Archive for September 15, 2025

Gucci, Balenciaga and Alexander McQueen Have Been Pwned And The Details Of Millions Has Been Swiped

Posted in Commentary with tags on September 15, 2025 by itnerd

Cyber criminals have stolen the private details of potentially millions of Balenciaga, Gucci and Alexander McQueen customers in an attack. The stolen data includes names, email addresses, phone numbers, addresses and the total amount spent in the luxury stores around the world.

Brian Higgins, Security Specialist at Comparitech had this to say:

“This is a rather alarming step in a growing trend of attacks on high value retail brands. Aside from all of the usual advice surrounding digital security measures, the most obvious threat to customers here lies in the value of the stolen data. Regardless of whether or not financial information has been compromised, the potential aggregation of names, addresses and overall spend could provide a significant target list for further cyber or indeed real-life criminality. One would hope that those most affected have the resources to target-harden their virtual and physical security but the threat should not be ignored. In the majority of data theft cases changing passwords, monitoring online activity and boosting cybersecurity is sufficient to ride out the threat. I would suggest that in this case more offline measures are appropriate too.” 

Chris Hauk, Consumer Privacy Champion at Pixel Privacy follows with this:

“Unfortunately, cyber-attacks on retailers are on the increase. While Kering refuses to say how many customers were affected by the data breach, the bad actors behind the attack, Shiny Hunters, claims to have harvested data linked to 7.4 million email addresses, meaning the numbers of customers affected by the breach is easily in the millions. Since this information includes names, email addresses, phone numbers, addresses and the total amount spent in Balenciaga, Gucci and Alexander McQueen stores around the world, the data could be used for phishing attacks, and could be sold for a nice piece of change to other bad actors.”

“Customers affected by the hack need to stay alert for suspicious texts, emails, and other communications, claiming to be from a Kerif-owned store, the customer’s bank, and other organizations. Customers should immediately change the password on related accounts and should enable two-factor authentication if available. Actually, they should do this for all of their online accounts.”

Roger Grimes, data-driven defense evangelist at KnowBe4 commented:

“The biggest risk to individual customers is that a very targeted spear phishing attack can be used that more realistically tricks a potential victim into thinking they are dealing with someone legitimate. A very common scheme is for a scammer to pretend to be one of the legitimate brands, and get the potential victim to provide updated credit card information under the guise that their existing or old credit card information must be quickly updated or else they will be at great likelihood to lose money. By the scammer having access to the user’s past history, they can include real details that happened in the past to make potential victims think they are dealing with the legitimate vendor and be more likely to fall for scams.”

Leave a comment »

DoD Greenlights Parallel Works Hybrid Multi-Cloud HPC Platform with ATO Approval, Now Ready for Defense and Industry Use

Posted in Commentary with tags on September 15, 2025 by itnerd

 Parallel Works today announced its ACTIVATE High Security Platform (HSP) has achieved a historic milestone as the first-ever hybrid multi-cloud computing solution to receive the Authority to Operate (ATO) by the Department of Defense (DoD). Granted by the High Performance Computing Modernization Program (HPCMP), the IL-5 ATO authorization enables more agile, cloud-enabled defense computing capabilities to modernize defense infrastructure through scalable, secure and high-performance cloud solutions.

The designation opens the door for partners, integrators, DoD civilians and military end users to utilize Parallel Works ATO through two options:

  1. ACTIVATE HSP can be used as a shared service on NIPRnet through HPCMP.
  2. Organizations can leverage the ACTIVATE HSP software stack and inherit the required compliance and security boundaries to operate within the government ecosystem.

The ATO authorization provides immediate access to a secure, IL5-authorized HPC platform, thereby shortening the time to market for DoD agencies, defense contractors, national labs, system integrators and AI/ML teams.

The DoD’s demand for automated computing solutions is skyrocketing as technology advances to support AI-driven wargaming, digital and model-based systems. Parallel Works ACTIVATE HSP advances the transition with turnkey HPC integration across DoD and commercial clouds, providing advanced orchestration for real-time simulation and AI analytics.

The Parallel Works hybrid, multi-cloud computing HSP is one of only three software programs approved to handle export-controlled workload environments, including International Traffic in Arms (ITAR), DoD IL5 and the Federal Risk and Authorization Management Program (FedRAMP).

Availability

The Parallel Works ACTIVATE hybrid, multi-cloud HSP is available immediately. Interested technology partners can connect at info@parallelworks.com. For more information on Parallel Works ACTIVATE HSP and the opportunities the ATO provides click here

Leave a comment »

AI cuts energy waste by up to 30% in buildings says KPMG

Posted in Commentary with tags on September 15, 2025 by itnerd

KPMG has recently released a report on “How AI is helping to improve energy efficiency and management in real estate.” It says that traditional retrofits are too slow and costly to deliver the scale of cuts required to reach net-zero goals of 2050, and instead points out that artificial intelligence is a faster route, but only together with the Strategic Energy Management (SEM) framework.

Exergio, a company that developed an AI-based tool for energy efficiency in commercial buildings, says that findings reflect what is already visible in real-world cases.

KPMG states that SEM should track how buildings use energy and assign clear responsibility for fixing problems. According to Karčiauskas, this usually means facility managers or energy officers are tasked with day-to-day oversight. However, certain tasks such as changing parameters in sensors should be automatically assigned to AI and machine learning models to adjust in real-time, with experts overseeing the process.

On its own, implementing a SEM mindset typically delivers 5-7% savings per year. But when used with AI, they rise to around 20%-30% state energy efficiency experts.

There are three tiers of SEM, according to the report. The first tier focuses on getting more out of what is already in place: engineers have to tune HVAC, lighting, and control systems so they run more efficiently day to day. This, according to Karčiauskas, is “a task of AI at the moment as we want to achieve faster savings”.

The second step is replacing worn or outdated equipment, for instance, boilers, chillers, or pumps, with models that use less energy. The third adds renewables or long-term power contracts, but only once the building’s basic energy consumption has been brought under control.

The authors of the paper stress that renewables should come last, since they deliver limited value if the building’s consumption has not already been optimised.

The study also indicates that efficiency depends less on new hardware and more on how existing systems are managed.

SEM has a five-step cycle. It includes assessment, planning, implementation, building capability, and monitoring. Within this setup, AI could regulate HVAC concurrently based on occupancy, weather, and usage, while managers define energy-saving goals, set comfort ranges, and review results.

Leave a comment »

Kids & Data: How Apps Invade Children’s Privacy

Posted in Commentary with tags on September 15, 2025 by itnerd

Safety Detectives has conducted recently based on how apps designed for children invade their privacy. While conducting our research they identified some concerning privacy related points such as:

  • 70% of the reviewed apps collect identifiers, data usage and biometric information, often without parental consent.
  • Several apps openly admit sharing kids’ data for marketing and ad tracking.
  • To date, regulators have issued over $1 billion in penalties for children’s privacy violations.
  • Some apps had conflicting disclosures across platforms.

 You can check the full report here: https://www.safetydetectives.com/blog/blog-kids-apps-privacy-research/

Leave a comment »

Major security flaw exposed in enterprise chatbot maker Yellow.ai 

Posted in Commentary with tags on September 15, 2025 by itnerd

Cybernews has just released a report about enterprise chatbot maker Yellow.ai. It reveals that Yellow.ai’s customer service chatbot allowed users to steal cookies and execute malicious code upon request, with zero pushback.

The flaw highlights multiple security issues, such as improper user input sanitization, improper chatbot output sanitization, the web server not verifying content produced by the chatbot, running unverified code, and loading content from arbitrary web resources. This leaves many options for Cross-Site Scripting (XSS) attacks.

Cybernews reached out to Yellow.ai before publishing the research, and the company fixed the issue by sanitizing the generated code, ensuring that it would not get executed. However, the bot still generates malicious code if asked.

Yellow.ai customers include major companies like Sony, Logitech, Hyundai, Domino’s, and hundreds of other brands. It is unclear whether the chatbots used by Yellow.ai’s clients have the same security flaw as the customer service bot had, so Cybernews urges all Yellow.ai clients to be wary.

For more information, here’s the full report: https://cybernews.com/security/yellowai-customer-chatbot-cookies-flaw

Leave a comment »

What You Should Do Before Upgrading To macOS Tahoe….. And Why You Shouldn’t Upgrade Just Yet

Posted in Commentary with tags on September 15, 2025 by itnerd

Apple is expected to release their latest OS which is macOS Tahoe today. Before we go on, here’s a list of what macOS Tahoe will run on:

  • iMac 2019 and later
  • Mac Pro 2019 and later
  • Mac Studio 2022 and later
  • MacBook Air with Apple Silicon 2020 and later
  • Mac mini 2020 and later
  • MacBook Pro with Apple Silicon 2020 and later
  • MacBook Pro (16‑inch, 2019)
  • MacBook Pro (13‑inch, 2020, Four Thunderbolt 3 ports)

You should note that some features of Tahoe won’t work on Intel Macs. And on top of that, this is the last year that Intel Macs will be supported. So if you haven’t made the move to Apple Silicon, now would be a really good time to dump your Intel Mac.

Related to the above, here’s list of features that Tahoe includes.

If your Mac isn’t on this list, you’re out of luck. But assuming that it is, here’s some tips on what you might want to do before you pull that trigger and upgrade. And a couple reasons why you shouldn’t.

  1. Don’t Upgrade… At least not yet. Part 1 : The reason why you shouldn’t upgrade is that Apple’s initial releases tend to be buggy. But they usually get better after they release an update or two. Though that wasn’t the case with Sequoia as they never fixed the Time Machine issues that this specific OS had. So you may want to wait until at least the .1 update hits the streets before making the jump. Or better yet, wait until the .2 release to be extra safe. 
  2. Don’t Upgrade… At least not yet. Part 2: Your apps that you depend upon may not be ready for Tahoe. Thus out may be a better strategy to confirm whether they are ready or not. And if they’re not, wait for them to be compatible with Tahoe before you upgrade.
  3. If you Must Upgrade, Make A Backup: Needless to say, making a backup of your current setup is vital before upgrading. That way you have a way to go back to where you were if things don’t work out. There’s plenty of backup solutions out there from Apple’s own Time Machine to third party utilities such as Carbon Copy Cloner that can be used for this purpose.
  4. Upgrade Your Software BEFORE You Upgrade: Assuming your apps are going to be compatible with Tahoe, you should ensure that all your apps are up to date before you pull the trigger on upgrading. That will reduce the risk that something might go sideways during the upgrade.
  5. Run Disk Utility BEFORE You Upgrade: The last thing I would do is boot of the Recovery Partition and run Disk Utility to verify the volume that you plan to install the upgrade on. It likely wouldn’t hurt to do a permission repair as well.

At this point you should be good to go. Key word being SHOULD. Upgrading an operating system isn’t a trivial process. But if you take these steps beforehand, you should reduce the risk of any issues. Or you can take my first couple of suggestions which is to wait for a bit before upgrading. Then follow the rest of my advice. In my case, I am not planning on upgrading to Tahoe. At least not yet given my experience with Sequoia. But I may upgrade in the future depending on what problems do or do not surface in the coming weeks.

Leave a comment »

How You Can Prepare Your iPhone For iOS 26

Posted in Tips with tags on September 15, 2025 by itnerd

At 1PM EST today, Apple will release iOS 26 to the public. As long as you have a supported device, it will bring you new features and improvements to your iDevice experience.

If you want to see a full feature set, click here.

Speaking of supported devices, here’s what iOS 26 will run on:

  • iPhone 16
  • iPhone 16 Plus
  • iPhone 16 Pro
  • iPhone 16 Pro Max
  • iPhone 15
  • iPhone 15 Plus
  • iPhone 15 Pro
  • iPhone 15 Pro Max
  • iPhone 14
  • iPhone 14 Plus
  • iPhone 14 Pro
  • iPhone 14 Pro Max
  • iPhone 13
  • iPhone 13 mini
  • iPhone 13 Pro
  • iPhone 13 Pro Max
  • iPhone 12
  • iPhone 12 Pro
  • iPhone 12 Pro Max
  • iPhone 12 Mini
  • iPhone 11
  • iPhone 11 Pro
  • iPhone SE Second Generation

If your phone isn’t on this list, then it’s not supported. And the following phones will come with iOS 26 out of the box:

  • iPhone 17
  • iPhone Air
  • iPhone 17 Pro
  • iPhone 17 Pro Max

If you are wondering why there are no iPads on the list, that’s because Apple has spun off the iPads into a separate OS called iPadOS which is due out at the same time. Having said that, this advice applies to iPads as well. 

Now, since this is a major upgrade there is always a chance, no matter how remote that something can go sideways. To make sure that you’re not caught out by something unexpected, here’s what you can do:

1. Update your Apps: Make sure that all your apps are up to date before upgrading by opening the App Store app and seeing if any updates are required. This is important because it is possible that the changes that Apple has made on areas like privacy and performance could break an app that you rely on. Thus I find that it is always a good idea to check for updates and install them before a new version of iOS hits the streets.

2. Dump any uneeded photos, videos or apps: iOS updates tend to need a fair amount of free space to allow for a successful installation. Thus if you have anything less than 8GB of free space, consider deleting unused apps or photos/videos. In terms of the photos and videos you want to keep, you can move them to the cloud or a computer so that they’re safely stored without taking up space on your iPhone. I personally use iCloud myself, but Google Photos is another option.

3. Backup your iDevice: If you value the data on your iDevice, backing it up is a must. You have two options for backing up your iDevice: iCloud or iTunes. Follow this guide to backing up your iPhone using iCloud or iTunes.

At this point you should be good to go to upgrade to iOS 26. Key word being SHOULD. Upgrading an operating system isn’t a trivial process. But if you take these steps beforehand, you should reduce the risk of any issues that you might encounter.

One other thing before I go, you may want to consider not upgrading to iOS 26 and instead wait for iOS 26.1 to hit the streets before you upgrade as that’s likely to have additional bug fixes and also fix issues that hit the streets when iOS 26 comes out. Plus that’s the version that is going to bring Apple Intelligence to the table. I’ll be upgrading later today and if anything seriously goes off the rails, you’ll be the first to hear about it.

Leave a comment »