Archive for November 6, 2025

Sage announces Finance Intelligence Agent to power high-performance finance teams

Posted in Commentary with tags on November 6, 2025 by itnerd

Sage today introduced the Sage Intacct Finance Intelligence Agent. The Finance Intelligence Agent is part of Sage’s growing network of AI agents transforming the role of the CFO, from supporting the business to leading it.

This launch sets a new benchmark for high-performance finance and marks a pivotal step toward autonomous operations and insights. By supporting CFOs with AI-powered agents, Sage helps organisations get continuous accounting, trust, and insights, delivering speed, accuracy, and clarity, while reducing manual efforts and reporting.

Historically, finance teams often needed to hunt for reports, review dashboards, and sometimes export and manipulate data in spreadsheets to get answers and make recommendations – a process that could take minutes to hours depending on the complexity of the task. The Finance Intelligence Agent represents the next evolution of AI in finance, acting as an intelligence layer that routes natural language questions to the right AI Agents and financial data sources, coordinates their responses, and composes a final, actionable answer – in seconds. By eliminating the need to run reports or analyse data externally, it simplifies decision-making and accelerates outcomes.

A growing network of Sage AI Agents

The addition of the Finance Intelligence Agent builds on the existing suite of Sage Intacct AI Agents designed to support finance teams across workflows:

  • Close Agent: Keeps close tasks on track, flags issues early and provides full visibility in one workspace.
  • AP Agent: Automates bill processes, PO matching, and duplicate checks, allowing teams to review and approve with confidence.
  • Assurance Agent: Catches errors at entry, stopping mistakes before they post and eliminating downstream rework.
  • Time Agent: Automates project time capture, freeing staff from manual entry and maximising billing and estimating accuracy.

These agents are built on Sage’s unified platform – where applications, workflows, and data come together – and powered by Sage AI, which delivers purpose-built, domain-specific AI services. Acting as behind-the-scenes specialists, they operate within permission boundaries, whether surfaced through Sage Copilot or embedded into product workflows.

Sage AI Agents strengthen Sage Intacct as one of the industry’s leading and most trusted platforms for CFOs. Built by finance teams, Sage Intacct’s AI Agents deliver automation that is practical, transparent, and tailored to how they work, helping organisations meet today’s pressures head-on.

Empowering finance teams

Sage Intacct AI Agents relieve pressure on teams that spend too much time on manual processes and chasing data. By automating tasks like drafting bills, matching transactions, guiding close activities, and flagging errors before they escalate, these Agents help finance teams operate with greater speed, accuracy, and confidence.

They connect insights and actions across finance operations, enabling CFOs and their teams to focus on strategy and growth. Together, the Agents streamline core workflows and advance continuous accounting, delivering trusted insights while reducing manual effort and reporting overhead.

Meeting the pressure on finance

According to McKinsey, technologies can fully automate 42% of finance activities and mostly automate a further 19%. Sage data shows how this potential is being realised in practice, with AI processing 45 million bills, flagging 190 million anomalies, and processing 3.2 billion transactions annually. Customers are saving an estimated 50 million hours annually.

Availability and next steps

Unlike general-purpose AI tools that require extensive customization, Sage Intacct’s finance-first AI Agents work out of the box, delivering fast results with minimal setup.

Whether accessed through Sage Copilot or embedded into workflows, with the autonomy of agents, finance teams get faster results.

The Finance Intelligence Agent is available in December to Early Adopters on Sage Intacct across the US and the UK.

Leave a comment »

REALLY Weak Passwords Contributed To The Louvre Break In

Posted in Commentary with tags on November 6, 2025 by itnerd

From the “what were they thinking” department comes the news that the Louvre, which was burglarized on October 19, had used the weak password LOUVRE for its core security systems according documents obtained by the French newspaper Libération.

Like seriously?

Darren James, Senior Product Manager at identity management and authentication solutions provider Specops Software provided the following comments:

“Even though the audit that found this easily guessable password was from 11 years ago, it’s still something we hear a lot about today.

“The password problem isn’t just a technical issue, it’s a human behavior challenge that’s extremely difficult to correct. Passwords, and IT security in general, are often seen as one of those annoying things that stop users from getting on with their day-to-day work. They have to remember so many these days, both for their jobs and personal lives, that they tend to take the easy route: choosing easily guessable words, reusing the same password across multiple systems, or following predictable patterns. And when everything falls apart, their defense is often, “Well, I never thought it would happen to me!”

“So, what can companies do to improve this? They should take the advice of ANSSI (France), NIST (USA), and the NCSC (UK) and change their approach to passwords:

  • Move away from complexity with lots of different character types. That only encourages predictable patterns. Instead, switch to longer passphrases.
  • Block words that relate to your organization. This is a good use of AI; ask your favorite LLM to generate a list of 1,000 words related to your company.
  • Block passwords that are already breached. If they’re out there on the dark web, why would you let someone use them?
  • Remove password expiry. It doesn’t help, as users just make small changes to their regular password (for example, Summer2024 to Summer2025).
  • If you do remove expiry, remember that people still often reuse their passwords. Make sure you have a solution that can continuously check your users’ passwords against a constantly updated database. That way, when they do get leaked, you can act quickly.

“And finally, help your users. When they need to change or reset their password, give them the means to do it securely, and use a reset solution that provides helpful feedback.”

This is a case study as to how not use passwords. Though there’s more in the report that highlights other failures that contributed to the thieves being able to pull off this heist. Talk about a #fail.

Leave a comment »

Warning from Canadian Centre for Cyber Security says that critical infrastructure is vulnerable

Posted in Commentary with tags on November 6, 2025 by itnerd

Late last week, the Canadian Centre for Cyber Security shared a warning stating that hacktivists are targeting critical infrastructure through internet-exposed industrial control systems (ICS).

In recent weeks, the Cyber Centre and the Royal Canadian Mounted Police have received multiple reports of incidents involving internet-accessible ICS. One incident affected a water facility, tampering with water pressure values and resulting in degraded service for its community. Another involved a Canadian oil and gas company, where an Automated Tank Gauge (ATG) was manipulated, triggering false alarms. A third one involved a grain drying silo on a Canadian farm, where temperature and humidity levels were manipulated, resulting in potentially unsafe conditions if not caught on time.

While individual organizations may not be direct targets of adversaries, they may become victims of opportunity as hacktivists are increasingly exploiting internet-accessible ICS devices to gain media attention, discredit organizations, and undermine Canada’s reputation.

Exposed ICS components, including Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), Human-Machine Interfaces (HMIs), Supervisory Control and Data Acquisition (SCADA) systems, Safety Instrumented Systems (SIS), Building Management Systems (BMS), and Industrial Internet of Things (IIoT) devices, pose significant risks to organizations, their clients, and the broader Canadian public.

 Grayson Milbourne, Security Intelligence Director, OpenText Cybersecurity had this to say:

“The Cyber Centre’s alert underscores a cross-border reality: both Canadian and U.S. critical infrastructure operators are connecting legacy industrial control systems to the internet without the right access safeguards. These systems weren’t designed with modern authentication in mind, and that’s exactly where attackers are getting in.

Cybersecurity for critical infrastructure has to start with identity. When every user, device, and connection is verified, organizations can limit who touches sensitive systems and quickly spot when something’s wrong. That means implementing strong identity and access management, continuous monitoring, and strict network segmentation to close the gaps hacktivists exploit.”

This warning illustrates the fact that critical infrastructure needs to move to a place where it isn’t a target for threat actors. Right now critical infrastructure is low hanging fruit for threat actors. And that isn’t a good place to be as it can have catastrophic results for all of us.

Leave a comment »

Flashpoint Serves Up An Analysis Of LockBit 5.0

Posted in Commentary with tags on November 6, 2025 by itnerd

On the back of Flashpoint’s report last week on the Evolution of Data Extortion, I wanted surface a blog post that is just live this morning from the Flashpoint team about LockBit 5.0 Analysis.

It’s a deep dive into the latest evolution of the dominant Ransomware-as-a-Service (RaaS) group. Flashpoint’s analysis confirms its key innovation is a refined modular two-stage deployment model designed to maximize evasion, modularity, and EDR bypass.

The blog post is here:  https://flashpoint.io/blog/lockbit-5-0-analysis-technical-deep-dive-into-the-raas-giants-latest-upgrade/.

Leave a comment »

Guest Post – AI Goes Rogue: Google Report Reveals Malicious LLMs Fuel Next-Gen Cyberattacks

Posted in Commentary with tags on November 6, 2025 by itnerd

By Stefanie Schappert

The Google Threat Intelligence Group published an updated report on Wednesday highlighting a critical shift in the cyber-threat landscape – and it’s all about AI. 

This “just-in-time” AI malware marks what Google is calling a “new operational phase of AI abuse.” Moreover, it’s already being actively used by low-level cybercriminals and nation-state actors alike.  

Google makes it clear that attackers have moved from using AI as a simple productivity tool to creating the first-of-its-kind adaptive malware that weaponizes large language models (LLMs) to dynamically generate scripts, obfuscate their own code, and adapt on the fly.

Don’t get it wrong, attackers are still using artificial intelligence to generate basic and yet hard-to-detect phishing lures for social engineering attacks. But adding to their arsenal are built-to-go modular, self-mutating tools that can evade conventional defenses. 

As Google puts it: “These tools can leverage AI models to create malicious functions on demand, rather than hard-coding them into the malware. While still nascent, this represents a significant step toward more autonomous and adaptive malware.” 

And while the research indicates that some of these novel AI techniques are still in the experimental stage, they are a surefire harbinger of things to come. 

What also makes this evolution particularly worrying is the lowered barrier to entry. Google found that underground marketplaces are offering multifunctional AI toolkits for phishing, malware development, and vulnerability research, so even less-sophisticated actors can tap into the toolset.

Meanwhile, nation-state groups, such as Russia, North Korea, Iran, and China, have already figured out how to leverage AI tools across the full attack lifecycle, from reconnaissance and initial compromise to maintaining a persistent presence, moving laterally through the target network, and developing command-and-control capabilities and data exfiltration.

In effect, defenders must now prepare for an era of adaptive and autonomous malware and AI tools that learn, evolve, and evade in real-time, creating new challenges for this generation of cyber defenders, who must learn to combat self-rewriting code, AI-generated attack chains, and an underground AI toolkit economy.  

Traditional static signature defenses will soon become ineffective, leaving already burnt-out CISOs scrambling to quickly pivot to anomaly-based detection, model-aware threat intelligence, and real-time behavioural monitoring.

Furthermore, AI-enabled tooling will almost certainly raise attackers’ success rates; not because every attack is flawless, but because automation, real-time adaptation, and hyper-personalised lures will massively widen the attack surface.

And let’s not forget the trickle-down effect that these AI-driven cyberattacks will have on the average person. 

What happens when AI, which can already ingest a person’s public posts, bios, photos, and leaked data to mimic their language, references, and relationships, begins to tailor its attack strategy against its target in real-time? 

AI-fueled scams, phishing emails, fake websites, and voice or video deepfakes will sound and look far more convincing than ever before, putting personal finances, privacy, and even digital identity at greater risk.

The result? An era where cyber deception feels authentic, the line between real and fake blurs, and the average person is exposed to attacks that feel real, personal, and nearly impossible to detect.

ABOUT THE AUTHOR

Stefanie Schappert, MSCY, CC, Senior Journalist at Cybernews, is an accomplished writer with an M.S. in cybersecurity, immersed in the security world since 2019.  She has a decade-plus experience in America’s #1 news market working for Fox News, Gannett, Blaze Media, Verizon Fios1, and NY1 News.  With a strong focus on national security, data breaches, trending threats, hacker groups, global issues, and women in tech, she is also a commentator for live panels, podcasts, radio, and TV. Earned the ISC2 Certified in Cybersecurity (CC) certification as part of the initial CC pilot program, participated in numerous Capture-the-Flag (CTF) competitions, and took 3rd place in Temple University’s International Social Engineering Pen Testing Competition, sponsored by Google.  Member of Women’s Society of Cyberjutsu (WSC), Upsilon Pi Epsilon (UPE) International Honor Society for Computing and Information Disciplines. 

Leave a comment »

EnGenius Releases Broadband Outdoor EOC620 Mobile CPE 

Posted in Commentary with tags on November 6, 2025 by itnerd

EnGenius Technologies has announced the release of the EOC620, the newest addition to its Broadband Outdoor EOC series. Specifically designed for mobile deployments and remote site applications, the EOC620 extends the EOC series beyond traditional fixed installations to support transportation and other dynamic environments where continuous wireless connectivity is critical.

Wireless Connectivity Challenges in Mobile Environments

Transportation and logistics companies face significant challenges in maintaining reliable wireless connectivity while vehicles are in motion. Existing solutions often struggle with outdoor durability, signal stability during rapid movement, and flexible antenna configuration for diverse vehicle platforms. The EOC620 addresses these gaps with enterprise-grade performance optimized for on-the-move applications.

Advanced Mobile CPE for Transportation and Remote Operations

The EOC620 is designed specifically for mobile and remote environments where continuous connectivity is critical. Ideal for transportation fleets, public transportation systems, and commercial vehicle operations, the EOC620 delivers 5GHz radio performance with the durability and flexibility needed for on-the-move deployments. The device features 26 dBm transmit power, IP67 weatherproof construction, and SMA connectors for flexible antenna configuration—enabling operators to deploy reliable wireless solutions in their most challenging scenarios.

Unified Management Across the EOC Series

The EOC620 integrates with the same management platform as other EOC models, enabling operators to manage their entire network—from backbone to last-mile to mobile deployments—through a single centralized system. SkyPoint NMS and SkyConnect mobile app provide consistent tools for deployment, monitoring, and fleet management across all EOC products.

Extended EOC Series Capabilities

EOC620 complements the existing EOC portfolio:

  • EOC655: High capacity backhaul backbone for enterprise and ISP core networks
  • EOC600/610: Cost-effective last-mile CPE for fixed urban and rural coverage
  • EOC620: Enterprise-grade mobile CPE for transportation and remote applications

Key Features and Capabilities

  • Single 5GHz radio with up to 1,200 Mbps link capacity, supporting up to 16 devices in PtMP setups
  • 26 dBm transmit power for reliable long-range coverage in motion
  • IP67 weatherproof and dustproof housing for extreme environmental durability
  • SMA connectors enabling flexible external antenna configuration for diverse vehicle platforms
  • Intelligent RF management with automatic channel selection and dynamic data rate adjustment to maintain stability during vehicle movement
  • 802.11ax Wi-Fi 6 technology with MU-MIMO for enhanced multi-device support
  • SkyPoint NMS and SkyConnect mobile app for centralized management and easy on-site deployment
  • AES-256 encryption for secure data transmission

The EO620 will be available from EnGenius authorized resellers and distribution partners by November 2025. For additional product specifications and purchasing information, visit: EOC620

Leave a comment »

‘Minecraft’, ‘qwerty’, and ‘India@123’ among 2025’s most common passwords 

Posted in Commentary with tags on November 6, 2025 by itnerd

Comparitech researchers have published a new study, finding that the 100 most common passwords in 2025 are ‘123456’, ‘admin’, and ‘password’. 

For this analysis, Comparitech researchers aggregated more than 2 billion real account passwords leaked on data breach forums in 2025. Using that data, they amassed a list of the most-used passwords — including a couple interesting ones!

While this is a fun list to read through, these findings show exactly why password security really matters. Modern password cracking programs make short work of weak passwords, and common passwords like in this list are easily guessed. By using these passwords, people are putting themselves and their organizations at an extremely high risk. 

Here’s the research for your review: https://www.comparitech.com/news/minecraft-qwerty-and-india123-among-2025s-most-common-passwords-report/

Leave a comment »

Team Cymru Launches RADAR to Provide Instant Infrastructure Visibility to Cyber Defenders

Posted in Commentary on November 6, 2025 by itnerd

Team Cymru today announced the launch of RADAR, a new real-time discovery module designed to give threat analysts instant visibility into all internet-facing infrastructure, whether known or unknown, without waiting on asset inventories, third-party scans, or compliance-oriented tools.

Cyber threat analysts and intelligence teams often face a disadvantage when assessing risk exposure due to unknown internet-facing resources. RADAR returns the advantage by delivering:

  • Passive discovery of connected IPs, domains, and exposed infrastructure, with no scanning or risk.
  • Auto-enrichment with CVEs, KEVs, ASN, country code, and Team Cymru’s behavioral tagging.
  • Live, interactive mapping of relationships across infrastructure clusters.
  • One-click pivots into Pure Signal™ Scout and Recon for deep investigation.
  • Full API access to plug visibility into investigative workflows and SOC automation.

Unlike traditional external attack surface management (EASM) platforms that prioritize asset inventory for compliance teams, RADAR is built for CTI and threat hunters. It gives analysts the autonomy to uncover exposures in real-time, regardless of whether they originate from within your own organization, a third party, or an adversary. RADAR does this all without switching tools or relying on delayed data.

Leave a comment »

SAP Concur and Amex GBT establish strategic alliance

Posted in Commentary with tags on November 6, 2025 by itnerd

SAP Concurs announced a strategic alliance with American Express Global Business Travel (Amex GBT) and the launch of Complete by SAP Concur and Amex GBT. Complete, a co-developed next-gen solution with AI at its core, is intended to combine booking, servicing, payments and expensing into one experience.

Complete will benefit from each entity’s technology, and business travel expertise. Concur Expense will also integrate with Amex GBT Egencia providing additional options for customers interested in an integrated travel and expense solution. The two companies will allocate funding and development resources to build joint innovations on behalf of mutual customers with the vision to redefine the corporate travel and expense experience.

The combined investment through this strategic alliance creates an opportunity to deliver end-to end value in three foundational areas – marketplace, software, and services. Complete will be a streamlined solution with a single road map and integrated servicing model providing customers with accelerated innovation and program optimization including:

  • The integration of the Amex GBT marketplace into Complete – access to 600+ airlines and spanning 2 million+ properties – and into the SAP Concur technology stack, offering greater incentives and cost savings.
  • Access to richer airline, hotel, ground and rail options and Complete will deliver the next generation of modern retailing.
  • Access to unified traveler support via an integrated chat agent designed to deliver a single experience to manage the entire trip with increased time savings and a great user experience.
  • Expedited releases of NDC content delivering increased content options, choice and clarity of fares plus increased compliance within existing travel policies.
  • The ability to benefit from combined AI offerings trained on the unmatched data from Concur Travel and Expense and Amex GBT that represents millions of trips and transactions to fine-tune experiences in near real-time. 

Availability 

Later this month, mutual customers will have access to Complete with additional features to follow in the coming months. Concur Expense integration into Amex GBT Egencia will be available soon. Future co-innovations will continue to roll out in core areas including content availability and display, travel manager capabilities, utilizing AI to create a new booking experience, manage travel disruptions and provide program insights. Lastly, the SAP Concur Partner Program for TMCs will transform and is intended to generate value for our mutual current and future customers.

Leave a comment »