Archive for June 16, 2025

Westjet Pwned In An Ongoing Cyberattack

Posted in Commentary with tags on June 16, 2025 by itnerd

Canada’s number 2 airline Westjet is apparently dealing with a cyberattack. Bleeping Computer has the details:

“WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users,” reads a security advisory on WestJet’s site.

“We have activated specialized internal teams in cooperation with law enforcement and Transport Canada to investigate the matter and limit impacts.”

“We are expediting efforts to maintain the safety of our operation and safeguard sensitive data and personal information for both our guests and employees, and we apologize to all guests for any disruption to their access to WestJet’s services.”

The attack also prevented users from logging into the website and mobile app, with those services now restored.

Christian Geyer, founder and CEO of Actfore had this to say:

“In a cyberattack like the one affecting WestJet, time is everything. The ability to rapidly identify what was stolen, and who’s behind it, can make or break the company’s response. This is why aviation and critical infrastructure companies need a battle-tested response plan, with pre-identified trusted partners in the response.”

It will be interesting to see what Westjet says in regards to all of that. Because as I type this, Westjet has not given a whole lot of detail. But they will need to if anyone will trust them again.

Leave a comment »

DragonForce Threatens to Leak 830 GB of Strafford County NH Data 

Posted in Commentary with tags on June 16, 2025 by itnerd

This morning, ransomware gang DragonForce uploaded Strafford County, NH, to its data leak site, giving the US government entity just five days to meet its ransom demands before 830.03 GB of data is leaked.

In a blog post today, Rebecca Moody, Head of Data Research at Comparitech, commented:

“DragonForce gained notoriety this year after it attacked three UK retailers–Marks & Spencer, Co-op, and Harrods. Its attack on Marks & Spencer was particularly disruptive and is expected to cost the company around $400 million.”

“So far this year, DragonForce has claimed 66 attacks with eight of these being confirmed by the entity involved. Other DragonForce victims from previous years are still being confirmed, too, with one of the latest being IT services firm, GeoLogics Corporation. At the end of May 2025, it began notifying nearly 12,000 of a breach that stemmed from a cyber attack way back in December 2023. Here, DragonForce alleged to have stolen nearly 123 GB of data.”

“DragonForce operates a ransomware-as-a-service business whereby affiliates use its malware to encrypt systems and take a percentage of the ransom payments in return. Like most gangs today, DragonForce employs a double-extortion tactic where it demands two ransoms: one to decrypt systems and another to delete stolen data. Throughout 2025, we’ve tracked 30 confirmed attacks on US government entities and are monitoring a further 31 unconfirmed.”

One thing to keep in mind is that even if they pay the ransom, there’s zero guarantee that data will be deleted and said data won’t be leaked anyway. That’s why preventing the bad guys from getting to the point of holding your data for ransom is critical.

Leave a comment »

Zoomcar Gets Pwned… But At Least They Admitted To It Quickly

Posted in Commentary with tags on June 16, 2025 by itnerd

Zoomcar Holdings, a peer-to-peer car-sharing marketplace, has disclosed that unauthorized accessed its system led to a data breach impacting 8.4 million users.

On June 9, 2025, Zoomcar Holdings, Inc. (the “Company”) identified a cybersecurity incident involving unauthorized access to its information systems. The Company became aware of the incident after certain employees received external communications from a threat actor alleging unauthorized access to Company data. Upon discovery, the Company promptly activated its incident response plan.

Based on preliminary findings, the Company determined that an unauthorized third party accessed a limited dataset containing certain personal information of a subset of approximately 8.4 million users, including names, phone numbers, car registration numbers, personal addresses and email addresses associated with such users. At this time, there is no evidence that financial information, plaintext passwords, or other sensitive identifiers were compromised.

In response to the incident, the Company has taken immediate actions to contain the threat and enhance its security posture. These measures include implementing additional safeguards across the cloud and internal network, increasing system monitoring, and reviewing access controls. The Company is also engaging with third-party cybersecurity experts to further assist with the investigation. The Company has also notified the appropriate regulatory and law enforcement authorities and is cooperating fully with their inquiries.

To date, the incident has not resulted in any material disruption to the Company’s operations. However, the Company continues to evaluate the scope and potential impacts of the event, including legal, financial, and reputational considerations, as well as any associated remediation costs.

Paul Bischoff, Consumer Privacy Advocate at Comparitech

“Although this was a large breach, the information compromised does not pose a direct threat to victims’ accounts or finances. Victims should be on the lookout for targeted phishing messages and scams via text and email. Those messages might pretend to be from Zoomcar or a related company. Never click on links or attachments in unsolicited emails and texts.”

Chris Hauk, Consumer Privacy Champion at Pixel Privacy:

“First of all, bravo to Zoomcar for quickly alerting the public to the breach. Luckily, no credit card, debit card, or other financial information was exposed in the breach. However, Zoomcar customers do need to stay alert for any attempts to open new accounts in their name and to especially stay alert for phishing attempts where bad actors use the information they were able to obtain to pry more information from customers that can be used to breach accounts.”

Roger Grimes, Data-Driven Defense Evangelist at KnowBe4:

“Everyone’s information, including the information taken by the Zoomcar theft, has been stolen multiple times over the years. I’m not sure how valuable it is to cybercriminals in either use or in selling, but the top risk scenario is some sort of phishing scam where someone fraudulently posing as Zoomcar tries to use the potential victim’s relationship with Zoomcar as a means to further compromise the victim. And for sure, scammers with information like that are more likely to be successful than with just sending out a generic phish with no “insider information.” Zoomcar customers need to pay attention to the breach announcement and use increased caution anytime someone supposedly from Zoomcar reaches out to them. History is replete with previous examples of compromised information being used to successfully phish the involved customers at a later date.”

Another day, another breach that may affect millions. Welcome to the new normal where some company getting pwned will result eventually in something bad happening to you. That’s not good and seriously needs to change.

But at least Zoomcar admitted to it quickly….. I guess.

Leave a comment »

Journalists From The Washington Post Have Had Their Email Accounts Hacked

Posted in Commentary with tags on June 16, 2025 by itnerd

It is being reported that a cyberattack on the Washington Post compromised the email accounts of several journalists and was potentially the work of a foreign government

Bleeping Computer has more details: Washington Post’s email system hacked, journalists’ accounts compromised

Roger Grimes, data-driven defense evangelist at cybersecurity company KnowBe4, commented:

 “Attacks against journalists are a serious problem. In most cases, the journalist has to click on a rogue link and somehow get tricked into running the malware. However, there are many commercial surveillance vendors (CSVs) with many zero-days that require zero clicks by the targeted journalist. This is a very serious problem and the cybersecurity world is trying to come to grips with how to treat CSVs who create and deploy zero-click zero-days. It’s a real problem that our industry is just starting to try and grapple with. It’s not helped when different governments, even our own government and its allies, also use these services. When they do, it’s harder to say do as I say but not as I do.”

I have the feeling that this will not be the last time that we will see a headline like this. Threat actors, especially nation state backed threat actors will see this as open season on journalists and you’ll see other high profile journalists, who are already targets for hacks, targeted even more.

UPDATE: Paul Bischoff, Consumer Privacy Advocate at Comparitech had this to say: 

“Unauthorized access to reporters’ emails could put journalists and their sources at risk. It could also allow attackers to hack into other accounts registered to the email address. I hope the Washington Post works as quickly as possible to notify sources and other data subjects who might be affected so they can take steps to protect themselves.”

Chris Hauk, Consumer Privacy Champion at Pixel Privacy follows with this:

“Currently, it appears that only emails were compromised. HOWEVER, MANY Microsoft accounts also use OneDrive cloud storage, which usually use the same credentials, so we could find out that files stored in the cloud could also have been compromised. Luckily, the Post employees use Slack in place of email to communicate, as well as the encrypted Signal for messaging. Hopefully this has also helped keep the damage minimal.”

1 Comment »

#PSA: Apple Has a Repair Program For The 2023 Mac Mini

Posted in Commentary with tags on June 16, 2025 by itnerd

Owners of the 2023 Mac Mini might be eligible for a repair program that Apple started up. This program is supposed to cover a “no power on” issue with the Mac. And as usual, Apple claims that only a small number of Macs are affected by this. You’ll excuse me if I am dubious of that because affected Macs were manufactured between June 16, 2024 to November 23, 2024. Given how popular that Mac is, it is highly unlikely that the number of affected units is small.

In any case, if you own one of these Macs, you should go to this website and see if your serial number is affected. If it is, then this same website will direct you as to what you need to do next. I checked my Mac Mini and found that it wasn’t affected. But you should check yours to make sure that you’re not affected. Because this is a program that will only last three years, and you should want to get this addressed sooner rather than later.

Leave a comment »

Nelson Education launches Edwin Academy, providing educators with a one-stop shop for teaching resources, help and 24/7 support

Posted in Commentary with tags on June 16, 2025 by itnerd

As teachers across Canada are having to do more with less and bear more responsibilities in and outside of the classroom, they need vetted and curriculum-aligned resources so they can build their lesson plans to accommodate individualized education needs of students. When trusted resources are readily available, teachers can focus on helping students succeed by making learning more engaging and effective.

After extensive consultation with educators in the last six months, Nelson, Canada’s leading education content provider and creator of Edwin, a digital learning platform, today launched the Edwin Academy where teachers can not only access classroom resources, but also training and just-in-time support. The Academy is designed to empower educators, curriculum leads and administrators with the tools they need to succeed when they use Edwin. It helps educators with common teaching and learning challenges, whether they’re integrating Edwin into lessons, supporting teachers in schools, or scaling professional learning across a district. While resources are available to all Edwin users, the Edwin Academy is available to all teachers.

Additionally, parents can now access the same engaging educational resources to be used at home to complement and support their children’s learning journey.

A centralized resource hub, Edwin Academy contains the following:

Free Monthly Live Lessons

  • These monthly live lessons for teachers and students include skill-building workshops, subject-specific walkthroughs, and sessions aligned with key instructional practices. In 2024/2025, Nelson hosted Truth and Reconciliation: Then, Now, Tomorrow; Let’s Code for Hour of Code; Building Equitable and Inclusive Classrooms (during Black History Month); The impact of ecological footprints on global environmental challenges (for Earth Month); among others.
  • In the 2024-2025 school year, Nelson has seen a 593 per cent increase in Live Lesson attendance by teachers. So far, almost a thousand teachers with 23,600 students attended these live lessons in the 2024/2025 school year.
  • Some upcoming lessons in June and July include Plan Along for National Indigenous Peoples Day (June 17) and Practical Strategies for Complex Classrooms

Downloadable Resources

  • This includes sample lesson plans for English/Language, Mathematics, Science, Social Studies and other topics, real-world examples and resources for strategy supports

On-demand Learning

  • This includes quick tips and how-to videos for a wide range of subjects as well as recordings of teacher professional development (PD) sessions.
  • Educators and parents can access these resources any time.
  • The most requested topics are support for effective math and literacy instruction, and strategies to support mutli-leveled learners to address classroom complexity.

Plus:

  • Resources for Parents
  • Help Articles and Support

Some quick facts about Edwin:

In a national survey conducted in January 2024, teachers reported saving almost one hour per week in lesson planning, finding resources and creating assessments by using Edwin, an equivalent of one prep period per week or one full week a year. They gave an A or A+ to Edwin’s subject content, classroom success and support

The most popular Edwin content accessed in the 2024/2025 include:

  • Black Legacy and Leadership
  • Toward Reconciliation
  • Digital Citizenship

The most accessed subject by educators: Mathematics; the most access resources include the following:

  • Common Factors and Multiples
  • Exponents
  • Algebraic Expressions
  • Fractions

As of the 2024/2025 school year, more than 500,000 teachers have used Edwin in Canada.

According to a national survey conducted by Nelson in 2021, 98 per cent of students reported improved school experience while using EdwinThere’s a 45 per cent increase in active users in Edwin in the 2024/2025 school year compared to last school year.

Edwin has seen a 50 per cent and 52 per cent growth in Ontario and Alberta respectively compared to the last school year. 

At the end of September 2024, Nelson had already seen an 89 per cent increase in the number of teachers trained on Edwin at the end of the first week of school this year compared to last year.

For more information on Edwin Academy, visit https://www.edwin.app/edwin-academy.  

Leave a comment »

170K+ Records Exposed on Real Estate Investment and Management Breach

Posted in Commentary with tags on June 16, 2025 by itnerd

Recently, cybersecurity researcher Jeremiah Fowler discovered and reported to WebsitePlanet a non-password-protected database, presumably belonging to a real estate investment and management company, containing 170,360 records with a total size of 116.24 GB.

What happened:
The database was left unsecured without encryption or password protection. A sample review revealed hotel employees’ PII, including names, physical addresses, email addresses, DOB, SSN and more.

Why it matters:
This type of data exposure significantly increases the risk of identity theft, tax or credit fraud, unauthorized access to personal financial accounts and more. 

Read the full report here: https://www.websiteplanet.com/news/incomeproperty-breach-report/

Leave a comment »

Deepgram Launches Voice Agent API

Posted in Commentary with tags on June 16, 2025 by itnerd

Deepgram today announced the general availability (GA) of its Voice Agent API, a single, unified voice-to-voice interface that gives developers full control to build context-aware voice agents that power natural, responsive conversations. Combining speech-to-texttext-to-speech, and large language model (LLM) orchestration with contextualized conversational logic into a unified architecture, the Voice Agent API gives developers the choice of using Deepgram’s fully integrated stack (leveraging industry-leading Nova-3 STT and Aura-2 TTS models) or bringing their own LLM and TTS models. It delivers the simplicity developers love and the controllability enterprises need to deploy real-time, intelligent voice agents at scale. Today, companies like Aircall, Jack in the Box, StreamIt, and OpenPhone are building voice agents with Deepgram to save costs, reduce wait times, and increase customer loyalty.

In today’s market, teams building voice agents are often forced to choose between two extremes: rigid, low-code platforms that lack customization, or DIY toolchains that require stitching together STT, TTS, and LLMs with significant engineering effort. Deepgram’s Voice Agent API eliminates this tradeoff by providing a unified API that simplifies development without sacrificing control. Developers can build faster with less complexity, while enterprises retain full control over orchestration, deployment, and model behavior, without compromising on performance or reliability.

Developer Simplicity and Faster Time to Market

For teams taking the DIY route, the challenge isn’t just connecting models but also building and operating the entire runtime layer that makes real-time conversations work. Teams must manage live audio streaming, accurately detect when a user has finished speaking, coordinate model responses, handle mid-sentence interruptions, and maintain a natural conversational cadence. While some platforms offer partial orchestration features, most APIs do not provide a fully integrated runtime. As a result, developers are often left to manage streaming, session state, and coordination logic across fragmented services, which adds complexity and delays time to production.

Deepgram’s Voice Agent API removes this burden by providing a single, unified API that integrates speech-to-text, LLM reasoning, and text-to-speech with built-in support for real-time conversational dynamics. Capabilities such as barge-in handling and turn-taking prediction are model-driven and managed natively within the platform. This eliminates the need to stitch together multiple vendors or maintain custom orchestration, enabling faster prototyping, reduced complexity, and more time focused on building high-quality experiences.

In addition to the Voice Agent API, organizations seeking broader integrations can leverage Deepgram’s extensive partner ecosystem, including Kore.ai, OneReach.ai, Twilio and others, to access comprehensive conversational AI solutions and services powered by Deepgram APIs.  

Maximum Control and Flexibility

While the Voice Agent API streamlines development, it also gives teams deep control over performance, behavior, and scalability in production. Built on Deepgram’s Enterprise Runtime and full model ownership across the entire voice AI stack, the platform enables model-level optimization at every layer of the interaction loop. This allows for precise tuning of latency, barge-in handling, turn-taking, and domain-specific behavior in ways not possible with disconnected components.

Key capabilities include:

  • Flexible Deployment: Run the complete voice stack in cloud, VPC, or on-prem environments to meet enterprise requirements for security, compliance, and performance.
  • Runtime-Level Orchestration: Deepgram’s runtime supports mid-session control, real-time prompt updates, model switching, and event-driven signaling to adapt agent behavior dynamically.
  • Bring-Your-Own Models: Teams can integrate their own LLMs or TTS systems while retaining Deepgram’s orchestration, streaming pipeline, and real-time responsiveness.

This tightly coordinated design translates directly into measurable performance gains. In recent benchmark testing using the Voice Agent Quality Index (VAQI), Deepgram achieved the highest overall score among all evaluated providers (see Figure 1). VAQI is a composite benchmark that measures the core elements of voice agent quality: latency (how quickly the agent responds), interruption rate (how often it cuts users off), and response coverage (how often it misses valid input).

Deepgram outperformed OpenAI by 6.4% and ElevenLabs by 29.3%, reflecting the advantage of its integrated architecture and model-driven turn-taking. The result is smooth, responsive conversations without missed inputs, premature responses, or unnatural delays.

Cost-Effectiveness at Scale

In addition to control and performance, the Voice Agent API is built for cost efficiency across large-scale deployments. When teams run entirely on Deepgram’s vertically integrated stack, pricing is fully consolidated at a flat rate of $4.50 per hour (see Figure 2). This provides predictable, all-in-one billing that simplifies planning and scales with usage. Deepgram’s vertically integrated runtime also delivers unmatched compute efficiency, optimizing every stage of the speech pipeline to minimize infrastructure costs while maintaining real-time responsiveness.

For teams that bring their own LLM or TTS models, Deepgram offers built-in rate reductions, enabling even lower total cost of ownership for production-scale deployments.

Start Building with the Voice Agent API

Experience how fast and flexible voice agents can be with Deepgram’s unified voice-to-voice API. Explore the API in our interactive playground, review documentation, or integrate in minutes using our SDK. New users receive $200 in free credits, enough to process over 40 hours of real-time voice agent usage. Start building natural, responsive conversations with infrastructure built for real-time performance and enterprise-scale.

Additional Resources:

  • Explore the blog for an in-depth breakdown of Voice Agent API’s capabilities
  • Watch a fun demo of Deepgram’s voice agent API
  • Try Deepgram’s interactive demo
  • Get $200 in free credits and try Deepgram for yourself

Leave a comment »