Action1 Achieves 376% YoY Growth in 2023

Posted in Commentary with tags on March 4, 2024 by itnerd

Action1 Corporation, a provider of the #1 risk-based patch management platform designed for distributed enterprise networks, today announced outstanding results for 2023, including 376% global sales growth. Other key highlights include recognition by trusted review platforms G2 and Gartner Digital Markets and achievement of authoritative security certifications.

Market Momentum:

  • Action1 reported a 376% global sales growth compared to 2022, thanks to the rapid expansion in the US, Europe, and worldwide.
  • Action1 demonstrated exceptional growth in multiple sectors, including education, healthcare, and technology.

Product Enhancement:

  • Action1 has introduced real-time vulnerability discovery and remediation to empower organizations to reduce the mean time to remediate (MTTR) vulnerabilities.
  • The company extended its Software Repository maintained in-house by security experts for streamlined third-party patching, which now includes 99% patching coverage for most enterprise environments.
  • Action1 has established a data center in Europe, enabling EU customers to meet the stringent GDPR standards, ensuring data residency and sovereignty, and is now looking to further expand by opening a data center in Australia.

Industry Certifications:

  • Action1 became the first patch management vendor to achieve SOC 2 and ISO 27001 certifications, underscoring its commitment to security.

Recognition:

  • Action1 has been consistently rated as the #1 easiest-to-use patch management solution by G2.
  • Gartner Digital Markets awarded Action1 31 badges in six categories.
  • G2 recognized Action1 as High Performer and Momentum Leader for patch management in its quarterly reports for multiple times, rewarding the company for excellence and for its high-growth trajectory.

Research:

Leave a comment »

ServiceNow, Hugging Face, and NVIDIA Release New Open-Access LLMs to Help Developers Tap Generative AI to Build Enterprise Applications

Posted in Commentary with tags on March 4, 2024 by itnerd

ServiceNowHugging Face, and NVIDIA, has announced StarCoder2 which was released on February 28th, a family of open‑access large language models (LLMs) for code generation that sets new standards for performance, transparency, and cost‑effectiveness.

StarCoder2 was developed by the BigCode community, stewarded by ServiceNow, the leading digital workflow company making the world work better for everyone, and Hugging Face, the most‑used open‑source platform where the machine learning community collaborates on models, datasets and applications.

Trained on 619 programming languages, StarCoder2 can be further trained and embedded in enterprise applications to perform specialized tasks such as application source code generation, workflow generation, text summarization, and more. Developers can use its code completion, advanced code summarization, code snippets retrieval, and other capabilities to accelerate innovation and improve productivity.

StarCoder2 offers three model sizes: a 3 billion‑parameter model trained by ServiceNow, a 7 billion‑parameter model trained by Hugging Face, and a 15 billion‑parameter model built by NVIDIA with NVIDIA NeMo and trained on NVIDIA accelerated infrastructure. The smaller variants provide powerful performance while saving on compute costs, as fewer parameters require less computing during inference. In fact, the new StarCoder2 3 billion‑parameter model also matches the performance of the original StarCoder 15 billion‑parameter model.

Fine‑Tuning Advances Capabilities with Business‑Specific Data

StarCoder2 models share a state‑of‑the‑art architecture and carefully curated data sources from BigCode that prioritize transparency and open governance to enable responsible innovation at scale.  

The foundation of StarCoder2 is a new code dataset called The Stack v2 which is more than 7x larger than The Stack v1. In addition to the advanced data set, new training techniques help the model understand low‑resource programming languages (such as COBOL), mathematics, and program source code discussions.

StarCoder2 advances the potential of future AI‑driven coding applications, including text‑to‑code and text‑to‑workflow capabilities. With broader, deeper programming training, it provides repository context, enabling accurate, context‑aware predictions. These advancements serve seasoned software engineers and citizen developers alike, accelerating business value and digital transformation.

Users can fine‑tune the open‑access models with industry or organization‑specific data using open‑source tools such as NVIDIA NeMo or Hugging Face TRL.

Organizations have already fine‑tuned the foundational StarCoder model to create specialized task‑specific capabilities for their businesses.

ServiceNow’s text‑to‑code Now LLM was purpose‑built on a specialized version of the 15 billion‑parameter StarCoder LLM, fine‑tuned and trained for ServiceNow workflow patterns, use‑cases, and processes. Hugging Face also used the model to create its StarChat assistant.

BigCode Fosters Open Scientific Collaboration in AI

BigCode represents an open scientific collaboration jointly led by Hugging Face and ServiceNow. Its mission centers on the responsible development of LLMs for code.

The BigCode community actively participated in the technical aspects of the StarCoder2 project through working groups and task forces, leveraging ServiceNow’s Fast LLM framework to train the 3 billion‑parameter model, Hugging Face’s nanotron framework for the 7 billion‑parameter model, and the end‑to‑end NVIDIA NeMo cloud‑native framework and NVIDIA TensorRT‑LLM software to train and optimize the 15 billion‑parameter model.

Fostering responsible innovation is at the core of BigCode’s purpose, demonstrated through its open governance, transparent supply chain, use of open‑source software, and the ability for developers to opt data out for training. StarCoder2 was built using responsibly sourced data under license from the digital commons of Software Heritage, hosted by Inria.

StarCoder2, as with its predecessor, will be made available under the BigCode Open RAIL‑M license, allowing royalty‑free access and use. Furthermore, the supporting code for the models resides on the BigCode project’s GitHub page.

All StarCoder2 models will also be available for download from Hugging Face and the StarCoder2 15B model is available on NVIDIA AI Foundation models for developers to experiment with directly from their browser, or through an API endpoint.

For more information on StarCoder2, visit https://huggingface.co/bigcode.

Leave a comment »

CyberProtonics Redefines Data Protection with the Most Powerful, Lightweight, Quantum-Resistant Software-Based Cryptosystem for Digital Ecosystem, IoT and Generative AI

Posted in Commentary with tags on March 4, 2024 by itnerd

CyberProtonics, trailblazers in quantum-resistant data protection, today introduced the first lightweight, software-based cryptosystem that makes being quantum-ready easy, affordable, and practical. Embeddable virtually anywhere, any time, the advanced cryptosystem generates blistering-fast encryption speeds of 512 bits to up to 10K bits, rendering data useless when a breach occurs. CyberProtonics also today announced a major OEM agreement with Simplifi, leaders in secure remote computing.

Legacy-friendly and plug-and-play features allow its cryptosystem to seamlessly integrate in all types of applications, including IoT, e-sim, and generative AI Private Large Language Models (PLLMs). CyberProtonics protects data at rest and in transit, without performance impacts, and is recognized as the first truly lightweight quantum-resistant commercial solution for rendering stolen data completely useless.

Anywhere, Anything, Every Time Protection

In today’s increasingly hostile cyber threat landscape, everyone should be protected from bad actors and malicious cyberattacks, wherever their data resides. CyberProtonics adds an indispensable, affordable additional layer of quantum-resistant security at the source where data is created to protect legacy, current, and future cybersecurity system architectures, networks, and devices.

Among applications are:

Work from Home: Employees continue to work from home, and cybersecurity is more important than ever for the hybrid workforce. CyberProtonics keeps confidential work data secure, at rest or in transit.

Internet of Things (IoT): CyberProtonics’ cybersecurity protocols protect IoT devices and networks from the latest threats with reliable and robust security.

Generative AI: Large Language Models that companies want to keep private are protected by CyberProtonics’ proprietary cryptosystem.

Defense: CyberProtonics’ 512-bit to 10k-bit encryption protects data at rest or in transit in theaters of operations, supporting unmanned aerial vehicles (UAVs), wearable devices, connected vehicles, smart infrastructure, and portable communications.

Satellite: End-to-end encryption in the ground terminal and in the satellite itself safeguards transmissions, ensuring data security and confidentiality.

Industrial Control Panel: Protects critical infrastructure with next-generation quantum-resistance technology, designed to ensure reliable and resilient security for factories, power plants, and wastewater treatment facilities.

Commercial Data: Banking and finance, healthcare, hyperconnected commerce, and more.

A New Era in Data Protection

CyberProtonics’ proprietary software employs a robust licensing engine for both connected and air-gapped models and solutions, with varying time periods and iterations. It delivers:

Strength: Post-quantum symmetric key-based encryption, with key lengths of 512 bits, increasing up to 10k bits.

Speed: Lightning-fast operation does not affect a device’s computing or memory cycles, even for the smallest sensor or IoT device.

Size: The lightweight footprint of CyberProtonics’ cryptosystem’s binary runtime enables end-to-end encryption at the data generation source, with single-digit MB of code.

Security: Encryption of data in transit and at rest for both on-premises legacy systems and modern secure access service edge.

Breach Immunity and Unwavering Compliance: Valuable data is made useless. Full compliance with regulatory mandates and industry standards such as GDPR, HIPAA, PCI DSS, and SOX is automatic and assured.

Market-Proven SDK: Symmetric key encryption optimized for small footprint applications (crucial for IoT devices), stronger than any currently deployed application of AES, RSA, or ChaCha20. Fully automated key management that eliminates manual key distribution human errors. C language callable APIs.

Leave a comment »

Apple Gets Slapped With An Almost $2 Billion Fine For Taking Shots At Spotify

Posted in Commentary with tags on March 4, 2024 by itnerd

On a day where Apple wanted to control the narrative by launching new MacBook Air models, the EU has decided to rain on their parade. The European Commission has fined Apple €1.8 billion which is $1.95 billion USD for anti-competitive conduct against rival music streaming services. By rival music streaming services, that would be Spotify:

The European Commission has fined Apple over €1.8 billion for abusing its dominant position on the market for the distribution of music streaming apps to iPhone and iPad users (‘iOS users’) through its App Store. In particular, the Commission found that Apple applied restrictions on app developers preventing them from informing iOS users about alternative and cheaper music subscription services available outside of the app (‘anti-steering provisions’). This is illegal under EU antitrust rules.

I encourage you to read the full decision as I’m not sure that I buy into this reasoning. Regardless of whether you do or don’t buy into that reasoning, Apple is pretty ticked off about this decision:

Today, the European Commission announced a decision claiming the App Store has been a barrier to competition in the digital music market. The decision was reached despite the Commission’s failure to uncover any credible evidence of consumer harm, and ignores the realities of a market that is thriving, competitive, and growing fast.

The primary advocate for this decision — and the biggest beneficiary — is Spotify, a company based in Stockholm, Sweden. Spotify has the largest music streaming app in the world, and has met with the European Commission more than 65 times during this investigation.

Today, Spotify has a 56 percent share of Europe’s music streaming market — more than double their closest competitor’s — and pays Apple nothing for the services that have helped make them one of the most recognizable brands in the world. A large part of their success is due to the App Store, along with all the tools and technology that Spotify uses to build, update, and share their app with Apple users around the world.

That’s pretty much why I don’t buy into the EU’s decision. Spotify the last time I checked was the big boy on the block. So I unless I am missing something, I can’t see how Apple is the bad guy here. Yes, Apple aren’t saints and have been known to do things to take out or impair competition. But I’m honestly not seeing it here. Apple is going to appeal the decision and that appeal will be interesting to watch.

Leave a comment »

Brenda Christensen Honored Among TechRound’s Top 50 Women in Startups & Tech

Posted in Commentary with tags on March 3, 2024 by itnerd

Brenda Christensen, the CEO of Stellar Public Relations, has been honored as one of the 2024 “Top 50 Women in Startups & Tech” by TechRound. An Inc. 500 and Entrepreneur of the Year executive, this accolade is a testament to her vast contributions and pioneering efforts in the technology sector, underscoring her leadership, innovation, and significant impact in shaping the future of technology. 

TechRound’s Top 50 Women in Tech recognizes the incredible talent, resilience, and ingenuity of women who are at the forefront of the traditionally male-dominated industry. The list is the result of a rigorous selection process, celebrating individuals who have shown exceptional leadership, innovation, and influence in the tech world.

With decades of experience, Christensen has made her mark as a world leader in public relations, investor relations, branding, funding, and corporate guidance, contributing to multimillion-dollar growth. Frequently featured in Forbes, Fortune and other leading publications, she has served as an advisor on private boards across North America and was a corporate officer for a publicly held technology company, impacting multiple continents.

Christensen’s expertise in corporate communications and public relations has led to strategic corporate guidance and governance for top global technology companies, including Tinder, Apple, McAfee, and others. Her role has been pivotal in creating and managing global messaging campaigns, setting a benchmark in the industry.

Christensen’s accolades include being named “Qwoted Top 100 in PR,” “Top 15 in Security PR,” “PR SourceCode Top 10 Tech Communicators” and “Best PR in Tech.” HubSpot named her “Most Influential on Facebook” and Business2Community listed her a top PR professional to follow on Twitter.

Leave a comment »

Rogers Has An Opportunity To Fight Back Against Bell…. But They Likely Won’t Take It

Posted in Commentary with tags , on March 2, 2024 by itnerd

Recently, Bell was told by the CRTC that they had to open up their fibre networks to companies like Teksavvy so that in theory it would result in lower telco prices for Canadians. Bell in response acted like a two year old having a hissy fit and stopped rolling out fibre and dropping their 8 Gbps tier from being available for customers to get. Not that anyone needs speeds that fast. As a result, Bell’s decision to throw their toys out of the baby carriage has created is an opportunity for Rogers to step in and fill the void.

No. Seriously. Hear me out on this one.

Frequent readers of this blog will know that I have been extremely critical of Rogers. This organization has some serious issues that keep it from competing with Bell. Especially when it comes to the speed of their Internet offering where Bell has been putting the screws to them for years. But with Bell’s decision to hold Canadians hostage because they don’t like what the CRTC has said, Rogers could do the following to put the screws to Bell:

  • Rogers could aggressively roll out fibre to areas where Bell has seemingly abandoned: Rogers could roll into places like Barrie Ontario where Bell stopped their roll out and run fibre. And by fibre I mean fibre from end to end. Is that instant? No. But if they got shovels in the ground and put forward a date that they stuck to, Rogers would look like heroes. And they’d also gain back subscribers the they lost to Bell because cable simply doesn’t measure up to fibre.
  • Rogers could aggressively transition cable customers to fibre: If Rogers could start transitioning their cable customers to fibre, that would stop customers from defecting to Bell in areas where both companies operate and fibre on Bell is available. It would also show that Rogers recognizes that their cable offering has reached end of life and they are moving to technology that is better for their customers.
  • Rogers could leverage the one good thing about their Internet offering to beat Bell : Now I will admit that Rogers Internet isn’t the most reliable. For example they have problems keeping a DNS server live for any length of time. But Rogers does have one good thing that their Internet offering has. And that is IPv6 which is the future of the Internet and something that Rogers embraced that years ago. Bell on the other hand hasn’t for whatever reason hasn’t rolled out IPv6 on their Internet offering. And at some point very soon, it will come back to bite Bell. Rogers could simply accelerate that by having a fibre offering that leverages IPv6 and market it as “future proofing your Internet unlike the guys in blue”, then they could likely steal back market share. Because people like future proofing.

Now those bullet points are good. But the problem is that Rogers is unlikely to action these. I say that because they have to solve their stability problems. For example, their inability to keep a DNS server working that I mentioned earlier. But the real issue is that Rogers no longer seems to be the type of organization that would be willing to do any or all of this. Right now, Rogers seems willing to tread water and not push the envelope in any way. There seems to be no willingness on their part to innovate or even simply say “we can put Bell into the hurt locker if we do these things”. That seems to be a cultural thing at Rogers. And without a change in the culture at Rogers, mediocrity will rule the day. Thus they won’t leverage this opportunity that’s basically been handed to them on a silver platter.

Now I am free to be proven wrong by Rogers. And I would like to be proven wrong as Rogers doing these things might make Bell rethink their life choices and restart their fibre rollout as they might be afraid of Rogers taking market share from them. And that benefits Canadian consumers at the end of the day. So Rogers, I challenge you to put the screws to Bell. Let’s see what you’ve got.

2 Comments »

Sage Transform 2024 Unveils Sage Copilot and Introduces Groundbreaking Tech Innovations, Product Enhancements, and Strategic Partnerships at its Flagship Event

Posted in Commentary with tags on March 2, 2024 by itnerd

 Sage, the leader in accounting, financial, HR and payroll technology for small and mid-sized businesses (SMBs), announces several significant announcements at Sage Transform 2024, its annual conference in Las Vegas, February 26 – 29, 2024. As AI continues to transform finance and accounting, Sage is empowering customers with AI-powered solutions that solve business challenges while elevating the value of human work.

At Sage Transform 2024, the company unveils Sage Copilot, its AI-powered productivity assistant and product enhancements to Sage Intacct. Sage has also signed a strategic collaboration agreement with AWS that will help customers grow and scale their business into the future. In addition, the sports partnership with Sportable will deliver AI-led insights for sports fans across North America and globally.

Announcements at Sage Transform 2024 include:

  • Sage Copilot drives efficiency & growth for SMBs and accountants with generative AI: Sage’s new AI-powered productivity assistant, Sage Copilot, acts as a trusted team member, handling administrative and repetitive tasks in ‘real-time’, while recommending ways for customers to create more time and space to focus on growing and scaling their businesses. Sage Copilot automates workflows, identifies errors and generates actionable insights for businesses and accountants’ needs. Sage Copilot helps with forecasting, cashflow management and generating and sending invoices with simple, natural language commands. Sage Copilot’s accuracy, security and trust have been prioritized every step of the way, combined with expert support, robust encryption, access controls, and compliance with data protection regulations.
  • Sage announces Strategic Collaboration Agreement (SCA) with AWS to enable AI-powered solutions for SMBs: Sage signs a strategic collaboration agreement (SCA) with Amazon Web Services (AWS) to significantly enhance how SMBs optimize their operations with generative AI. Sage will develop a domain-specific LLM for accounting and compliance using Amazon Bedrock and Amazon Lex. This specialized accounting and compliance-focused LLM will initially inform Sage’s new AI-powered assistant, Sage Copilot, and serve as a robust foundation designed to enable SMBs to navigate local accounting and compliance applications. Powered by AWS, the LLM will have the capability to process and analyze vast amounts of data swiftly and efficiently. The agreement will also enable Sage and AWS to help SMBs successfully navigate the complexities of modern finance and address environmental responsibilities with cutting-edge solutions like Sage Earth on AWS Marketplace.
  • Sage Intacct unveils new features to streamline operations and boost productivity: The latest Sage Intacct product enhancements enable organizations to drive more productivity, optimize and automate project management tasks through powerful AI capabilities that improve efficiency, with improved data and operational workflows. Updates include Sage Intacct’s AI-powered Project & Resource Management, and Forms and Operational Flows, to give companies greater visibility into resourcing and keeping projects on time while helping them work better and get more done.
  • Sage bolsters its position in Construction & Real Estate with cutting-edge solutions that help construction businesses thrive: Sage has expanded its construction portfolio to deliver the most complete and comprehensive end-to-end cloud solution available in the industry, offering solutions for preconstruction, operations, and financials. Solutions include Sage Estimating with BidMatrix, Sage Construction Management, and Sage Intacct Construction, enabling businesses to effectively manage projects from bid to closeout. 
  • Sage brings expertise in data and insights to global sports via partnership with Sportable: Sage partners with Sportable, a global data collection and analytics platform, to bring deeper, AI-led insights to the biggest sports in North America and beyond. The strategic marketing partnership follows Sage’s role as ‘Official’ and ‘Insights’ Partner to well-known brands including Major League Baseball and builds on its commitment to unleash potential through data, as it does every day for millions of SMB customers. Sage and Sportable will develop a global sports index, bringing together millions of AI-led insights generated across the sports world by Sportable technology. It will provide open access for anyone to identify trends and better understand key indicators of high performance and game strategy. The first index to be launched will be rugby-focused, with future versions planned for soccer, American football and more. 

On the closing day of Sage Transform 2024, Cath Keers, Chief Marketing Officer, Sage, announced the conference will transition to a new flagship event series that brings together the entire Sage ecosystem and its customers, to be held in both London, UK, and Atlanta, GA – the company’s North American headquarters. The North American edition will take place at the World Congress Center from November 4 – 7, 2024.

Sage Transform 2024 was made possible in part through the support of partners listed below:

Titanium Sponsor

  • PwC: A community of solvers combining human ingenuity, experience and technology innovation to deliver sustained outcomes and build trust. PwC is in the business of transformation and is known for their focus on and commitment to achieving results. They combine human-led and tech-powered solutions with meaningful experiences to make a difference for customers. PwC helps you get where you want to go – at the pace and scale you need and is delighted to sponsor Sage Transform 2024.

Diamond Sponsors

  • Avalara: Helping businesses of all sizes achieve compliance with transactional taxes, including sales and use, VAT, excise, communications, and other tax types. The company delivers comprehensive, automated, cloud-based solutions that are designed to be fast, accurate, and easy-to-use.
  • Ramp: The ultimate platform for modern finance teams, from corporate cards, expense management software, bill payments and vendor management, Ramp’s all-in-one solution is designed to automate finance operations and build healthier businesses. Over 15,000 businesses, including nearly 1,000 Sage Intacct clients have switched to Ramp to save an average 5% and close their books 8x faster.

Strategic Sponsors

  • Microsoft: The leading platform and productivity company for the mobile-first, cloud-first world, Microsoft’s mission is to empower every person and every organization on the planet to achieve more. Microsoft helps you to move to the cloud on your terms; getting the most value from your existing IT investments while giving you the flexibility to respond quickly to changing business needs.
  • AWS: The world’s most comprehensive and broadly adopted cloud platform, AWS offers over 240 fully featured services from data centers globally. Millions of customers —including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs.
  • CPA.com: The core mission of CPA.com is to advance the technology ecosystem for the accounting profession, drive the transformation of practice areas, and lead technology research and innovation efforts for practitioners. CPA.com is a subsidiary of AICPA.
  • FACTS: Dedicated to elevating the education experience for schools, teachers, and families, FACTS provides modern and user-friendly integrated solutions and services.


Platinum Sponsors

  • ADP
  • Arcoro
  • Baker Tilly
  • BILL
  • Emburse, Inc.
  • Expensify
  • Fortis
  • Mastercard
  • MineralTree
  • Nuvei
  • REPAY
  • Routable
  • Solver
  • Tipalti
  • Versapay
  • Yooz

Leave a comment »

Github Is Under Attack

Posted in Commentary with tags , on March 1, 2024 by itnerd

Bad news for developers. Github is being besieged by millions of malicious repositories in an ongoing attack: 

Similar to dependency confusion attacks, malicious actors get their target to download their malicious version instead of the real one. But dependency confusion attacks take advantage of how package managers work, while repo confusion attacks simply rely on humans to mistakenly pick the malicious version over the real one, sometimes employing social engineering techniques as well. 

In this case, in order to maximize the chances of infection, the malicious actor is flooding GitHub with malicious repos, following these steps:

  1. Cloning existing repos (for example: TwitterFollowBot, WhatsappBOT, discord-boost-tool, Twitch-Follow-Bot, and hundreds more).
  2. Infecting them with malware loaders.
  3. Uploading them back to GitHub with identical names. 
  4. Automatically forking each thousands of times. 
  5. Covertly promoting them across the web via forums, discord, etc.

And:

Once unsuspecting developers use any of the malicious repos, the hidden payload unpacks seven layers of obfuscation, which also involves pulling malicious Python code and later a binary executable. The malicious code (largely a modified version of BlackCap-Grabber) would then collect login credentials from different apps, browser passwords and cookies, and other confidential data. It then sends it back to the malicious actors’ C&C (command-and-control) server and performs a long series of additional malicious activities.

Ken Westin, Field CISO, Panther Labs had this to say:

We at Panther have seen an increase in software supply chain attacks, where developers, code and cloud infrastructure are increasingly becoming a target. We have seen this with APT groups such as Lazarus out of North Korea, as well as financially motivated cybercrime groups. The goal of the attacks are often to infect code upstream to then target customers downstream, or in this case to steal credentials and authentication cookies with the hopes of gaining privileged access applications, code and secrets. Many organizations do not consider monitoring data sources such as Github in their SIEM and often do not have visibility into potential security compromises of code or developers’ workstations and infrastructure.

The report from Apiiro has a lot of detail in terms of the attack and indicators of compromise, along with steps in terms of protection. Developers should read this and act accordingly .

Leave a comment »

CORA – Pentagon’s shift from Compliance to Operational Readiness 

Posted in Commentary with tags on March 1, 2024 by itnerd

Starting today, the Pentagon’s main network defense command, Joint Force Headquarters-Department of Defense Information Network (JFHQ-DODIN), will launch the Cyber Operational Readiness Assessment (CORA) program, a new model for measuring the readiness of the network shifting from compliance to operational preparedness.

CORA is intended to be risk-informed for defensive cyber operations internal defense measures, for specific actions taken on the network in response to either intelligence, a threat or an incident. Officials explained it as a “living inspection” that can flex to operational, emerging needs given the unpredictability of future vulnerabilities.

“[CORA] enables commanders and directors to make the right decision when applying resources to increase the security posture of their network. It allows us to iterate and change on a dime to figure out what is important now. As everyone understands, technology changes so frequently, so fast, it’s hard for everyone else to keep up. […] With the flexibility of CORA, we’re able to shift and adapt and overcome to start focusing on those unknown or newly discovered vulnerabilities for what is important to JFHQ-DODIN because of intel and threat reporting,” Nicholas DePatto, inspections branch chief said.

Officials began the shift by developing key indicators of risk to assure alignment with JFHQ-DODIN’s cybersecurity priorities and to direct focus onto the most critical areas of remediation. In turn, this will allow organizations to focus their mitigation efforts on risk and exposure to common adversaries’ TTPs allowing the DOD to concentrate resources and staffing on high-risk areas.

Troy Batterberry, CEO and Founder, EchoMark had this comment:

   “Shifting to a threat-informed approach, the CORA program aligns closely with our ethos of operational readiness and agile responsiveness, focusing on risk-informed defenses and ability to address emerging threats quickly. This aspirational standard underscores the importance of evolving security measures to outpace rapid technological changes and often unpredictable and sophisticated threats. It’s not just about being prepared; it’s about staying ahead.

   “This initiative and directed focus on risk indicators prioritizes adaptability and informed decision-making in security practices which will bring companies closer to where our security is as dynamic and resilient as the threats we face.”


Stephen Gates, Principal Security SME, Horizon3.ai follows with this:

   “To gain the highest level of consistent mission readiness, organizations must view their cyber infrastructures through the eyes of their adversaries. Therefore, it makes complete sense to establish the Cyber Operation Readiness Assessment (CORA) program and shift from mere compliance to actual operational readiness. Trying to remain complaint to a host of different regulations and standards does not always mean you are more secure. Continuous assessment of risk has been proven to vastly improve operational effectiveness.

   “Today, organizations are equipping their security teams with offensive-based autonomous assessment solutions allowing them to perform adversarial exercises against their internal, external, and cloud infrastructures with nothing more than click. Being able to load, aim, and fire an autonomous assessment solution against yourself tells organizations where their greatest weaknesses are so they can remediate them before adversaries discover them.

   “This cyber terrain assessment approach goes way beyond simple network and vulnerability scans since autonomous assessment solutions are using the exact same TTPs that attackers are using – and can be safely launched against any production environment. The advancements of autonomous assessment technologies are increasing the security postures for those that capitalize on this emerging technology and massively reducing risk in the context of the cyber threat landscape.”

This is a good move by the Pentagon as this will make it far easier to defend against cyber threats because this will be far simpler for defenders to navigate. Which means they will be in a better position to defend.

UPDATE: Troy Batterberry, CEO and Founder, EchoMark added an additional comment:

“Given the ever-changing environment, being both risk-informed and agile are paramount to establishing modern security practices. In addition, and akin to good general systemic design, organizations also need to continue to utilize ”defense in depth” through multiple layers of protection and access control governance to help avoid a single point of failure causing a broad breach.”

Leave a comment »

FBI Issues Alert on foreign threats targeting Ubiquiti routers

Posted in Commentary with tags on March 1, 2024 by itnerd

On Tuesday, in a joint Cybersecurity Advisory issued by the FBI, NSA, US Cyber Command and international partners raised concerns regarding a foreign state-sponsored cyber actors’ exploitation of compromised Ubiquiti EdgeRouters.

EdgeRouters are particularly vulnerable to compromise as they are shipped with vulnerable default login settings and lack robust firewall settings and rely on manual firmware updates. Also, the EdgeRouter itself provides an ideal position within the network for threat actors to move laterally or to enable more advanced command-and-control functions.

Threat actors have utilized compromised EdgeRouters to harvest credentials, proxy network traffic and host spear-phishing landing pages and custom tools.

The advisory suggests EdgeRouter network defenders and users to:

  • Perform a hardware factory reset
  • Upgrade to the latest firmware version
  • Change any default usernames and passwords
  • Implement strategic firewall rules on WAN-side interfaces

Greg Welch, CEO, CyberProtonics had this to say:

   “The Ubiquiti breach demonstrates an all-too-common scenario where human error leads to the exposure of highly sensitive data. This highlights the need for data encryption as close to the source as possible, establishing true least privileged access controls across the network, and an emphasis on continuous user authentication to prevent unauthorized threat actors.”

Perhaps out of paranoia, or perhaps out of an abundance of caution, I reset my router every few months. I also have some custom firewall rules enabled as well. Because these days you can’t be too careful.

Leave a comment »

« Older Entries
Newer Entries »