Microsoft Plans To Remotely Break Office 2019 And 2021 For Mac So That Users Can Only Open Files…. Is The Outrage Justified?

Posted in Commentary with tags on May 16, 2026 by itnerd

So over the last few days, the Internet has been losing its mind over the fact that Microsoft on July 13 2026, Microsoft Office 2021 and 2019 for Mac will only be able to open files. But they cannot save them. This is documented here. And the reason for this is an expired certificate. If you want examples of how people are losing their minds over this, take this Reddit thread or this one to see what I am talking about.

But is the outrage justified? I am not sure because I can see this from both sides.

On one hand, Office 2019 for Mac has reached the end of support in October 2023. That means that it is not receiving security updates or bug fixes. Office 2021 for Mac will be in the same state in October 2026. So users realistically should be installing either Office 2024 or using Microsoft 365 as it’s never a good idea to run unsupported software as that’s a gateway for threat actors to pwn you.

On the other hand, many people on Reddit feel that this is anti consumer as comes across Microsoft deciding to effectively kill a license that they paid for. Also they feel that Microsoft could easily come out with a software update that addresses the certificate issue. But clearly they don’t want to do that. And forcing users to pay for an upgrade is good for Microsoft’s bank account.

Mac users have a few choices if they are in this situation:

  • Upgrade to Office 2024 or Microsoft 365. I should note that Microsoft 365 is currently free via the web version of the suite. So that’s a free alternative if you have constant access to the Internet.
  • Use Apple’s iWork suite as it is free for normal use.
  • Switch to an open source alternative such as LibreOffice. 

A few random thoughts. I have said for years that that hell hath no fury as an Apple user scorned. Microsoft may be about to find this out shortly as this is unlikely to go away. Also, these Mac users who are outraged need to recognize that there are options for them and they should look into those alternatives ASAP. Because running these versions of Office is not going to be an option.

Leave a comment »

Finite State CEO Matt Wyckhouse to Lead Expert Panel on “Designing Connected Devices with Security Built In” at IoT Tech Expo North America

Posted in Commentary with tags on May 15, 2026 by itnerd

Finite State today announced that Founder and CEO Matt Wyckhouse will lead a panel on “Designing Connected Devices with Security Built In” at 2:35–3:20 p.m. PT, May 19, 2026, at IoT Tech Expo North America. The conference, one of the industry’s largest gatherings focused on IoT, AI, cybersecurity, edge computing, and digital transformation, will be held at the San Jose McEnery Convention Center in San Jose, California, on May 18–19, 2026.

Leaders from Boeing, SmartTech Research, and EVRaid will join Wyckhouse in examining the evolving security risks facing connected devices, industrial systems, and software-driven products as AI adoption and regulatory pressure accelerate across the IoT ecosystem. Key focus areas of the panel include:

  • Embedding security: Moving away from reactive, bolted-on security toward integrating protection at the design stage.
  • Best practices: Implementing secure boot processes, hardware root of trust, and strong encryption.
  • Long-term resilience: Strategies for continuous threat monitoring and ensuring security measures adapt as devices age.

Attendees will gain new insight into how manufacturers and technology providers can improve visibility into device software, manage vulnerabilities across product lines, and prepare for rapidly expanding global cybersecurity regulations impacting connected products.

Finite State Live Demonstrations

At Booth #47, the Finite State team will run live demonstrations of artifact-backed workflows that turn shipped software into audit-ready evidence:

  • Unified product intelligence: Firmware, binaries, source, and supplier inputs connect into a complete, up-to-date system of record grounded in what actually ships.
  • Exploitability-based prioritization: Reachability and context surface real exposure, with defensible rationale for what matters and what doesn’t.
  • New CVE to impacted products: Vulnerability disclosure moves to impact analysis quickly, with consistent VEX decisions and traceable outputs across builds.
  • Design-to-deployment traceability: Architecture, threats, risks, and requirements connect directly to deployed software and stay aligned as systems evolve.
  • Continuous compliance outputs: SBOM, VEX, traceability, and audit-ready reports are generated automatically and stay current across releases.

Securing What Ships, at Portfolio Scale

The panel reflects a market reality: for connected-device manufacturers, securing what ships has become a portfolio-scale problem. Vendored components embedded in firmware rarely appear in source manifests, vulnerability volume outpaces manual triage, and the EU Cyber Resilience Act now enforces incident disclosure timelines as short as 24 hours.

The Finite State Product Security OS closes that gap by analyzing shipped firmware directly, prioritizing reachable risks over raw CVE counts, and maintaining one evidence trail per product version. Teams across medical, automotive, industrial, and consumer IoT use it to keep security and compliance current at release cadence. To discuss these capabilities directly, attendees interested in meeting with the Finite State team during the event can book a meeting on the Finite State IoT Tech Expo event page.

Leave a comment »

Researchers warn AI cyber models have surpassed autonomous hacking benchmarks

Posted in Commentary with tags on May 15, 2026 by itnerd

Two independent studies found that advanced AI cybersecurity models, including Anthropic’s Claude Mythos Preview and OpenAI’s GPT-5.5, have exceeded previous benchmarks for autonomous cyberattack capability. Researchers from the UK AI Security Institute (AISI) and Palo Alto Networks said the models are now capable of chaining together complex multi-stage attack paths and identifying vulnerabilities at rates that significantly outpace earlier systems.

The UK AI Security Institute said Claude Mythos Preview and GPT-5.5 became the first models to fully complete a simulated enterprise intrusion scenario without human intervention. According to the findings, the models successfully executed tasks including credential theft, privilege escalation, lateral movement, persistence, and protected system access during controlled testing. Researchers said the models consistently outperformed previous-generation systems on autonomous cyber capability benchmarks designed to measure real-world offensive potential.

Separately, Palo Alto Networks said its internal testing showed advanced AI cyber models increased vulnerability discovery rates by more than seven times compared to traditional manual research workflows. Researchers said the models were particularly effective at identifying exploitable weaknesses in enterprise software, cloud configurations, and authentication systems, raising concerns that AI-assisted vulnerability discovery could dramatically accelerate exploit development timelines for both defenders and threat actors.

Josh Marpet, Senior Product Security ConsultantFinite State:

   “Unfortunately, this is about as surprising as saying that the sun rises. Nobody was not expecting it. The question is not, can an AI find and run an exploit? We know they can. The question is, can an AI find vulnerable code in a device or application with very little instruction given, write or find the exploit for that vulnerability, and successfully prosecute the exploit through to completion? If the answer is yes, then we are having a bad day.

   “The one interesting item is that the quality of the exploits, the discovery, the entire process, is still fairly dependent on the caliber of the person sitting behind the keyboard and directing that AI. For now.

Damon Small, Board of Directors, Xcape, Inc.:

   “The emergence of GPT-5.5 and Claude Mythos marks a paradigm shift where autonomous attack-path chaining moves from a theoretical lab risk to a quantifiable operational reality. When an AI can compress a twelve-hour expert reverse-engineering task into ten minutes for less than two dollars, the traditional economics of cyber defense collapse. This capability will inevitably commoditize the high-margin, bespoke manual testing currently sold by security consultancies, forcing a market pivot toward high-level strategy and remediation.

   “While these models currently demonstrate low reliability, succeeding in only 20% to 30% of end-to-end attempts, that failure rate is irrelevant to a persistent attacker with near-zero marginal costs. Security leaders must move beyond patching individual vulnerabilities and focus on time-to-break-chain, assuming attackers will use these models to identify and exploit multi-stage paths at machine speed. The priority is no longer just preventing the initial foothold, but ensuring that every compromised node is a dead end through aggressive segmentation and just-in-time access.

  • “Death of the Boutique Pen-Test: The automation of complex, multi-stage attack chains will rapidly drive down the cost and delivery time for offensive engagements, turning premium security services into a baseline commodity.
  • “Asymmetry of Persistence: A 20% success rate is a failure for a human consultant but a triumph for an AI that never sleeps and costs pennies to restart, allowing attackers to “brute-force” complex architectural flaws.
  • “Architectural Resilience vs. Patching: As vulnerability discovery outpaces human remediation capacity, the focus must shift from the “patching treadmill” to building environments that are structurally resistant to lateral movement.

   “If your security posture relies on a $500-an-hour consultant to find the “bespoke” vulnerabilities that a $20-a-month chatbot just discovered in bulk, you aren’t paying for security; you are paying for an expensive PDF.”

Jacob Krell, Senior Director: Secure AI Solutions & Cybersecurity, Suzu Labs:

   “Palo Alto’s advisory data puts real operational weight behind the AISI benchmarks. Going from fewer than five CVEs per month to 26 in a single advisory cycle, with the majority found by AI scanning, is a preview of what every software vendor will face once these models are widely deployed. The bottleneck has shifted from discovery to remediation, and most organizations are not built to patch at the rate AI finds vulnerabilities.

   “Palo Alto estimates a three to five month window before AI driven exploits become the norm. That window is the planning figure security leaders should be working against. This capability is the new baseline, and because different models surface different vulnerability classes, the total volume of findings will only grow as more models reach this tier. Organizations running vulnerability management programs built for five CVEs a month need to start planning for a world where that number is measured in dozens.”

Tom Yates, Product SME, Ridge Security Technology Inc.:

   “These findings highlight the urgent and critical need for security companies to be at the leading edge of Gen AI technology. Security tooling must match the capabilities hackers use or your infrastructure will look like swiss cheese to the bad guys.  But security buyers need to beware, an avalanche of AI-washing has already hit the market.  Buyers must spend more time digging into product claims to ensure that AI is a first-class citizen of the solution, not a “bolt-on” to satisfy marketing needs.”

This is another example of AI welcoming us to the new reality of cybersecurity. Were the time to get pwned has been reduced so much that humans are simply not even in the game. That should scare anyone on that side of the fence.

Leave a comment »

Equinix Puts Enterprises in Control of Data Sovereignty Across Hybrid Multicloud Environments 

Posted in Commentary with tags on May 14, 2026 by itnerd

Equinix, Inc. today announced the global expansion of Equinix Fabric Geo Zones, the first network-level, sovereignty enforcement layer that operates across interconnected clouds and providers. Enterprises face growing compliance risks from network rerouting events that can inadvertently move sovereign data across borders they are legally required to respect. Built natively into Equinix Fabric®, Geo Zones eliminates that risk by keeping data within defined geographic boundaries.

Most networks prioritize availability and performance over geographic or regulatory boundaries, often leaving customers with limited visibility or control over where their data travels. Fabric Geo Zones ensures that rerouted data remains within defined jurisdictions. This capability is especially critical for organizations operating in regulated industries.

Unlike solutions built within a single cloud or delivered as software overlays, Fabric Geo Zones enforces sovereignty at the network layer. Because it is enforced directly within the interconnection fabric itself, it delivers a level of control difficult for a single cloud or software overlay provider to match.

The expansion of Fabric Geo Zones is part of Equinix’s ongoing investment in reimagining networking for the AI era, following the launch of Fabric Intelligence and the Distributed AI Hub. Together, these capabilities provide customers with an adaptive, secure foundation for distributed AI and multicloud environments. Fabric Geo Zones is built on the Equinix Fabric industry-leading software-defined network spanning 77 metros worldwide, enabling customer-controlled data sovereignty at global scale. Reflecting the advanced compliance and control it delivers, Geo Zones is available at a premium tier—included in Unlimited Ports and Unlimited Ports Plus packages and priced at a premium to standard virtual circuits.

Fabric Geo Zones is built for workloads where compliance can’t be an afterthought. A European financial institution can run real‑time transactions across multiple clouds while ensuring customer data never leaves the EU, even when an outage triggers automatic rerouting across clouds. A healthcare organization can keep patient and AI inference data within defined jurisdictions across hybrid environments. A government agency can deploy sovereign AI with data confined to national or regional boundaries. A global company can automatically apply jurisdiction‑specific routing rules to meet GDPR, LGPD, APRA and other regional requirements across its operations. 

Fabric Geo Zones enables customers to: 

  • Keep sensitive data within approved jurisdictions
  • Reduce regulatory and jurisdictional risk from unintended cross-border routing
  • Accelerate deployments using Fabric Super Agent
  • Eliminate uncertainty during failover where outages reroute sensitive traffic

Fabric Geo Zones is available today in preview across Equinix’s global footprint, including Australia, Brazil, Canada, Japan, Switzerland, the U.K. and the U.S., with European Union availability to come in June. Equinix will be speaking about this at the International Telecoms Week conference panels on May 19: The quest for sovereign AI meets the edge-cloud infrastructure battle and Unleashing the 3 pillars of AI.”

Leave a comment »

Attackers are operationalizing an AI framework flaw almost immediately after disclosure

Posted in Commentary with tags on May 14, 2026 by itnerd

Attackers began targeting the PraisonAI vulnerability almost immediately after disclosure, showing how quickly threat actors are shifting toward AI frameworks and agentic tooling as viable attack surfaces. The speed of exploitation reflects a broader reality: many AI platforms are being deployed into enterprise environments before organizations fully understand their exposure, visibility gaps, or how these systems interact with sensitive internal infrastructure.

Gidi Cohen, CEO & Co-founder, Bonfy.AI

“Less than four hours after CVE-2026-44338 was disclosed, attackers were already probing PraisonAI’s unauthenticated agent endpoints. The patch is straightforward: upgrade to 4.6.34. But the harder question deserves attention.

PraisonAI is a multi-agent framework. When authentication is stripped away, what’s exposed isn’t just an endpoint; it’s every workflow those agents are configured to run, and every piece of sensitive data flowing through them. As Sysdig noted, “the impact ceiling is whatever that workflow is allowed to do.”

Most AI agent security conversations focus on configuration: what agents exist, what tools they can call, and whether auth controls are in place. Those questions matter. But they miss the data layer entirely, with sensitive content moving continuously between data sources, LLM providers, MCP servers, and output channels at runtime.

That’s where the real exposure lives. And right now, for most organizations, it’s almost entirely unexamined.

Patch immediately. Then ask: if an attacker had triggered your agent workflows before you patched, would you have known what data moved, and whether it should have?

All I have to say is welcome to our new reality where flaws are weaponized faster than they ever have before.

Leave a comment »

RegScale Emerges as Category Leader in AI-Driven Continuous Controls Monitoring

Posted in Commentary with tags on May 14, 2026 by itnerd

RegScale today announced record growth and market-defining momentum as enterprises and government agencies accelerate their shift away from manual, audit-driven GRC toward real-time, automated assurance.  

The company reported 300% revenue growth and 140% net revenue retention, powered by an oversubscribed $30+ million Series B led by Washington Harbour Partners with participation from M12 (Microsoft’s Venture Fund), Hitachi, Ankona, SYN Ventures, and others, bringing total funding to more than $50 million. RegScale customers consistently report achieving compliance certifications 90% faster and cutting audit preparation effort by 60%. 

Platform Leadership: AI Agents, Open Source, and Certification at Scale 

RegScale continued to accelerate its AI product, RegML, deploying purpose-built AI agents that continuously monitor and validate controls, automate evidence collection, analyze risk in real time, and trigger remediation without human intervention. RegScale’s AI leadership was independently validated when it was named 2025 Gartner® Cool Vendors™ with AI-Powered Technologies for Assurance Leaders, recognizing RegScale’s differentiated approach to AI-driven compliance at scale. The platform earned the CSA STAR “Valid-AI-ted” designation with a 97.7% score, and RegScale’s security credential portfolio now includes FedRAMP High Authorization and TX-RAMP.  

RegScale simultaneously launched and donated the OSCAL Hub to the open-source community, continuing to contribute to machine-readable compliance standards now being adopted across government and commercial sectors. 

Market Expansion: Enterprise, Federal, and Channel 

RegScale also moved into a new tier of Fortune 500 and large federal enterprise accounts. The GTM team expanded into new territories in North America and across Europe and deepened channel investment through a strategic partnership with Leidos. Channel momentum was further reinforced through the company’s partner ecosystem, anchored by relationships with GuidePoint, CALIBRE, Microsoft, and Carahsoft, among others. 

Leadership, Recognition, and the Road Ahead 

RegScale strengthened its leadership team this fiscal year, appointing Chad Woolf as Chief Product Officer to lead the company’s compliance and risk modernization agenda, alongside new product and go-to-market leaders across the organization. The company has grown by more than 30% in employee count and is proactively scaling its team to meet market demand. 

Industry recognition for RegScale’s category leadership reached new heights in FY26. Travis Howerton was named a Finalist in the prestigious 2026 EY Entrepreneur Of The Year Mid-Atlantic Awards and the company was named a CCM winner of numerous cybersecurity awards, solidifying its leadership in cyber GRC and CCM.  

Gartner projects that by 2028, 75% of all DevOps continuous compliance automation processes will leverage AI technology to drive efficiencies in auditing, reporting, validating, and remediating regulatory compliance. RegScale’s customers are not waiting for 2028. With AI agents already in production across Fortune 500 and federal environments, RegScale is the platform delivering on that future today.  

In FY27, the company will accelerate investment in DevSecOps, next-generation RegML agents, and real-time alignment with emerging frameworks like FedRAMP 20x and CMMC. With OSCAL adoption accelerating across government and financial services, RegScale is moving compliance from a business tax or revenue blocker to a continuous, intelligent layer of modern risk management for the CISO.  

Leave a comment »

New CalPhishing Campaign tied to EvilTokens uses ConsentFix

Posted in Commentary with tags on May 14, 2026 by itnerd

Fortra Intelligence and Research Experts (FIRE) have identified a new phishing campaign that is expanding beyond traditional email, using calendar invites (.ics files) to introduce malicious content into trusted workflows. FIRE link the activity to the EvilTokens phishing kit, combining ConsentFix (device code phishing) with calendar‑based delivery to capture Microsoft session tokens through legitimate authentication prompts.

Most notable about this campaign is the shift in delivery and persistence: the calendar entry remains visible and active even if the original email is removed, extending the window for user interaction. If the attack is executed successfully, the impact can be significant. Compromised tokens can enable account takeover, unauthorized access to cloud systems, lateral movement, and follow‑on phishing or infrastructure disruption, particularly if privileged accounts are involved.

The full report was just published here: https://www.fortra.com/blog/new-calendar-invite-phishing-campaign-ics-abuse-and-post-delivery-persistence

Leave a comment »

Ransomware playbook: “Special price” offers included in 45% of negotiations

Posted in Commentary with tags on May 14, 2026 by itnerd

The latest findings from NordStellar, a threat exposure management platform, reveal that the number of ransomware attacks in Q1 2026 remained high, with 2,283 recorded incidents. An analysis of leaked ransomware negotiation conversations uncovers tactics and tendencies used by ransomware actors. Key findings include:

  • In 76.8% of the conversations ransomware groups threatened to publish or leak the data.
  • They often use upselling practices, including special price offers (45.5%) and offers to purchase other services, like “security audits.
  • The median discount in ransomware payments is 57%, with the highest recorded discount reaching as high as 96.2%.

The full report for the analysis of leaked ransomware negotiation conversations can be found here: Ransomware negotiations report

Leave a comment »

Exclaimer adds UKG Ready integration

Posted in Commentary with tags on May 14, 2026 by itnerd

Exclaimer today announced the launch of its UKG Ready integration, expanding the company’s growing HRIS integration capabilities as organizations increasingly shift employee data ownership from IT-managed directories to HR systems of record.

According to SHRM’s 2025 State of the Workplace Report, fewer than half of HR professionals, just 43%, rate their organization’s HR technology as effective, with fragmented, poorly integrated systems cited as a leading barrier. Separate research from HR.com found that 81% of organizations experiencing poor HR system integration say it actively prevents them from achieving key HR goals. As a result, organizations are actively restructuring how employee data flows across their technology stacks, and HR systems are increasingly becoming the system of record.

As platforms like Workday and UKG Ready become the authoritative home for employee identity data, most communication tools, including email signature platforms, continue to rely on legacy Active Directory or Google Directory structures that HR teams do not own or control. This creates a persistent gap between where employee data lives and where it is applied.

Exclaimer is among the only email signature platforms building a dedicated, multi-system HRIS integration suite, and the only platform to offer UKG Ready connectivity alongside Workday. With the addition of UKG Ready, Exclaimer continues to expand one of the industry’s most comprehensive HR-focused integration strategies for email signature management, helping organizations automatically synchronize HR-managed employee data into email signatures and meeting themes.

Closing the gap between HR systems and employee communications

For many IT teams, keeping employee directories aligned with constantly changing HR data has become an ongoing operational burden. New hires, promotions, departmental changes, and employee departures often require manual updates across multiple systems to ensure communications remain accurate and compliant.

Exclaimer’s UKG Ready integration helps eliminate that gap by allowing organizations to automatically pull employee attributes from UKG Ready into Exclaimer through BindBee, its third-party data aggregation partner. When employee records are updated in UKG Ready, those changes automatically flow into email signatures and meeting themes (video call backgrounds and branding) without requiring manual intervention from IT teams or employees. Organizations retain control over which data fields are shared, with Exclaimer operating on a read-only basis to ensure data integrity and adherence to compliance requirements.

Reducing manual IT administration while improving governance

The integration also supports Exclaimer’s broader focus on centralized communications governance and automation.

Instead of relying on employees or IT administrators to manually manage signatures, organizations can automate signature updates directly from trusted HR systems, helping to reduce inconsistencies and improve operational control across the business.

For organizations using UKG Ready, the integration enables:

  • Automatic synchronization of HR-managed employee data into email signatures and meeting themes
  • Reduced manual administration for IT teams
  • Consistent employee information across outbound communications
  • Faster onboarding for new employees
  • Improved brand consistency and governance

The integration of UKG Ready follows Exclaimer’s recently announced Workday integration and forms part of the company’s continued investment in HR-driven employee data integrations.

Supporting the future of communications governance

As organizations manage increasingly fragmented communication environments, businesses are placing greater emphasis on automation, governance, and consistency across every digital touchpoint. Email remains one of the most business-critical communication channels, particularly for regulated industries where accuracy, auditability, and professionalism are essential.

By connecting trusted HR systems to employee communications, Exclaimer helps organizations maintain centralized control and ensure employee information remains accurate across all outbound interactions.

The UKG Ready integration is available now for Exclaimer Pro customers.

For more information, or to see Exclaimer’s Workday integration in action, visit exclaimer.com and start a free trial. For a full step-by-step walkthrough, visit the Exclaimer knowledge base.

About Exclaimer

Exclaimer is the global leader in email signature management for Microsoft 365 and Google Workspace. Its cloud platform enables organizations to centrally manage and automate email signatures and video meeting branding, ensuring consistent corporate identity, reducing brand and compliance risk, and meeting regulatory requirements across everyday business communications.

Built for IT and valued by Marketing and Compliance teams, Exclaimer eliminates manual updates, enforces brand governance, and gives organizations greater control over their most critical business communication channels.

Exclaimer is trusted by more than 9 million users across 75,000 organizations worldwide, including Sony, Mattel, Bank of America, NBC, the Government of Canada, the BBC, and the Academy Awards

Leave a comment »

AI Scraping puts World Cup, Olympics sports bettors & online sportsbooks at risk

Posted in Commentary with tags on May 14, 2026 by itnerd

Approov’s network monitoring and analysis has found that the World Cup will be the first major proving ground for AI-driven betting fraud, combining record-breaking volumes with high-speed AI tools.

Findings have just been published in “AI Scraping for Manipulation Makes Sports Betting Unfair – The World Cup is the Immediate Test, The LA28 Olympics are a Next Level.”

Indicators of upcoming activity were observed on the Approov Global Attestation Network.  For sportsbooks, this creates two problems that don’t get better with time:

  • Market distortion: Automated actors can move faster than human bettors, particularly in live‑in‑play and micro‑markets (such as first-scorer, goal/point totals, or player-specific props), which are expected to dominate World Cup betting.
  • Perception of unfairness: If regular users believe that bots and AI systems are always one step ahead, the sense of a “level playing field” collapses.

The analysis discusses a new generation of organized, AI-driven bad actors looking to fleece both bettors and betting platforms, with well‑resourced scrapers, arbitrageurs, and betting syndicates treating the World Cup as a high‑margin, high‑velocity data opportunity. It’s also a test lab for exploitation of other high-speed markets, real-time pricing-sensitive transactions, behavioral manipulation, API exploitation and consumer trust engineering.

Why does it all matter? Because when users believe that humans can’t compete, systems collapse.

More details here: https://approov.io/blog/threat-analysis-ai-scraping-for-manipulation-makes-sports-betting-unfair

Leave a comment »

« Older Entries