Archive for November 12, 2025

« Older Entries

Hackers Lose Rhadamanthys Infostealer Server Access 

Posted in Commentary on November 12, 2025 by itnerd

And now for some good news for a change.

According to reports, law enforcement has interrupted the malware-as-a-service Rhadamanthys infostealer infrastructure, which steals credentials and authentication cookies, after hackers reveal they can no longer access their servers.

Henrique Teixeira, SVP of Strategy at Saviynt, commented:

“Back in 2022, I wrote research on identity threat detection and response (ITDR) at Gartner. We noted that Initial Access Brokers (IABs), which offer services similar to Rhadamanthys, were fueling identity breaches through a thriving market of stolen credentials, often harvested by infostealer malware. Fast forward to today, and infostealers have exploded, responsible for roughly three-quarters of stolen credentials worldwide. These tools don’t just grab passwords, they are able to extract tokens and cookies that can bypass MFA. 

“The continued proliferation of IABs and ‘Malware-as-a-Service’ sites, while seemingly unbelievable, is a persistent reality. Removing one only creates an opportunity for the next criminal enterprise to fill the gap. Modern enterprise cybersecurity, therefore, must move beyond mere prevention. Organizations must adopt a “assume breach” mindset, prioritizing rapid detection and response to identity-related incidents. This requires robust posture management, comprehensive visibility, and effective remediation processes to address security incidents as if a breach has already happened.”

The only thing that is bad about this is that some other ransomware gang will take the place of Rhadamanthys. Which is why there needs to be a concerted effort to make ransomware less profitable for these gangs.

Leave a comment »

DH2i to Showcase Expertise in SQL Server 2025, AI, and Container Modernization at PASS Data Community Summit 2025

Posted in Commentary with tags on November 12, 2025 by itnerd

 DH2i today announced DH2i CTO OJ Ngo will join with Microsoft Principal Product Manager Amit Khandelwal to present a series of sessions on: SQL Server modernization; building highly available, production AI apps with Azure AI and Microsoft SQL Server 2025; and achieving SQL Server scalability and cost-efficiency with containers in the cloud at the upcoming PASS Data Community Summit 2025, taking place November 17-21. 

In addition, DH2i and some of its technology partners will also feature a diverse array of demos at booth #204 during the event. Topics include: 

  1. How to unlock clustering/failover flexibility for SQL Server 2025 Availability Groups
  2. Migrating on-prem SQL Server workloads to Elastic Kubernetes Service
  3. Clustering Windows and Linux SQL Server together
  4. Mixed Kubernetes cloud AG deployments containing AKS, EKS, & GKE
  5. Setting up DR frameworks between on-prem, Azure, and EC2

Details on the joint DH2i and Microsoft expert-led sessions are as follows: 

Session Title: 

How to Migrate SQL Server Workloads to Red Hat OpenShift with DxEnterprise

When & Where: 

November 19, 10:15 AM-10:45 AM, Room 442

Session Abstract: 

As organizations seek to modernize their infrastructure and improve SQL Server scalability, many are turning to containerization and orchestration platforms like Red Hat OpenShift. Migrating existing SQL Server workloads to these new environments can be complex and daunting, especially when the task at-hand involves migrating cross-platform from Windows to Linux for the first time. 

In this step-by-step demonstration, we’ll show you how you can deploy a secure, cross-platform SQL Server Availability Group (AG) that seamlessly spans from an on-premises Windows Server node to a newly created OpenShift cluster in Azure. We’ll automate the deployment of this unique AG using DxEnterprise’s SQL Server Operator for Kubernetes, and be sure to demonstrate: 

  • AG customization – The ability to control # of replicas, async or sync replication, etc. 
  • The speedy workload migration from Windows to OpenShift using AG  
  • Fully automatic, database-level HA for the new OpenShift workload with DxEnterprise 

If your organization has any SQL Server modernization ambitions at all and is eyeing OpenShift as a potential hub for virtualization and container orchestration, make this session a priority. You’ll leave with an actionable understanding of an easy, secure, and highly available approach to OpenShift migration.

Session Title: 

How to Build a Secure & Resilient Data Estate for SQL Server-Backed AI Apps

When & Where: 

November 20, 10:15 AM-11:15 AM, Rooms 347-348

Session Abstract: 

The impending release of SQL Server 2025 and its support for vector databases unlocks a brand-new pathway into the ‘Age of AI’ for organizations across countless verticals. In the same way, it provides a robust and reliable database alternative for organizations that have already endeavored into the creation of their own AI applications. Regardless of the chosen technology, only AI databases architected with a keen focus on scalability, security, and resilience will meet the dynamic needs of modern enterprises. 

Join this demo-centric presentation to be shown step-by-step how your organization can leverage Azure AI, Microsoft SQL Server 2025, and DH2i to build a comprehensive solution for deploying enterprise AI at scale. We’ll show you how you can use a SQL Server Operator to automate the deployment of an Availability Group in Kubernetes, providing an optimally scalable, secure, and highly available database backbone for your AI applications. Additionally, we’ll demonstrate fully automatic failover of an AI workload between Kubernetes replicas—a non-negotiable capability for achieving maximum resiliency. 

Attendees will leave with a full, actionable framework for building highly available, production AI apps with Azure AI, Microsoft SQL Server 2025, and DH2i.

Session Title: 

How to Provision a SQL Server Availability Group Cluster in AKS/EKS

When & Where:

November 21, 11:30 AM-12:30 PM, Rooms 347-348

Session Abstract: 

The path to true high availability for critical SQL Server workloads in the cloud has never been for the faint of heart. For organizations pursuing further modernization by deploying containers in the cloud, the complexity is dialed up even further. Until now…

Join this presentation for a step-by-step demonstration showing you two different approaches your organization can employ to drastically simplify the deployment of secure and highly available SQL Server containers in the cloud:

  • Approach 1: Use a DxEnterprise Helm chart and StatefulSets to deploy a 3-replica AG in AKS/EKS.
  • Approach 2: Use DxEnterprise’s SQL Server Operator to automate the deployment of a customized Availability Group (AG) containing three replicas in AKS/EKS.

Both approaches to SQL Server container deployment in EKS/AKS are executable in minutes, and they integrate powerful proprietary benefits like:

  • SQL Server sidecar containers to avoid custom image/support headaches
  • Fully automatic failover for SQL Server Availability Groups in Kubernetes
  • Zero trust network access tunnels to securely connect any replica, anywhere

A clear path has been paved to peak SQL Server scalability and cost-efficiency with containers in the cloud. Join this session to see how you can get there without sacrificing network security and high availability.

About the Speakers: 

OJ Ngo, CTO, DH2i 

With over two decades of experience in IT, Thanh “OJ” Ngo is a seasoned technologist and inventor dedicated to streamlining processes and finding creative solutions to everyday technical problems. As co-founder and principal architect of DH2i Company’s core technology, OJ brings his unique blend of technical expertise and innovative thinking to the development of groundbreaking solutions that transform the way organizations approach IT challenges.

Amit Khandelwal, Principal Product Manager at Microsoft

Amit Khandelwal is a Principal Product Manager at Microsoft with over 15 years of experience. He has played a key role in the development of SQL Server on Linux, contributing significantly to Microsoft’s cross-platform solutions. Currently, he oversees SQL Server on Linux and containers. With over a decade of database experience, he has designed SQL Server-based data platforms for Tier 1 customers across diverse business segments.

Leave a comment »

Authentication Coercion Attacks Abuse Windows to Force Systems into Sending Credentials

Posted in Commentary with tags on November 12, 2025 by itnerd

Researchers have uncovered an upsurge in authentication coercion cyber-attacks that abuse Windows Remote Procedure Call (RPC) mechanisms that force systems into sending their credentials to an attacker-controlled system.

You can find out more via this Palo Alto Unit 42 Blog post:  https://unit42.paloaltonetworks.com/authentication-coercion/  

Jim Routh, Chief Trust Officer at Saviynt, commented:

Authentication coercion attacks represent a particularly challenging attack vector for enterprises that rely on extensive use of Microsoft architecture and products. These attacks enable lateral movement with limited visibility for the enterprise. There are several remediation steps recommended that generally require strict adherence to limits in how RPC (remote procedure call) is used within the enterprise. The larger and more complex the enterprise, the more difficult it is to enforce the limitations of RPC. 

“Enterprises should consider more maturity in how privileged access management (PAM) works, including the use of continuous validation techniques that compare attributes from data streams to established patterns.  These techniques measure the deviation from the established pattern mathematically. The deviation threshold (number or score) can trigger automated workflows that restrict access (lateral movement) within milliseconds of an attack attempt. This type of capability is not dependent on humans to detect the threats. It is similar to the way our body’s immune system operates when exposed to bacteria or a virus. Our body’s immune system automatically produces white blood cells and antibodies to attack the bacterial infection. Continuous validation techniques represent a digital immune system response that can take action in milliseconds when lateral movement is automatically identified.” 

This is another big hint that organizations need to look at making sure that users are only able to do what they need to do and nothing more. That would make attacks like these way less effective.

Leave a comment »

TELUS Living breaks ground on 55-unit Vancouver-Point Grey development

Posted in Commentary with tags on November 12, 2025 by itnerd

TELUS celebrated the official groundbreaking of a new TELUS Living development in Vancouver’s Point Grey neighbourhood. Located at 2608 Tolmie Street, the former Point Grey telephone exchange will be transformed by TELUS and its development partner, LPI Management Ltd., into a sustainable, mixed-use building featuring 55 purpose-built rental units and four retail spaces, helping to address the urgent housing needs in the community. The Vancouver-Point Grey development joins two other TELUS Living buildings under construction in Nanaimo and Sechelt, delivering 254 rental homes in early 2026. A further 18 properties are proposed to add more than 3,000 homes across British Columbia over the next six years, with plans to expand the program to Alberta and Quebec.

Located in the heart of Vancouver’s Point Grey, the site is uniquely positioned with proximity to UBC and other key facilities. The development will serve diverse housing needs, from students and young professionals starting out to established residents looking to downsize and remain close to the neighbourhood they love. 

Project Highlights: 

  • Six-storey mixed-use building featuring 55 purpose-built rental units and four ground-floor retail spaces 
  • Diverse unit mix with studio, one-bedroom and two-bedroom units to accommodate students, young professionals, families, and downsizers
  • Smart home technology powered by TELUS’ PureFibre network, offering seamless connectivity with smart home devices that enhance security, energy efficiency, and residents’ overall living experience
  • Climate conscious development promoting high energy efficiency to minimize environmental impact
  • Sustainable transportation based on proximity to transit and bike routes with one level of underground parking and robust cycling infrastructure 
  • Community-focused amenities including co-working and study areas, indoor and outdoor social lounges, bike storage with end-of-trip facilities, parcel lockers, and pet-friendly features

This groundbreaking marks a significant milestone in TELUS Living’s mission to transform existing real estate holdings into purpose-built rentals that bridge the housing gap with smart, sustainable, and community-focused developments. Through its copper-to-fibre network migration, TELUS has unlocked opportunities by repurposing central offices, which are buildings that once housed copper-based equipment and served as the backbone of British Columbia’s phone system. For more details on TELUS Living please visit telusliving.com.

Leave a comment »

Ridge Security Earns 95% Willingness to Recommend rating, Gartner Peer Insights

Posted in Commentary with tags on November 12, 2025 by itnerd

Ridge Security, leader in AI-powered offensive security for Continuous Threat Exposure Management (CTEM), today announced that it was the second highest vendor to score a willingness to recommend with 95% in the 2025 Gartner’s Peer Insights “Voice of the Customer” for Adversarial Exposure Validation.

Based on 22 reviews validated by Gartner as of August 2025 Ridge Security recently announced RidgeGen, a comprehensive Agentic AI framework designed to take security validation from automation to autonomy. Powered by RidgeGen, Ridge Security’s flagship product, RidgeBot, covers an organization’s IT infrastructure, including hosts, networks, applications, APIs, and LLMs, making it the platform with the most comprehensive offensive security framework ever developed. We feel like the willingness to recommend score from Gartner Peer Insights™ “Voice of the Customer” is evidence of the company’s growing demand for Adversarial Exposure Validation technology.

According to Gartner, Adversarial Exposure Validation represents a market segment focused on solutions that continuously test, validate, and measure an organization’s security posture by emulating real-world attacker behaviors. These technologies operationalize adversarial techniques to assess and prioritize exposures with precision and repeatability.

Within this framework, Gartner Peer Insights defines willingness to recommend as the percentage of verified end users who indicate they would endorse a vendor solution to their peers, a key measure of customer advocacy. Derived from 18 months of practitioner reviews, this metric offers an evidence-based view of user confidence and satisfaction with Ridge Security’s flagship product, RidgeBot.

Leave a comment »

Wise Platform partners with Wealthsimple 

Posted in Commentary with tags on November 12, 2025 by itnerd

Wise Platform, Wise’s leading global payments infrastructure for banks and enterprises, today announced it’s working with Wealthsimple, a financial services platform on a mission to help Canadians achieve financial freedom, on an improved offering for sending money internationally. This partnership enables Wealthsimple’s chequing and joint chequing customers across Canada to access low-fee, fast and transparent international payments directly from the Wealthsimple app or website, delivering added convenience for Canadians sending money abroad.

Wealthsimple users can now make secure international payments to 30 countries in 10+ currencies from the convenience of their Wealthsimple chequing or joint chequing account. In just a few clicks, Wealthsimple clients can set up a transfer by selecting their recipient, inputting the amount they wish to send in CAD, and selecting which currency they would like their recipient to receive. The in-app experience clearly displays the mid-market exchange rate (the rate you see on Google), lists any additional fees, and provides a window of time for when funds will arrive so the customer has real-time insight into the cost and speed of their transfer.

According to a 2024 report from Payments Canada, one in five people sent money internationally using their Canadian bank account in the previous 12 months–a 33 percent increase from the previous year. Notably, 50 percent of Canadians aged 18-34 sent money abroad once a month. Wealthsimple’s decision to partner with Wise Platform underscores the rapidly-growing demand for modern, reliable international payments services as more Canadians live, work and connect across borders.

Wise Platform leverages the power of Wise’s robust global payments network. Wise directly participates in seven domestic payment systems, is supported by over 70 licenses worldwide, and settles 74% of payments instantly (in under 20 seconds). This best-in-class infrastructure has made Wise Platform a leading partner for banks and large enterprises globally looking to make their international payments offerings more competitive. Wealthsimple joins a growing roster of major banks and enterprises who are partnering with Wise Platform to provide efficient and secure services to customers who need to send money abroad.

Leave a comment »

VDURA Unveils Data Platform V12 

Posted in Commentary with tags on November 12, 2025 by itnerd

 VDURA today announced Version 12 of the VDURA Data Platform, a major software release that redefines scalability and resilience for AI and high-performance computing (HPC) environments. V12 increases performance on every metric and introduces a new elastic Metadata Engine, system-wide Snapshot Support, and optimized integration for hyperscale class HDD’s using Shingled Magnetic Recording (SMR) technology to deliver unprecedented performance efficiency, durability, and capacity scaling across the data lifecycle.

Building on the performance foundation established in V11, VDURA V12 Key Highlights of Data Platform V12 include:

  • Elastic Metadata Engine: A next-generation, scale-out, metadata engine designed for increased performance. It dynamically scales across nodes to sustain performance as file and object counts grow, eliminating traditional bottlenecks and improving metadata operations by up to 20x.
  • Snapshot Support: Enables instantaneous, space-efficient point-in-time copies of datasets for AI pipelines, model checkpoints, and operational recovery. Snapshots integrate seamlessly with support for both manual and policy-based retention.
  • SMR HDD Optimization: Extends the VDURA data platform to support Shingled Magnetic Recording (SMR) drives for ultra-dense data storage. A new write-placement engine organizes sequential zones intelligently, unlocking 25–30% more capacity per rack without compromising throughput or data integrity. 

Breakthrough Performance Meets Resilient Scale

The Elastic Metadata Engine enables metadata operations to scale linearly across multiple metadata nodes, supporting billions of files and objects under active use. Combined with snapshot and SMR tier support, V12 further reduces total cost of ownership while extending VDURA’s lead in AI-scale storage economics. With aggregate throughput performance increased by more than 20%, V12 delivers unmatched efficiency for training pipelines, inference workloads, and hyperscale data movement.

Availability

VDURA Data Platform V12 will be generally available in Q2 2026 for all V5000 and V7000-class systems. Existing customers running V11 or later can upgrade in place via an online software update with zero downtime.

The Mountain vs. the Data Transfer Record at SC25

On Nov 18, 2025, at 11:30 AM CT, Hafþór “Thor” Björnsson returns to SC25 Booth #2033 with VDURA to break the AI and HPC data transfer record. Powered by Phison Pascari SSDs and the VDURA Data Platform, Thor will move hundreds of petabytes in seconds, demonstrating the next level of data performance and scalability.

Last year, Thor stunned the crowd with his World Record Data Lift, hoisting over 282 PB of capacity, the most data ever lifted. This year, it’s all about speed.

Leave a comment »

TD meets loss with care, not complexity—introducing Empathy

Posted in Commentary with tags on November 12, 2025 by itnerd

Navigating the loss of a loved one can be overwhelming, both emotionally and administratively. To help ease these burdens, TD has collaborated with Empathy, a leading technology company that helps individuals navigate life’s toughest moments, to offer post-loss care to eligible clients who are using TD’s estate settlement services, including executors of an estate and their families. This support includes around-the-clock access to trained Care Managers and tech-enabled guidance through the many steps that follow a loss.

According to Empathy’s Grief Tax Report, an estate can take over a year to settle, require multiple hours of paperwork, and leave some families thousands of dollars out of pocket, even when plans are in place. To support families through these difficult times, TD is pleased to be able to offer Empathy’s care platform.

Empathy is available on a complimentary basis for eligible TD Estates clients. The TD Estates team is able to support with financial disbursements, while Empathy offers digital tools and Care Managers. The Empathy platform provides assistance that includes:

  • Personalized, step‑by‑step Care Plan that adapts to each family’s situation and priorities;
  • Real‑time human support from trained Care Managers for guidance and hands‑on help;
  • Benefits and claims support to help families identify and collect what they’re entitled to;
  • Grief resources, including audio guides, meditations and a private journal.

TD is the first bank in Canada to offer Empathy’s services, an innovation born from a successful pilot earlier this year with the TD Enterprise Innovation and Canadian Personal Banking Estates teams. This collaboration with Empathy underscores TD’s focus on putting people first, offering meaningful support when it matters most, and building lasting trust through life’s most difficult moments. This approach to innovation is fostered by TD Invent, a strategic effort across the Bank to power purposeful innovation.

Leave a comment »

Other World Computing (OWC) Expands Thunderbolt 5 Lineup with OWC StudioStack and OWC Mercury Helios 5S

Posted in Commentary with tags on November 12, 2025 by itnerd

 Other World Computing today announced the launch of the OWC StudioStack, the world’s first, fastest, and highest-capacity Thunderbolt 5 stackable hybrid storage solution for Mac Studio and Mac mini machines. In addition, the company announced the OWC Mercury Helios 5S, the most powerful and easiest way to utilize PCIe cards with Thunderbolt 5/4/3 and USB4 notebooks and small form factor computers like the Mac Studio, as well as add more Thunderbolt 5 ports.

OWC StudioStack

With the OWC StudioStack, users can upgrade their Mac Studio and Mac mini devices with the fastest and highest capacity stackable hybrid storage solution on the planet – all wrapped up in an aircraft-grade aluminum that nestles perfectly underneath your setup.

Key Features:

  • Internal Class Speed: Up to 6302MB/s real-world performance
  • Capacity: Up to 8TB NVMe SSD and up to 24TB HDD storage space
  • Expanded Connectivity: Three Thunderbolt 5 (USB-C) 80Gb/s and three USB-A 10Gb/s ports for more device, display, and drive possibilities
  • Widely Compatible: Use with Thunderbolt 5/4, USB4 Macs and PCs, and Thunderbolt 3 Macs
  • Highly Reliable: Aircraft-grade aluminum offers rugged protection of installed SSDs plus effective heat dissipation to keep everything cool for consistent top speed
  • Near Silent Operation: Engineered with a smart, adaptive fan that activates only when needed, making it ideal for uninterrupted creative focus
  • Future Flexible: Both DIY “build your own” and ready-to-run solutions are easily future upgradeable with a faster, higher capacity 2280 NVMe M.2 SSD and a higher capacity SATA 3.5″ HDD or 2.5″ SSD
  • Complete: Includes Thunderbolt 5 80Gb/s cable

OWC Mercury Helios 5S

Modern notebooks, small form factor computers, and “all-in-one” desktop computers are slender marvels of engineering, but they have a significant shortcoming: a lack of internal space to install PCIe cards for added functionality. The OWC Mercury Helios 5S opens a world of pro-grade, full-size workstation capabilities to those machines via a single Thunderbolt or USB4 connection.

Key Features:

  • Expands Small Machines: Use video capture, high-speed fiber/Ethernet, NVMe RAID, audio I/O, and other cards to unlock the potential of MacBooks, Mac Studio, Mac mini, and other space-confined computers lacking a PCIe slot
  • Internal Class Speed: Up to 6000MB/s bandwidth available for simultaneous read/write
  • Pro Level Card Ready: (1) PCIe 4.0 x4 (x16 mechanical slot) for half-length, full-height, single or double-width cards
  • Expanded Connectivity: Three Thunderbolt 5 (USB-C) 80Gb/s ports, each with 15W power delivery for more device, display, and drive possibilities
  • Widely Compatible: Use with Thunderbolt 5/4, USB4 Macs and PCs, and Thunderbolt 3 Macs
  • Whisper Quiet: Aircraft-grade aluminum housing and high-efficiency cooling fan provide cool, nearly silent operation
  • Easy Card Installs: Captive thumb screws, so no tools required
  • Complete and Secure: Includes Thunderbolt 5 80Gb/s cable and power cord retainer

The OWC StudioStack is available for pre-order now at a starting price of $329.99, with shipping planned for mid-December. To learn more, please visit: https://www.owc.com/solutions/studiostack.

The OWC Mercury Helios 5S is generally available now (GA) for $329.99. To learn more and order, please visit: https://www.owc.com/solutions/mercury-helios-5s.

The OWC StudioStack and OWC Mercury Helios 5S will be showcased live and in-person, together with other key OWC Thunderbolt 5, storage, and connectivity solutions in OWC Booth #8218 during next week’s Inter Bee 2025, taking place November 19 – 21, at Makuhari Messe (Chiba City, Chiba Prefecture, Japan).

Leave a comment »

Former CISA Associate Chief of Strategic Technology Joins Post Quantum Cryptography Security Startup

Posted in Commentary with tags on November 12, 2025 by itnerd

Today, QuSecure announced that Garfield Jones has joined the company as Senior Vice President, Research and Technology Strategy. A renowned technical advisor and test and systems engineering manager with extensive knowledge of IT and DoD systems, Dr. Jones will lead QuSecure’s technology strategy to meet U.S. Federal Government mission and security requirements, and build and nurture partnerships with stakeholders to drive strategic planning and continuous innovation for cryptographic management.

More info about Garfield is available here: http://qusecure.com/garfield-jones.

Before joining QuSecure, Dr. Jones served as Associate Chief of Strategic Technology for CISA, where he developed the strategy and guidance on using innovative, leading-edge technology across the agency, including articulating and documenting the future technology vision to achieve mission objectives and goals. Dr. Jones led the PQC initiative at CISA, consulting with executive branch-level staff on crafting and disseminating guidance for federal agencies and national policy on research and development, and on the adoption of PQC technology.

Specifically, Dr. Jones worked with the OMB, ONCD, and various federal agencies to execute tasks outlined in Executive Orders 14306 (Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity) and 14144 (Strengthening and Promoting Innovation in the Nation’s Cybersecurity) and memos such as OMB 23-02 (Migrating to Post-Quantum Cryptography) issued by the Executive Branch.

Leave a comment »

« Older Entries