Archive for May 27, 2025

Outpost24 Named an Overall Leader in 2025 KuppingerCole Leadership Compass Report for Attack Surface Management

Posted in Commentary with tags on May 27, 2025 by itnerd

Outpost24 today announced it has been recognized as an Overall Leader in the 2025 KuppingerCole Leadership Compass Report for Attack Surface Management and is the only European vendor named as an Overall Leader in the report. The company was also named a leader in the Product and Market categories. Outpost24 has quickly moved up from its previous position as “Challenger” in 2023 to the Overall Leader category in 2025.

The KuppingerCole Leadership Compass Report provides an overview of the Attack Surface Management market and guides organizations to find the solution that best meets their needs. They examine the market segment, vendor service functionality, and innovative approaches to providing Attack Surface Management solutions.

According to the report, the modern attack surface has expanded significantly due to the use of cloud services, mobile devices, APIs, Internet of Things (IoT) devices, supply chains, and remote work practices. This expansion introduces new endpoints and potential vulnerabilities and makes organizations more susceptible to cyber threats. Implementing Attack Surface Management (ASM) solutions enables organizations to identify potential vulnerabilities, assess the effectiveness of their cybersecurity systems, and strengthen their security posture accordingly. A proactive approach to cybersecurity has become an essential requirement for organizations, as cyber threats continue to evolve in complexity and frequency.

Outpost24 key features selected by KuppingerCole are:

  • Detects websites and applications that are without GDPR-compliant cookie consent practices. (Distinguishing feature)
  • Strong M&A risk analysis capabilities
  • Easy licensing which includes unlimited assets and users per organization
  • Contributing member of the Cyber Threat Alliance
  • Pen testing availability as a service
  • Proprietary risk-scoring framework
  • Supported MITRE ATT&CK mapping

Outpost24’s cloud-based External Attack Surface Management (EASM) platform helps organizations identify, protect and monitor their external attack surface and improve their cyber resilience. Outpost24 offers automatic data gathering, enrichment, and AI-driven analysis modules that analyze all known and unknown internet-facing assets for vulnerabilities and attack paths to then offer simple, effective remediation actions to close any security gaps.

“We are honored to be named an Overall Leader in the 2025 KuppingerCole Leadership Compass Report for Attack Surface Management,” said Ido Erlichman, CEO of Outpost24. “As the modern attack surface continues to expand, organizations must take a proactive approach to protecting themselves by understanding their specific attack surface and identifying any potential vulnerabilities. Our ASM solutions, including recently launched Outpost24 CyberFlex, provide a comprehensive view of internal and external attack surfaces to identify unknown assets, close security gaps, prioritize risk mitigation and holistically protect organizations.”

To download a complimentary copy of the 2025 KuppingerCole Leadership Compass Report, please visit this link.

Outpost24 offers industry-leading Attack Surface Management solutions that keep security teams one step ahead of emerging threats. They help thousands of organizations around the world to identify, protect, and monitor digital risks before they can be exploited. Outpost24 was founded in 2001 and is headquartered in Sweden, with offices in the US, UK, France, Belgium, and Spain.  Visit https://outpost24.com/ for more information.

Leave a comment »

New KnowBe4 Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

Posted in Commentary with tags on May 27, 2025 by itnerd

KnowBe4 today released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints.

The data reveals that despite being the third most-targeted sector by ransomware in 2023, over 80% of SLTT organizations operate with fewer than five employees dedicated to cybersecurity. This staffing shortage coincides with a dramatic increase in cyberattacks, as evidenced by a 313% rise in security incidents reported in the MS-ISAC’s 2022 survey. The situation is worsened by the recent cut of $10 million in federal funding for the Center for Internet Security (CIS), which supports crucial information sharing networks for government agencies.

Human error, often exploited through social engineering, remains the most common entry point for cyberattacks in 70-90% of cases. The limited staffing and resources highlight the need for cost-effective and low-maintenance tools to support government entities. KnowBe4’s 2025 Phishing by Industry Benchmarking Report found that a year of security awareness training can reduce an organization’s phishing susceptibility from approximately 33.1% to just 4.1% after one year of implementation. These findings underscore that effective human risk management offers resource-constrained organizations a powerful and affordable defense against the rising tide of cyberthreats.

Key findings from the report:

  • 70% of surveyed SLTT organizations cite lack of sufficient funding as their top security concern
  • More than 80% of government organizations operate with fewer than five dedicated cybersecurity employees.
  • Average ransom per attack reached $872,656 between 2018 and December 2024, with total costs exceeding $1.09 billion.
  • Security awareness training reduced phishing susceptibility from approximately 33.1% to just 4.1% after one year.

To download the “State and Local Cybersecurity: Facing New Burdens Amid Rising Threats” report, visit here.

Leave a comment »

TELUS investing $70 billion in Canada through 2029 

Posted in Commentary with tags on May 27, 2025 by itnerd

TELUS has announced that it is investing more than $70 billion over the next five years to expand and enhance its network infrastructure and operations across Canada. As the country navigates a challenging economic environment and seeks to attract more investment to stimulate growth, this commitment to Canada’s future will help fuel homegrown innovation and support the prosperity of urban and rural communities. This investment builds on an impressive track record, with TELUS investing more than $276 billion since 2000 to boost productivity and support a robust national economy.

Now through 2029 in Canada, TELUS is:

  • Bringing TELUS PureFibre connectivity to homes and businesses across B.C., Alberta, Quebec and Ontario, driving job creation, accelerating innovation and fueling productivity
  • Deploying targeted enhancements to our 5G and LTE services at more than 500 macro and micro sites nationwide this year, significantly increasing wireless coverage and capacity to meet the evolving needs of our customers and communities, now and in the future
  • Addressing the increasing demand for affordable rental housing by redeveloping our central office buildings into TELUS Living initiatives as part of our world-leading copper retirement program. Advancing the journey to net-zero, TELUS continues to support the circular economy by reclaiming and repurposing legacy copper networks, helping meet Canada’s need for this important resource. To date, they have mined more than 4,600 tonnes of copper from their network and enabled a reduction of 9,300 tonnes of GHG emissions – equal to removing nearly 2,000 cars from roads for a year
  • Launching two Sovereign AI Factories in Kamloops and Rimouski. These secure facilities provide Canadian businesses and researchers access to cutting-edge technology, ensuring every piece of data, computation and breakthrough created will remain within Canadian borders
  • Deepening their commitment to rural and Indigenous connectivity by expanding TELUS’ advanced broadband networks to an additional 20 Indigenous lands and 53 rural communities through 2026, on top of the 637 Indigenous lands and 530 rural communities that are already connected to their networks
  • Further bridging digital divides through TELUS Internet, Mobility, Tech and Health for Good, as well as TELUS Wise. Since inception, these initiatives have enhanced access to connectivity and healthcare for 1.4 million people across Canada, while helping them remain safe in the digital world
  • Supporting local youth-focused charities, community partners and projects across Canada and around the world by granting more than $138 million in cash donations since 2005 through the TELUS Friendly Future Foundation and TELUS Community Boards to enable health and education programming
  • Building healthier workplaces and communities through TELUS Health by increasing access to health and well-being solutions, caring for or supporting someone every 10 seconds in Canada and across the globe, in collaboration with innovative Canadian organizations such as McMillan LLP, Canadian Men’s Health Foundation and Clinia
  • Reducing inefficiencies in food and consumer goods production, distribution and consumption through digital tools and data insights provided by TELUS Agriculture & Consumer Goods, improving supply chain connectivity, sustainability, efficiency and traceability
  • Fostering community connection through strategic partnerships with leading sports organizations (Canada Soccer, Canadian Premier League, Vancouver Rise, Vancouver Whitecaps FC, CF Montreal, Canadian Football League, Calgary Flames, Hockey Canada), resorts (Whistler Blackcomb, Resorts of the Canadian Rockies, Mont Tremblant), and cultural and educational venues (MTELUS, Vancouver Symphony Orchestra, Science Centres in Toronto, Montreal, Edmonton and Calgary), while delivering free sports programs and scholarships to over 14,000 youth across Canada, including 15 remote and Indigenous communities

Additionally since 2000, TELUS, team members and retirees have provided $1.8 billion in cash, in-kind contributions, time and programs, including 2.4 million days of volunteerism to communities in Canada and around the world. 

These investments are consistent with TELUS’ capital expenditure guidance for 2025 as disclosed in the company’s fourth quarter 2024 results and 2025 targets news release dated February 12, 2025 and in the company’s first quarter 2025 results news release dated May 9, 2025.

TELUS also embraces tax morality as a means of further investing in our communities. Since 2000, TELUS has paid approximately $61 billion in total tax and spectrum remittances to federal, provincial and municipal governments across Canada, consisting of corporate income taxes, sales taxes, property taxes, employer portion of payroll taxes, various regulatory fees and spectrum remittances, including more than $2.3 billion in taxes in 2024 alone. These funds support public works projects, education, healthcare, cultural pursuits and other initiatives that improve the social and economic well-being of communities.

Leave a comment »

5 out of 10 leading AI LLM providers have experienced data breaches

Posted in Commentary with tags on May 27, 2025 by itnerd

Cybernews researchers evaluated the cybersecurity postures of the top 10 large language model (LLM) providers—including OpenAI, Claude, Perplexity, and DeepSeek — and discovered that half had suffered data breaches, with one breach occurring just nine days before the audit.

The Cybernews Business Digital Index, which evaluates companies based on key cybersecurity criteria, also revealed that all providers had vulnerabilities in their SSL/TLS configurations, and several faced widespread issues in system hosting, credential hygiene, and password reuse.

Additionally, nearly half of sensitive AI prompts are submitted via personal accounts, bypassing official company channels and potentially exposing corporate data without oversight — a growing risk as LLM tools become standard in the workplace.

Key research takeaways:

  • 50% of the top LLM providers have experienced data breaches, including OpenAI (1,140 incidents) and Perplexity AI (190 credentials leaked just 13 days before the audit).
  • All providers had SSL/TLS configuration issues, exposing them to potential man-in-the-middle attacks and data interception.
  • Credential reuse was widespread — 35% of Perplexity AI employees and 33% of EleutherAI reused breached passwords.
  • System hosting vulnerabilities were found in 8 out of 10 providers. Only AI21 Labs and Anthropic avoided major issues in this area.
  • The average cybersecurity score across all providers was 88/100 — but scores ranged widely, with Inflection AI receiving an F.
  • U.S. and Israeli providers generally scored higher than Chinese providers—none of the Chinese companies rated above a C.
  • The growing use of personal accounts to interact with LLMs increases the risk of unmanaged data exposure.

To read the full research, please click here.

Research Methodology

For this study, Cybernews researchers analyzed 10 popular LLM providers. The report evaluates cybersecurity risk across seven key dimensions: software patching, web application security, email protection, system reputation, hosting infrastructure, SSL/TLS configuration, and data breach history.

The report’s Methodology can be found here. It provides detailed information on how researchers conducted this analysis.

Leave a comment »