technologies to best meet their requirements, whether on-premises, in a public or private cloud, or a hybrid of both. Users have a global view of all data, no matter what storage it is on, with identity and policy-based access controls. Intelligent data placement and movement ensure that data is consistently available in the appropriate location and at the required time. Additionally, seamless data tiering enables cost-effective data storage, allowing users to optimize their storage and save money.           

Pricing and Availability

Pricing for the joint Mediaflux and Wasabi offering is predictable, transparent and straightforward, unlike other cloud and storage providers’ pricing structures. Mediaflux licensing is decoupled from the volume of data stored so organizations can affordably scale storage needs to hundreds of petabytes without the financial strain typically associated with such vast capacities. Wasabi customers only pay one low rate for capacity, with no hidden or egress fees. 

The offering is available now and can be purchased through Arcitecta’s Mediaflux channels. Wasabi cloud storage can be purchased online at a per TB rate per month. 

Resources

Leave a comment »

SurePath AI Announces Over $5 Million in Seed Funding

Posted in Commentary with tags on November 14, 2024 by itnerd

SurePath AI, a leader in governing generative AI for the enterprise, today announced the successful closure of a $5.2 million seed funding round led by Uncork Capital with significant participation from Operator Collective, bringing the company’s total funding to $6.3 million. SurePath AI’s mission is to enable secure GenAI adoption by detecting usage, mitigating risks, and controlling AI access to enterprise data so that organizations can bolster innovation and productivity.

SurePath AI gives organizations much-needed visibility and control of GenAI use across public and private models. Its role-based access controls decide what data leaves an organization and which models and data sources end-users can access. As a result, organizations can detect GenAI use at a network level, mitigate the risk of public GenAI services, supervise private models, and control access to context data sources—all through a single policy engine integrated with existing security solutions.

SurePath AI’s key capabilities include:

  • Capture, monitor, secure, and route GenAI traffic
  • Centrally manage role-based access control policies independent of vendor or solution
  • Inject enterprise data and prompt engineering into GenAI use, increasing adoption and productivity

Founded in 2023 when organizations were choosing between blocking or allowing GenAI, SurePath AI’s founders set out to develop a robust platform to remove the complexity of GenAI governance, provide visibility into Shadow AI use, and securely increase GenAI adoption. Shortly after, the SurePath AI platform was successfully launched at AWS re:Inforce 2024.

To learn more about SurePath AI’s approach to secure GenAI adoption, please visit surepath.ai.

Leave a comment »

US Agencies & Five Eyes Reveal 2023 Top Exploited Vulnerabilities 

Posted in Commentary with tags on November 14, 2024 by itnerd

In a joint advisory published yesterday, the FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance released a list of the top 15 exploited vulnerabilities in 2023.

“Network defenders should pay careful attention to trends and take immediate action to ensure vulnerabilities are patched and mitigated. Exploitation will likely continue in 2024 and 2025,” the agencies say.

The report warned that in 2023, “malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets.”

It also revealed that 12 out of the top 15 vulnerabilities actively abused in the wild were addressed last year, aligning with the agencies warning that threat actors focused their attacks on zero-days.

A code injection vulnerability in NetScaler ADC / Gateway that enables bad actors to gain remote code execution on unpatched servers, took the top spot after state hackers abused it to breach U.S. critical infrastructure organizations.

By early August 2023, this security flaw had been leveraged to backdoor at least 640 Citrix servers worldwide and over 2,000 by mid-August.

Evan Dornbush, former NSA cybersecurity expert had this to say:

While the recommendation to patch is sage advice, it won’t have a material impact against sophisticated attackers who are increasingly reliant on zero days to gain initial access, per the joint advisory.

Instead of waiting for attackers to come at them with zero days, finding novel ways to raise the cost of conducting criminal operations would, however, produce a desirable effect. Sophos did this in its Pacific Rim project, which burned several months of effort – exploits, implants, and infrastructure – quite brilliantly. It’s time for businesses in all industries to pursue new options that disrupt the lucrative nature of criminal operations.

Patching isn’t perfect. But it is part of the solution. Things like vulnerability testing, penetration testing, tabletop exercises, and strengthening defences have to be part of the conversation. Because security has to be a holistic solution.

Leave a comment »

Elon Musk Adds Another Lawsuit To His Collection… This Time The French Are Suing Twitter

Posted in Commentary with tags on November 13, 2024 by itnerd

Elon Musk can’t stop getting sued. This time French news publishers are suing him. Or more accurately Twitter. Here’s why:

Under EU law, digital platforms are required to negotiate with publishers to remunerate them for news reuse. After a prolonged dispute, Meta and Google have signed deals with news publishers in France.

However, X has refused to engage in negotiations with news publishers to compensate them for reusing their content (or at least so far). As a result, judges at the Paris Court of Justice will now face the complex task of determining the value of article previews shared on X.

This seems to me be another one of those FAAFO moments. He flipped off French news publishers and now they are suing him. Making this and not Bluesky gaining users and rocketing up the App Store charts or the latest Cybertruck recall his latest problem today. Most logical people would want to avoid getting sued at all or as often as Elon has. But clearly he has more money than brains as the lawsuits keep piling up.

As for this specific lawsuit. I am not a lawyer, but I’m pretty sure that he’s going to lose.

Leave a comment »

1-in-4 Americans Still Making This Risky Password Mistake: Security.org

Posted in Commentary with tags on November 13, 2024 by itnerd

Even as Americans embrace AI, crypto, and smart home devices, new research shows that many are still ignoring basic cybersecurity best practices. According to new research from Security.org1-in-4 U.S. adults still write down their passwords on paper, and nearly 1-in-5 reuse the same passwords across multiple accounts.

These risky behaviors come at a significant cost. The FBI reports that identity theft and stolen login credentials cost Americans over $12.5 billion last year. Despite these rising threats, Security.org’s Annual Password Manager Market Report found that only 36% of U.S. adults (about 94 million people) currently use password manager services.

Here are some other key findings from the new research: 

  • Over half of adults use risky methods like memorization, browser storage, and written records to manage their passwords. These people were more likely to have experienced recent identity theft compared with those who use password managers. 
  • LastPass was once the most popular password tool but is still struggling to regain public trust and market share after several data breaches and a recent customer service scam.
  • Tech giants like Google and Apple now dominate the password manager market, with 55% of users relying on their proprietary tools.
  • Over 75% of non-users say they are open to adopting password managers if it offers the right combination of usability, security, and affordability.

Full details at: https://www.security.org/digital-safety/password-manager-annual-report/

Leave a comment »

Bluesky Rockets To #2 On The Charts…. Much To The Dismay Elon Musk

Posted in Commentary with tags on November 13, 2024 by itnerd

The last time I spoke about Bluesky, they added 700,000 users just after the US Election. And they had jumped to #5 on the Apple App Store charts. Fast forward to today and this is where Bluesky sits:

That’s stunning. And It suggests that Bluesky has some serious momentum here. And this is at the expense of Twitter. Which by the way in case you were wondering is sitting here on the App Store charts:

That’s one place lower than the last time I checked. If this doesn’t concern Elon, it should. But he’s not exactly a rational person these days. But it does highlight the fact that people are done with Twitter, and it seems that Bluesky has become that alternative to Twitter that people want. Whether it can capitalize on this remains to be seen.

1 Comment »

« Older Entries
Newer Entries »