Archive for July 28, 2025

How a simple service desk attack cost Clorox $400 million

Posted in Commentary with tags on July 28, 2025 by itnerd

 Last week, cleaning products giant Clorox took the unusual step of suing its IT services partner Cognizant for gross negligence.

Clorox are alleging that the August 2023 ransomware attack they suffered came about thanks to an incredibly simple piece of human error. According to the complaint, hackers tied to the “Scattered Spider” group simply phoned Cognizant’s service desk and requested a password reset – and were given one. You can see my coverage on this here.

Today, Specops Software published an analysis on how a simple service desk attack cost Clorox $400 million. Which is up from the $49 million that I first reported.

This analysis not only goes into how exactly the service desk social engineering played out, but also how the ransomware was deployed, and what organizations can do to protect their service desks. 

The full details can be found here: https://specopssoft.com/blog/clorox-password-social-engineering/

Leave a comment »

Scattered Spider is running a VMware ESXi hacking spree 

Posted in Commentary with tags on July 28, 2025 by itnerd

It is being reported by Google that the Scattered Spider group have been aggressively targeting virtualized environments by attacking VMware ESXi hypervisors at U.S. companies in the retail, airline, transportation, and insurance sectors.

The group’s core tactics have remained consistent and do not rely on software exploits. Instead, they use a proven playbook centered on phone calls to an IT help desk. The actors are aggressive, creative, and particularly skilled at using social engineering to bypass even mature security programs. Their attacks are not opportunistic but are precise, campaign-driven operations aimed at an organization’s most critical systems and data.

Their strategy is rooted in a “living-off-the-land” (LoTL) approach. After using social engineering to compromise one or more user accounts, they manipulate trusted administrative systems and use their control of Active Directory as a launchpad to pivot to the VMware vSphere environment, thus providing an avenue to exfiltrate data and deploy ransomware directly from the hypervisor. This method is highly effective as it generates few traditional indicators of compromise (IoCs) and bypasses security tools like endpoint detection and response (EDR), which often have limited or no visibility into the ESXi hypervisor and vCenter Server Appliance (VCSA).

Ensar Seker, CISO at SOCRadar had this comment:

“Scattered Spider’s targeting of VMware ESXi environments marks a concerning escalation in their tactics, especially given the central role ESXi hypervisors play in enterprise infrastructure. What makes this campaign particularly dangerous is not zero-day exploits or novel malware, but the sheer precision of their social engineering. These attackers are bypassing layered defenses by manipulating human trust, impersonating IT staff, abusing MFA processes, and gaining privileged access without firing a single exploit.”

“This highlights a serious blind spot: even organizations with strong patching, segmentation, and endpoint defenses are vulnerable if their identity verification and access workflows can be tricked. The fact that attackers are going straight for hypervisors, the backbone of many corporate data centers, shows they understand where the crown jewels live. Once they get access to ESXi, they can rapidly encrypt or exfiltrate data across many virtual machines, amplifying impact.”

“For defenders, this underscores the urgency of hardening identity and access management. That means enforcing phishing-resistant MFA, separating duties in high-privilege environments, locking down direct access to management interfaces like ESXi, and monitoring for behavioral anomalies across IAM platforms. Security training alone won’t cut it, social engineering resilience must be engineered into systems and processes. We’re not just defending code anymore; we’re defending trust.”

James McQuiggan, Security Awareness Advocate at KnowBe4:

“Scattered Spider is proving that breaches don’t always start with technical exploits. They start with a phone call. As they continue to use social engineering to impersonate employees, trick help desks, and gain access to user accounts, they are leveraging the human trust and lack of awareness of users who fall victim to this attack style to gain access and launch their ransomware attacks.”

“What makes this approach so effective is how well it blends human deception with infrastructure-level exploitation. To defend against this, organizations need to treat social engineering as seriously as they treat compliance, patching and securing their VPNs. Help desks should verify identities using more than just names or IDs, and multifactor authentication should be phishing-resistant.”

“Security awareness training must go beyond generic advice and include realistic scenarios that reflect the current tactics employed by attackers, such as impersonating internal staff or creating a sense of urgency to bypass standard procedures. Building resilience means securing both layers, an organization’s systems and their users.”

I have to admit that this is a pretty crafty attack by Scattered Spider. It shows that you have to be on guard for multiple attack vectors to avoid getting pwned.

Leave a comment »

Saudia Airlines Announces Partnership with Esports World Cup 2025

Posted in Commentary with tags on July 28, 2025 by itnerd

Saudia, the national flag carrier of Saudi Arabia, has announced the signing of a partnership with the Esports World Cup Foundation (EWCF), becoming the Official Airline Partner of the tournament. The collaboration aims to support sports and entertainment tourism while promoting summer destinations across the Kingdom. This coincides with Riyadh hosting the second edition of the global tournament, taking place from July 7 to August 24, 2025, at Boulevard City.

A global first of its kind, the agreement was signed virtually using an interactive digital platform, marking a milestone in how partnerships can be formalized through immersive, tech-enabled experiences. This innovative approach bridges the worlds of aviation and esports, reflecting a forward-thinking embrace of digital technology in building future-ready collaborations.

This partnership aligns with Saudia’s commitment to supporting the objectives of Saudi Vision 2030, particularly those related to positioning the Kingdom as a global hub for esports and diversifying its tourism offerings.

Under the agreement, Saudia will offer exclusive travel packages and special offers for fans and visitors attending the tournament. These will include premium hospitality and onboard entertainment services, alongside international marketing campaigns promoting the Kingdom as an attractive global destination for both sports and tourism.

The 2025 Esports World Cup will host 25 tournaments across 24 game titles, bringing together over 2,000 elite players and 200 Clubs from more than 100 countries. With a record-breaking prize pool of over $70 million, the event will offer fans a comprehensive entertainment experience, from high-stakes competition and live music to anime cafés, retro arcades, cosplay showcases, and more, cementing Riyadh’s position as a global esports and entertainment hub.

Through this partnership, Saudia further cements its role as an enabler for international events, placing guest experience at the heart of its priorities and contributing to the advancement of Saudi Arabia’s tourism and aviation sectors.

Leave a comment »

Website Planed Studies The Creator Economy

Posted in Commentary with tags on July 28, 2025 by itnerd

Website Planet has a report regarding their most recent content creator research.

Content creation offers visible economic rewards for the select few but most creators struggle to turn their passion into sustainable income. Some of their key findings:

  • Entertainment drives viral reach of the top 56% of the most popular creators.
  • Gender disparities continue, with women occupying only 34% of the top creators’ spots
  • Over 90% of top creators have created their own merchandise lines.
  • 10 out of the 15 creators included in their analysis ranked in the top 10 more than once.

The full report can be found here: https://www.websiteplanet.com/blog/top-streamers-research/

Leave a comment »

Parallel Works Unveils AI Partner Ecosystem

Posted in Commentary with tags on July 28, 2025 by itnerd

 Parallel Works today announced the launch of its ACTIVATE AI Partner Ecosystem. This connected and flexible AI ecosystem accelerates AI infrastructure innovation, simplifies operations and supports next-generation AI at-scale. As the control plane for the next generation of AI infrastructure, ACTIVATE AI provides unified access to neocloud platforms and orchestration tools with vendor-neutral, flexible deployment options across hybrid computing environments.

As AI workloads grow more complex, dynamic and seamless integration with top neocloud GPU providers is foundational to a growing ecosystem. By partnering with a diverse set of GPU providers and orchestrating AI workloads across hybrid environments, the ACTIVATE AI Partner Ecosystem Program provides organizations with vendor-neutral, flexible deployment options across hybrid compute environments, including: 

  • Unified Access to Specialized Compute. Whether training large language models (LLMs) or deploying real-time inference, users can access a variety of GPU types – without being tied to a single vendor.
  • Orchestration Across the AI Stack. By abstracting away infrastructure complexity, users can focus on model development rather than DevOps. The platform integrates with container-based workflows (e.g., Kubernetes), CI/CD pipelines and data tools.
  • Multi-Cloud and Hybrid Freedom. Vendor neutral support of hybrid and multi-cloud deployments gives organizations the power to move AI workloads across environments based on evolving requirements.
  • Resource Optimization and Collaboration. The ACTIVATE AI ecosystem supports intelligent workload placement, shared resource pools and budgeting controls. 
  • Ecosystem-Driven Innovation. ACTIVATE AI is designed to integrate with a growing ecosystem of AI tools, platforms and services, providing users with access to the best innovations in AI infrastructure without being locked into a rigid solution stack.

A Partner Ecosystem for AI Innovation

The ACTIVATE AI Partner Ecosystem Program offers access to cutting-edge GPU capacity via neoclouds and aggregators, providing secure access to Kubernetes environments with GPU pooling, as well as vendor-neutral, distributed object storage. Channel partners can also integrate ACTIVATE AI control plane for hybrid cloud bursting with distributed storage.

ACTIVATE AI Ecosystem partners include:

GPU-as-a-Service / Neocloud Partners

GPU Aggregators

Technology

Storage

  • Storj, vendor-neutral distributed object storage

Resellers

Scalable, flexible and vendor-neutral AI and HPC solutions help businesses accelerate AI initiatives and drive operational efficiencies in the cloud. Parallel Works enhances technological advancements and optimizes workflows, empowering businesses to innovate. As part of the ACTIVATE AI Partner Ecosystem Program, the company collaborates with industry leaders, including those mentioned above, as well as AWS, Google Cloud, Azure and storage providers such as Hammerspace, to deliver cutting-edge infrastructure and seamless integration for clients.

Availability

For more information on the Parallel Works Partner Ecosystem, including AI and other technology partners, click here.  ACTIVATE AI is available immediately and included with existing ACTIVATE user seat licenses.

Resources

Leave a comment »

Guest Post: If you have one of these passwords, you need to change it ASAP – the most hackable passwords revealed

Posted in Commentary with tags on July 28, 2025 by itnerd
  • Despite warnings against easy passwords, ‘123456’ is still used over 6.6 million times.
  • ‘Michael’ is the most commonly used name in passwords, while ‘football’ is the most popular sport, each appearing in over 107,000 passwords.
  • An expert reveals how to create strong passwords and protect your personal data from hackers. 

Brand new data released by AI search analytics platform Peec AI reveals the most common words, phrases and values used in passwords – which also happen to be the ones most likely to get you hacked

Analyzing data from a combination of global data breaches since 2019, the experts have scraped over 100 million different passwords to reveal the most common choices for online password protection. 

According to the 2024 Bitwarden World Password Day survey, which gathered insights from 2,400 individuals, 36% of respondents admitted to using personal information in their passwords. 

Given that, it’s perhaps no surprise that over 24 billion passwords were exposed by hackers in 2022 alone. More recently, between April 2024 and May 2025, another 19 billion passwords were made available online, accessible to cybercriminals looking to exploit them. 

From names, years, seasons, number combinations, and values, to sports, football teams, famous celebrities, and fictional characters, here are the passwords you should really avoid using.  

The most used names in passwords  

The name ‘Michael’ is one of the most used names for passwords, included in 107,678 passwords. ‘Daniel’ is the second most used name, with a count of 99,399 passwords.  

Other names including ‘Ashley’, ‘Jessica’, ‘Charlie’, ‘Jordan’ and ‘Michelle’ are among the most used for password protections. 

Name Number of times used 
Michael 107,678 
Daniel 99,399 
Ashley 91,977 
Jessica 86,410 
Charlie 82,348 
Jordan 74,310 
Michelle 71,816 
Thomas 70,024 
Nicole 69,223 
Andrew 66,960 
Anthony 65,509 
Jennifer 65,278 
Joshua 64,335 
Andrea 63,640 
Maggie 55,967 
George 55,949 
Amanda 55,629 
Hannah 55,320 
William 54,917 
Samantha 54,745 
Robert 54,297 
Martin 51,352 
Harley 50,386 
Brandon 49,986 

The most used values in passwords  

Often, several websites will ask you to create a password which contains numbers as well. However, 6,621,933 passwords contain the not-so-complicated number combination of ‘123456’

‘123456789’ is the second most popular number combination, featuring in 2,258,198 passwords, followed by ‘111111,used 968,155 times.   

‘Password’ has been used 946,935 times, along with ‘qwerty’ 878,496 times and ‘abc123’ 842,399 times. 

Value Number of times used 
123456 6,621,933 
123456789 2,258,198 
111111 968,155 
password 946,935 
qwerty 878,496 
abc123 842,399 
12345678 829,914 
password1 740,680 
1234567 730,840 
123123 666,404 

The most used years in passwords  

When it comes to years, ‘2013’ is the most used year included in passwords, featured in a count of 129,745.   

The year of ‘2010’ and ‘1986’ are also amongst the top three most popular years used for password protection. ‘2010’ is used for a total of 79,294 passwords, whilst 1986 is used in 78,709 passwords.    

It’s interesting to note that while ‘2013’ and ‘2010’ rank highest, the most commonly used years in passwords tend to cluster around the 1980s – a pattern that suggests many millennials are incorporating their birth years into their passwords. 

Year Number of times used 
2013 129,745 
2010 79,274 
1986 78,709 
1987 73,067 
1989 61,405 
1985 58,627 
1988 57,945 
1990 56,947 
1984 54,333 
2020 51,269 
1982 50,833 
2012 47,283 
1983 45,789 
1992 44,952 
1995 43,558 
1980 43,255 

The most used football teams in passwords  

The top five football teams used are ‘Liverpool’, ‘Chelsea’, ‘Barcelona’, ‘Arsenal’ and ‘Juventus’.   

‘Liverpool’ is the most used team, featured in 70,317 passwords, followed by ‘Chelsea’ featuring in 55,834 passwords. 

Team Number of times used 
Liverpool 70,317 
Chelsea 55,834 
Barcelona 46,273 
Arsenal 45,321 
Juventus 38,169 

Amongst sports, ‘football’, ‘baseball’ and ‘soccer’ are the top three most popular sports for passwords, with ‘football’ being used a total 107,169 times. ‘Baseball’ is the second most popular, featured 82,574 times.   

‘Soccer’ has a count of 79,735 passwords, followed by ‘basketball’ with 62,667, ‘hockey’ with 41,220 and ‘tennis’ with 34,189

Sport Number of times used 
Football 107,169 
Baseball 82,574 
Soccer 79,735 
Basketball 62,667 
Hockey 41,220 
Tennis 34,189 

The most used famous figures in passwords  

‘blink-182’ is the most used famous figure for passwords, with a count of 84,545.   

‘50 Cent’ places second, featuring in 55,897 passwords.   

Following in third is ‘Eminem’ with 43,344 features, ‘Slipknot’ with 39,630 and ‘Metallica’ as the fifth most popular in 38,608 passwords. 

Famous figure Number of times used 
blink-182 84,545 
50 Cent 55,897 
Eminem 43,344 
Slipknot 39,630 
Metallica 38,608 
Nirvana 35,436 
Justin Bieber 34,296 
Ronaldo 34,137 
Messi 495 

The most used fictional characters in passwords  

Amongst everyone’s favorite fictional characters, ‘Superman’ is the most featured in passwords, with a total count of 86,937.  

‘Batman’ follows in second, featuring in 52,388 passwords. ‘Wall-E’ is the third most popular, with a count of 48,288. Rounding out the top six is ‘Hello Kitty’, ‘SpongeBob’, and ‘Spider-Man’, each with total counts of around 35,000.  

Fictional character Number of times used 
Superman 86,937 
Batman 52,388 
Wall-e 48,288 
Hello Kitty 35,381 
SpongeBob 35,349 
Spider-Man 35,078 

The most used seasons in passwords  

When it comes to seasons, ‘summer’ is the most popular for passwords, resulting in a count of 57,453. With ‘winter’ being the second favourite, appearing in 22,517 passwords, and ‘spring’ in third place with 11,737, ‘autumn’ is the least popular season, featuring in just 10,340 passwords.  

Season Number of times used 
Summer 57,453 
Winter 22,517 
Spring 11,737 
Autumn 10,340 

Malte Landwehr, CMO of Peec AI, commented on the findings, “Considering the high volume of passwords leaked every year, along with the rise in scam and phishing reports, using obvious combinations like ‘123456’, which is used a staggering 6.6 million times, puts you and your personal information at high risk. 

“Nearly everything we use online, from banking and shopping to social media, requires a password (even if you primarily use Face ID on your phone). As cybercriminals continue to target users, strong password security has never been more important. 

“Attackers often use dictionaries and lists of common passwords in their attempts to crack passwords, so it’s important to make yours as difficult as possible to guess. Changing your passwords regularly is a great way of adding an extra layer of security. 

“You should aim for a password that is at least 12 characters long, as long passwords are generally more secure, and include a combination of uppercase and lowercase letters, numbers, and special characters, such as ., !, @, #, $, %. Also, try to mix up letters, numbers, and symbols that do not follow predictable patterns, such as ‘12345’ or ‘qwerty’. 

“Hackers can easily guess personal information, such as names, birthdays, family members, pets, or hobbies that are publicly available, so it’s best to create passwords that don’t relate to you. 

“One final piece of advice is to avoid using the same password for multiple accounts, because if a hacker guesses your password on one platform, they will likely attempt it on all your other active platforms. 

“It can be difficult to keep track of long, complex passwords – with special characters, uppercase letters, and more – but password managers can help. They store (and even generate) secure passwords for each of your accounts, making it much easier to manage and remember multiple strong passwords. 

“Enabling Multi-Factor Authentication (MFA) is also advised, as it adds an extra layer of protection by requiring a second method of verification, such as a temporary code texted to your phone or a mobile authenticator app (such as Google Authenticator or Authy). With an MFA in place, even if someone has your password, they won’t be able to access your account without that second layer of verification – so make sure you use it especially for your email, bank, and social media accounts. 

Methodology: 

The study analyses data from a combination of global data breaches since 2019, scraping over 100 million different passwords to reveal the most common choices of password protection for internet users.  

Leave a comment »

Ex-Amazon, Coinbase engineers launch Drizz with $2.7M for Vision AI mobile app testing agent 

Posted in Commentary with tags on July 28, 2025 by itnerd

As AI transforms how software is written, testing remains painfully manual. Traditional test frameworks can’t keep up with AI-generated code or today’s rapidly evolving mobile apps – and it’s costing teams time, confidence, and revenue. Drizz, founded by Asad Abrar, Partha Mohanty, and Yash Varyani – engineers from Amazon, Coinbase, and Gojek – is taking on this challenge. Today, the company launches from stealth and announces a $2.7 million seed round to introduce the fastest Vision AI mobile app testing agent.

The round was led by Stellaris Venture Partners and Shastra VC, with participation from Anuj Rathi (ex-CBO, Cleartrip) and Vaibhav Domkundwar. The funding will fuel the continued development of Drizz’s Vision AI engine, enhancing its speed, accuracy, and usability across enterprise environments.

Drizz allows teams to write, run, and maintain end-to-end test coverage using plain English prompts instead of fragile code. The system evaluates apps visually – just like a real user – eliminating the need for locator selectors, manual updates, or separate test suites across devices. Its AI doesn’t rely on brittle xPath locators or accessibility IDs, and instead interprets the UI visually – adapting automatically to screen density, hardware differences, and device-specific behaviors.

Developers and QA teams can run tests across iOS and Android using one shared suite, generate test flows in natural language, and rely on self-healing automation that stays stable across UI changes. The platform is built for production readiness, with support for CI/CD pipelines, real device cloud testing, real-time reporting, and full enterprise-grade compliance. Drizz supports a comprehensive range of testing needs – including UI, Functional, API, multi-app, and end-to-end testing.

The system also supports field-level fallback logic and step-by-step execution that boosts reliability and makes debugging easier – even on the most complex interfaces. This opens doors for non-technical stakeholders to actively contribute test scenarios, with no coding required. It streamlines collaboration and helps teams move efficiently. In early deployments, Drizz has helped teams achieve over 97% test accuracy, and reduce test creation time by a factor of 10.

The company is already working with multiple unicorns globally and is seeing strong developer engagement, with users spending an average of 15 hours per week writing and executing test cases. Looking ahead, Drizz plans to extend its vision-based infrastructure toward testing for visually rich and highly interactive environments – areas where traditional locator-based tools can’t operate due to dynamic interfaces and the lack of deterministic DOM structures. 

With AI redefining the speed and complexity of software creation, Drizz is supercharging teams to test faster and ship confidently.

Leave a comment »

Samsung Brings Galaxy Z Fold7, Flip7 & Watch8 Series to Retail in Canada

Posted in Commentary with tags on July 28, 2025 by itnerd

Samsung’s ultimate style-tech trio is officially available in Canada . The Galaxy Z Fold7Galaxy Z Flip7, and Galaxy Watch8 / Watch8 Classic are built to work seamlessly together powered by Galaxy AI. This connected ecosystem empowers users to create, communicate, and live hands-free, without compromising on style or performance. 

Whether you’re capturing content, jumping between apps, tracking your wellness goals, or elevating your day-to-night look, this lineup is built to flex with your lifestyle. 

Together, the Galaxy Z Flip7, Galaxy Z Fold7, and Galaxy Watch8 Series create a tightly integrated, intelligent ecosystem for users who expect innovation in every layer of their tech, from chip to UX.  

The Galaxy Z Fold7, Galaxy Z Flip7, and Galaxy Watch8 Series are now available for pre-order at Samsung.com/ca and select retail partners.  

Pricing and specs are as follows:

Device Name Key Specs Pricing Colour Options 
Galaxy Z Flip7 188g, 4.1″ Flex Window, FlexCam, Galaxy AI, Samsung Exynos 250 256GB – $1,462.99 512GB – $1,642.99 Blue Shadow, Jet Black, Coral Red 
Galaxy Z Fold7 216g, 26% thinner, Snapdragon 8 Gen 3, 200MP camera, All-day battery 256GB – $2,499.99 512GB – $2,679.99  1TB – $3,039.99 Blue Shadow, Silver Shadow, Jetblack, Mint (online exclusive) 
Galaxy Watch8 8.6mm thin, minimalist, Galaxy AI, Gesture controls, Health tracking 44mm LTE – $629.99 44mm BT – $549.99 40mm LTE – $579.99 40mm BT – $499.99 Graphite, Silver 
Galaxy Watch8 Classic 8.6mm thin, rotating bezel, Galaxy AI, Gesture controls, Health tracking 46mm LTE – $779.99 46mm BT – $699.99 Black, White 

Leave a comment »