Archive for June 17, 2025

Critical Zyxel Vulnerability Is Being Actively Exploited

Posted in Commentary with tags on June 17, 2025 by itnerd

On June 16, researchers observed concentrated burst of exploit attempts within a short time window targeting CVE-2023-28771 — a remote code execution vulnerability affecting Zyxel Internet Key Exchange (IKE) packet decoders over UDP port 500.

The researchers also identified indicators consistent with Mirai botnet variants. More details can be found here: https://www.greynoise.io/blog/exploit-attempts-targeting-zyxel-cve-2023-28771

Martin Jartelius, CISO at cybersecurity company Outpost24, commented:

“This was added to the CISA Known Exploited vulnerabilities list on May 31, 2023 requiring agencies to have it resolved before June 21 that same year. The activity observed appears to be Mirai botnet activity.

As the vulnerability has been extensively targeted before, for someone to fall victim now, they would have had to obtain a vulnerable device, deploy it without updates, and expose it to the internet, even though it’s in a known vulnerable state. One would almost say that the chain of incompetence needed to be victimized at this point is borderline impressive, but of course it can happen. This, however, is not the vulnerability we should all wake up and worry about today. In fact, if you were worried about it, you would have fixed it years ago.”

Though I shouldn’t be shocked, I am often shocked by what people would do. Such as taking a known to be vulnerable piece of networking gear, expose it to the Internet and hope for the best. It’s bad enough that there are bad guys out there who are out to get you. But it is worse when you make it easy for them to pwn you.

Leave a comment »

VR Headsets Identify Users 94% Of The Time: vpnMentor

Posted in Commentary with tags on June 17, 2025 by itnerd

New research from vpnMentor reveals: VR headsets can identify users with 94% accuracy in under two minutes—using only motion data.

Key findings:

  • 94% accuracy. Users can be uniquely identified after 100 seconds of head and hand movement—comparable to fingerprints.
  • Biometric and voice data. 60% of VR companies collect biometric data (including Apple, Microsoft); 66% record audio/voice.
  • Data leaders: Qualcomm collects all 16 tracked data categories (most of any company); Pico and Varjo follow close behind.
  • Legal gaps. 70% of Oculus apps have undisclosed or inconsistent data practices; current privacy laws don’t fully cover real-time VR tracking.
  • Cross-border risks. Companies routinely transfer user data—including sensitive biometrics—outside users’ home countries.

The full report, with rankings and data by company can be found here:
https://www.vpnmentor.com/blog/vr-data-collection-research/

Leave a comment »

Quorum Cyber Hosts Live Webinar on NodeSnake Remote Access Trojan Malware

Posted in Commentary with tags on June 17, 2025 by itnerd

 Quorum Cyber will host a live webinar on Tuesday, June 24th, 2025, at 11 AM EDT / 4 PM BST. The 45-minute webinar, which will include a live Q&A session with Quorum Cyber’s Threat Intelligence team members who discovered NodeSnake, will cover their latest findings on the Remote Access Trojan (RAT) variant and malware strain strongly linked to the Interlock ransomware group. RAT and malware strains have been used to compromise the higher education sector and are believed to be targeting the public sector as well. Attendees may register for NodeSnake Explained: How to Detect and Defend Against It at https://bit.ly/4kBMn7g.

Attendees will leave the webinar equipped to defend themselves from NodeSnake and Interlock. They will have the opportunity to ask Quorum Cyber’s experts – Principal Incident Responder Mark Cunningham-Dickie and Threat Intelligence Analyst Michael Forrest –  questions to: 

  • Gain valuable insights into NodeSnake and Interlock.
  • Understand how to protect their IT estate from the malware and threat actor. 
  • Learn how to strengthen their cybersecurity posture and cyber resilience.

Can’t attend the webinar? 

Access additional valuable content:

Leave a comment »

Nine out of 10 Canadian businesses believe connectivity is key to advancing innovation and competitiveness

Posted in Commentary with tags on June 17, 2025 by itnerd

Ericsson today announced the findings of its annual State of Enterprise Connectivity report for Canada, which finds that while connectivity is vital to increase innovation and to enable companies to be competitive, challenges such as cost are hindering its progression in the country. The report underscores the need for business investment in advanced network infrastructure to help drive efficiency and to position Canada as a world-class leader in innovation.

According to those surveyed, organizations in Canada are facing an unpredictable business environment. Investing in technology such as AI and IoT can help them navigate this with improved productivity and processes. However, strong, reliable connectivity is needed to support these efforts.

As in previous years, the 2025 Censuswide research indicates unreliable connectivity is a main area of concern for respondents, with downtime directly affecting their business. As some Canadian businesses have recently experienced, unforeseen challenges including weather-related issues, carrier/service provider issues and networking configuration errors can cause network downtime. For organizations that rely on technology for their day-to-day business, outages can be costly and debilitating. The survey found the main impacts of unreliable connectivity over the last 12 months include higher operational costs (46 percent), operational inefficiencies (45 percent) and an increase in waste (31 percent).

Furthermore, as more than half of Canadian companies (56 percent) are enforcing people to be in the office more in 2025 — 42 percent of respondents said they are already fully office-based — the top factor Canadian businesses consider to encourage workers back to the office is to improve office connectivity (56 percent). Just one in five Canadian companies (19 percent) reported they are fully remote.

Reliable, affordable connectivity needed to position Canada as a world-class leader

The annual survey of over 500 respondents across various industries in Canada found the majority (90 percent) of Canadian businesses agree that more secure, reliable and high performing networks such as 5G will help to position the country as a world class industrial and technology leader. Additionally, the survey found 5G connectivity will play an important role in advancing the competitiveness of Canadian businesses.

  • 46 percent believe 5G will improve bandwidth
  • 44 percent say it will be a key enabler for the development of IoT, AI and other technological applications
  • 43 percent indicated it will improve security

Six out of 10 respondents said affordable connectivity across the country will support Canadians to realize the benefits of a digital transformation. More than half (52 percent) of those surveyed believe that investment by the private sector in infrastructure for high-speed and high-capacity wireless and wireline technologies will support this, and 49 percent cited access to connectivity for all Canadians. According to the report, key investment areas that should be made for private and public Canadian organizations to address the advancement of connectivity include:

  • Improved reliability of communication networks (48 percent – a 21 percent increase compared to 2024)
  • Faster roll-out of 5G/advanced wireless networks to rural areas (47 percent – a 24 percent increase compared to 2024)
  • Stronger security (45 percent)

Connectivity needed to unlock the true power of AI

Many Canadian companies are already leveraging 5G to maximize their business for production efficiency (68 percent), customer experience (62 percent), enhancing scalability (57 percent) and reliability/resilience (56 percent).

Respondents indicated they also believe that 5G connectivity and next-generation technologies, such as AI, have a symbiotic relationship. For example, nearly 85 percent of respondents said AI helps improve their network performance by automating analysis and reducing the manual workload on their IT team. Almost nine of 10 (87 percent) also agree that 5G is critical to optimizing the use of AI within the workplace.

Another area of growth is the implementation of IoT devices, which can help increase productivity, reduce worker burnout, and improve safety. Looking ahead over the next 12 months, the top connected IoT devices planned for implementation by Canadian businesses include predictive maintenance (46 percent); sensors (41 percent); digital signage (41 percent); and cameras (39 percent).

Improving productivity through innovation

There are, however, factors businesses believe are hindering the progression of connectivity in Canada, with nearly half (47 percent) citing the cost of services from network-operating telecoms/providers as the biggest issue. Forty-three (43) percent of those surveyed said complex and lengthy permitting processes for deploying connectivity infrastructure are affecting progression, while 38 percent said strict data protection rules across Canada, such as Law 25 in Quebec and Ontario’s Bill 194, are also a hindrance.

For more insights, read the full report here.

Leave a comment »

Telecom and TV providers urged to better inform customers about the CCTS

Posted in Commentary with tags on June 17, 2025 by itnerd

A new report from the Commission for Complaints for Telecom-television Services (CCTS) reveals how well service providers have fulfilled their obligations to remain in good standing with the CCTS, Canada’s national telecom and TV industry ombuds. The 2024 Compliance Report Cards summarize providers’ compliance with specific requirements that include informing their customers about the CCTS’ free and impartial service, following the rules of CCTS’ complaint-handling process, paying required fees, and sharing necessary financial information with the CCTS.

The Canadian Radio-television and Telecommunications Commission (CRTC) requires all Canadian telecom and licensed TV service providers to participate in the CCTS and to comply with all CCTS requirements. The CRTC recently reminded the industry about its responsibility to inform customers that the CCTS can help resolve issues, and expressed concern that Canadians are not being made aware of the CCTS effectively.

Highlights of the CCTS Compliance Report Cards:

28% of audited service providers had no information about the CCTS on their websites. The CCTS engaged with these providers to make their websites compliant with the requirements. The report cards also noted that 43% of audited provider websites with a search function did not return search results for the CCTS, down from 52% of audited providers last year. All service providers the CCTS had previously flagged for repeated non-compliance with the search function requirement were compliant this year.

Service providers must not penalize or charge a customer fees for submitting a complaint. The report cards confirm one case in which a service provider threatened to remove a bill credit because the customer filed a CCTS complaint. The CCTS treats cases of a service provider making threats or taking action to impair a customer’s right to submit a complaint to the CCTS as instances of major non-compliance. We worked quickly to inform the service provider that its actions were not allowed and the provider agreed not to remove the credit.

Better follow-through needed on complaint resolutions and Investigation Findings: The CCTS’ Mid-Year Report indicated that the CCTS resolved or issued Investigation Findings in over 10,000 complaints from August 1, 2024 to January 31, 2025. During that six-month period, the CCTS confirmed nine instances of service providers failing to implement resolutions to which they had agreed, or to implement remedies the CCTS required in an Investigation Finding. In all cases, the CCTS worked with these providers to fix the issues and ensure the customers obtained the required remedies.

The CCTS regularly engages with and educates phone, TV and internet service providers about their obligations. To help support provider compliance with the rules, the CCTS has provided many resources that explain and provide guidance on how to adhere to these requirements.

Leave a comment »

Cybercriminals Using AI to Bypass Security Controls in New Attack Methodology Says Fortra

Posted in Commentary with tags on June 17, 2025 by itnerd

Fortra researchers have uncovered an evolution in social engineering that creates entirely fabricated email conversations mimicking internal communications and workflows – believed to be the work of AI. These attacks are targeting employees with fraudulent invoices and are capable of bypassing signature detection, URL filtering, and sandboxing completely.

Key highlights:

  • Unlike email thread hijacking, attackers are presumed to be using AI to generate 100% fabricated threads generated from information gathered on the open web.
  • These attacks exploit the gap between technical filters and human judgment, circumventing controls and leaving no technical footprint for security tools to analyze.

The report can be accessed here: When Yesterday’s Emails Never Happened: The Conversation Hijacking Attack | Fortra 

Leave a comment »

Commvault Announces Partnership with Kyndryl 

Posted in Commentary with tags on June 17, 2025 by itnerd

Commvault today announced a partnership with Kyndryl to help customers recover faster, advance cyber resilience, and navigate the evolving regulatory landscape.  

The collaboration with Commvault will augment Kyndryl’s portfolio of cyber resiliency services, which encompasses Incident Recovery Services, including Cyber Incident Recovery, Managed Backup Services, and Hybrid Platform Recovery. 

Under the established partnership, Commvault and Kyndryl will collaborate with Pure Storage to assist organizations in complying with evolving and rigorous regulations, including the European Union’s DORA, NIS2, PSD2, as well as NYDFS NYCRR 500 and Australia’s APRA CPS 230. The companies will showcase their services at the Pure//Accelerate Conference in Las Vegas from June 17 to 19. 

The services from Commvault and Pure Storage deliver a modular, four-layer architecture that streamlines the compliance process and accelerates recovery across hybrid cloud environments: 

  • Cyber Resilient Vault: An isolated, immutable data vault built on zero-trust principles, protecting backup data from unauthorized access and corruption. 
  • Clean Recovery Zone: A secure environment for forensic analysis, validation of clean backups, and staged recovery operations. 
  • Production Rapid Restore: Fast, reliable restoration of large datasets using Pure Storage FlashBlade™, with immutability powered by S3 Object Lock and SafeMode™. 
  • Immutable Snapshot Recovery: Application-consistent snapshot replication with Commvault IntelliSnap® and Pure Storage FlashArray™, enabling rapid restoration of Tier-1 workloads. 

The offerings provided by Commvault and Pure Storage facilitate automated and continuous testing for cyber recovery. This includes support for Commvault Cleanroom™ Recovery within both public cloud environments and on-premises isolated recovery environments managed by Kyndryl. Clients have the capability to validate their recovery processes and support compliance with DORA Chapter II (Risk Management), Chapter IV (Operational Resilience Testing), as well as other relevant regulations. 

Availability  

The services are typically accessible throughout North America, Europe, and the Asia-Pacific (APAC) region. For further details on how Commvault, Kyndryl, and Pure Storage can support organizations’ compliance with regulations and enhance their cyber resilience, please visit the Kyndryl and Pure Storage partner pages.  

Channel partners can access deal registration, training, and co-branded collateral through Commvault’s Partner Advantage program, Kyndryl’s go-to-market teams, and Pure Storage’s Partner Portal. 

For more information about how Commvault, Kyndryl, and Pure Storage are empowering the channel to drive cyber resilience and support for compliance, view the Joint Solution Brief.  

Leave a comment »

Foxit Expands Workflow Automation Capabilities with 40+ Seamless Connectors

Posted in Commentary with tags on June 17, 2025 by itnerd

Foxit today announced the launch of Foxit Connectors, a growing library of 40+ pre-built integrations that empower business users, particularly in HR, sales, procurement, and legal departments, to automate document workflows directly within the tools they already use. By seamlessly connecting Foxit eSign and PDF Editor+ with platforms like Workday, Salesforce, Google Drive, SharePoint, Box, and iCIMS, organizations can now auto-fill, send, sign, track, and archive agreements without switching applications or involving IT. This eliminates repetitive manual tasks and fragmented workflows, enabling faster hiring, quicker deal closures, streamlined vendor management, and simplified compliance, all from within familiar environments.

In every department, teams are constantly wrestling with disconnected systems and tedious manual work that slows everything down. HR is stuck recreating the same offer letters over and over. Sales reps spend more time tracking down contracts than actually closing deals. Legal teams scramble to keep records straight across scattered platforms. And procurement is chasing signatures and approvals instead of moving projects forward. It’s frustrating, time-consuming, and leaves too much room for mistakes or compliance slip-ups. Foxit Connectors solve these challenges by automating every step of the agreement process, pulling accurate data directly from source platforms, auto-filling documents using reusable templates, sending files for signature with a click, and instantly syncing completed agreements back to the originating system with full audit trails and compliance metadata intact. The result is a streamlined, secure, and error-resistant workflow that frees up time, reduces friction, and supports faster, smarter business execution.

Key Features and Benefits of Foxit Connectors:

  • 40+ Pre-Built Integrations – Connect Foxit eSign and PDF Editor+ to platforms like Workday, Salesforce, Google Drive, Box, SharePoint, iCIMS, and more
  • No Code Required – Activate and customize integrations without involving IT, making setup fast and frictionless
  • Smart Auto-Fill – Pull real-time data from HR, CRM, and business platforms to populate documents with zero manual entry
  • Seamless eSignature Workflows – Send documents for signature and track status, without ever leaving your preferred platform
  • Secure, Compliant Document Storage – Sync signed agreements back to original systems with audit trails, signature certificates, and encryption
  • End-to-End Automation – Eliminate manual downloads, uploads, and versioning chaos across departments
  • Audit-Ready Compliance – Meet regulatory standards like HIPAA, SOC 2, and eIDAS with traceable document workflows
  • Faster Deals, Smarter Hiring, Simplified Procurement – Accelerate key business functions while reducing errors and boosting productivity

Real-World Use Case Examples:

  • HR & Talent Acquisition:
    • Auto-populate offer letters using candidate data from Workday or HiBob
    • Instantly send onboarding documents for eSignature
    • Sync signed agreements back into HR platforms for compliance and recordkeeping
  • Procurement & Vendor Management:
    • Pull vendor agreements directly from Box or Dropbox
    • Route contracts through automated approval and eSignature workflows
    • Store finalized contracts in your document management system for easy access and audits
  • Sales & Contract Management:
    • Access and personalize proposals from SharePoint, Google Drive, or OneDrive
    • Merge customer data from Salesforce or other CRMs directly into agreements
    • Send for signature and automatically archive completed contracts with full audit trails
  • Legal & Compliance:
    • Ensure every document meets regulatory standards like HIPAA, SOC 2, or eIDAS
    • Maintain complete audit trails of every action taken on an agreement
    • Store signed contracts securely with encryption and signature verification

Foxit Connectors are available to Foxit eSign and Foxit PDF Editor+ customers today. To explore the full list of integrations or activate connectors tailored to your needs, please visit: https://www.foxit.com/esign-pdf/integrations

Leave a comment »

Organized SEO Poisoning Operation Using Hacklink Marketplace for Phishing Campaign 

Posted in Commentary with tags on June 17, 2025 by itnerd

Netcraft has released new research uncovering an organized SEO poisoning operation where compromised websites are manipulated to boost malicious URLs in search engine rankings using Hacklink, a black market service designed specifically to help adversaries automate their exploitation efforts, often with devastating results for targeted industries such as online gambling. 

Scammers use Hacklink control panels to insert links to phishing or illicit websites into the source code of legitimate but compromised domains, which are tailored with anchor text to specific keywords so that when users search for relevant terms, such as gambling-related phrases, they are served search results that include, and sometimes prioritize, the attacker-controlled websites.

The injected content is subtle, often invisible to site owners or casual visitors, but highly effective at influencing Google’s PageRank system. Sites are chosen by threat actors based on their reputational value, with links from .gov, .edu, and ccTLDs used to boost the credibility of their malicious content. While legitimate SEO is a cornerstone of digital marketing, the techniques used here cross into fraud, with fake pharmacies, adult content, and phishing pages all benefiting from artificially elevated visibility. 

One particularly concerning and active tactic for this growing campaign of SEO poisoning is the targeting of online casinos/gambling companies operating in the Turkish market with organized groups like “Neon SEO Academy” and “SEOLink” offering services to manipulate SEO rankings for phishing and fraud.

You can read the research here.

Leave a comment »