Archive for 2025

« Older Entries
Newer Entries »

Zoho Research: Canadian Organizations Balancing Privacy with AI Adoption

Posted in Commentary with tags on October 20, 2025 by itnerd

As AI adoption accelerates across Canada, new research from Zoho reveals that Canadian business professionals are successfully navigating the intersection of innovation and privacy. The findings, based on the infographic at the end of this email, provide insights about enterprise strategy, digital transformation, and the Canadian business advantage.

Key highlights:

  • Leaders aren’t leading the charge: only 26% of CEOs/presidents/owners are leading AI adoption. While the majority (52%) of the adoption is being initiated by their teams. 
  • AI momentum: 84.5% of Canadian organizations are actively exploring or implementing AI. However, 16% have yet to adopt it.
  • Privacy as strategy: Canadian organizations view privacy as an AI enabler, not a barrier. 71% rate their privacy investments as “adequate to excellent,” and nearly half dedicate 11–30% of their IT budget to privacy.
  • Canadian advantages: educated workers, innovation capability, global reputation, tech hubs, and social policies.
  • Versus the U.S.: 14% of U.S. respondents have advanced integrations vs. 7% for Canadians

UPDATE: The research can be found here.

Leave a comment »

AWS Takes A Dive Taking Down Many Popular Apps And Websites With It

Posted in Commentary with tags on October 20, 2025 by itnerd

If you use anything from Snapchat to Reddit to Lloyds, you were likely affected by an outage over at Amazon Web Services or AWS. The fact is that two companies largely provide the computing resources that apps and websites need. The other one is Microsoft with their Azure platform. So when one of those companies has an outage, we are all going to have a bad day.

The cause of today’s outage according to Amazon was as follows:

We have identified a potential root cause for error rates for the DynamoDB APIs in the US-EAST-1 Region. Based on our investigation, the issue appears to be related to DNS resolution of the DynamoDB API endpoint in US-EAST-1. 

It’s always DNS at the end of the day when a network or an Amazon has an outage. As it stands, Amazon has largely gotten things back online. But the company is still dealing with issues as recently as a few minutes ago. So don’t be surprised if your favorite app or website might still have problems.

Aras Nazarovas, senior security researcher at Cybernews has this commentary: 

“Today’s outages for multiple services was the result internal DNS failures at Amazon Web Services in their US-EAST-1 region of AWS Cloud, similar failures have been common causes for major outages in the past, and usually stem from incorrect, updated configurations, or due to poor monitoring of expiration timelines for configurations, certificates, etc. 

From initial reporting there are no indications of any security breach, however failing to keep information or resources available for clients can be classified as a cyber incident, even if there was no malicious outsider or malicious intent. 

Similar outages occur almost every year, and they can be a reminder of how extensive software supply chains have become, showing how a simple issue on a handful of Amazon Data Centers caused thousands of issues to their clients.

Clients of affected services were impacted by failing to access their resources and data hosted by AWS for ~4hours impact of such a failure to ensure availability can vary greatly depending on the specific business and industry that used impacted AWS services, in worst case scenarios such an outage could have had serious consequences in critical infrastructure sectors.

In the event of such disruptions users should immediately seek alternative solutions for communication (different app, phone calls, SMS, radio) to be able to coordinate next steps towards recovering from such a disruption. It is a good practice to have a “Disaster Recovery Plan” where alternative communication channels and other critical steps have been planned in advance.”

I’ll be keeping an eye on this to see if there are any knock on effects. But it looks like things are trending towards normalcy…. Hopefully.

UPDATE: Sergiy Balynsky, VP of Engineering at cybersecurity company Spin.AI, provided the following comment:

“The AWS outage is a reminder that business continuity planning isn’t optional. Organizations should maintain independent backups and diversify across multiple cloud providers – so a disruption in one platform doesn’t bring operations to a halt.

Even the most reliable clouds can fail. A strong business continuity plan should include not only reliable backups, but also cross-platform and multi-cloud redundancy to minimize business disruption and maintain access to critical data when one provider experiences downtime.”

Leave a comment »

Salesforce breach escalates: Qantas & Vietnam Airlines data leaked on dark web 

Posted in Commentary with tags on October 20, 2025 by itnerd

Outpost24 researchers have published an analysis on the recent developments surrounding the Salesforce data breach. The breach has continued to escalate, with Qantas and Vietnam Airlines data now being leaked on the dark web. 

The analysis dives into the exact timeline of events, the amount of data being leaked, the broader risk of these events, and how the threat actors behind this, Scattered Lapsus$ Hunters, typically run their attacks. The researchers determined that this incident highlights two critical realities. 

One, that an organization’s security perimeter is no longer just the firewall, but all third party platforms that have access to company data and software. And two, that threat actors are increasingly targeting individuals to bypass technical controls. By exploiting insider employees, Scattered Lapsus$ and many other groups, are leveraging major data leaks. All because of effective social engineering. 

For full details, the analysis can be read at this link: https://outpost24.com/blog/salesforce-breach-qantas-vietnam-airlines/

Leave a comment »

Over 17 Million Consumers Impacted In Prosper Lending Platform Data Breach

Posted in Commentary with tags on October 17, 2025 by itnerd

Data breach tracking website Have I Been Pwned posted yesterday that US peer-to-peer lending platform Prosper was hit with a breach that affected 17.6 million customers.

Prosper initially announced last month that it had detected unauthorized access on their systems resulting in the exposure of an undisclosed number of customers and applicant information. The company shut down the activity promptly and confirmed that the unauthorized access was revoked as of September 2.

John Carberry, Solution Sleuth with cybersecurity services provider Xcape, Inc.offers perspective:

    “The Prosper data breach is a serious one, both in terms of the number of people affected and the sensitivity of the compromised information. With 17.6 million customers impacted, and data including Social Security numbers, credit scores, and income details exposed, this incident could lead to various types of fraud, such as identity theft, synthetic identity creation, and phishing attacks. Although Prosper says there’s no evidence of unauthorized account access or stolen funds, breaches involving financial data often have lasting consequences, with issues appearing months or even years later. This event highlights how crucial it is for financial platforms to have strong identity and access management, continuous monitoring, and robust data encryption. Those affected should immediately take steps like credit monitoring, fraud alerts, and closely monitoring their accounts. For organizations, this serves as a reminder to minimize data retention, enforce least-privilege access, and ensure quick breach detection and response to limit damage.

    “Simply put, companies that store this type of PII in the course of operating their businesses have a fiduciary responsibility to protect it.  It is no longer enough to have a “proper” response to such breaches.  Consumers must demand stronger data protections and accountability from these vendors at the outset.”

Companies need to take better steps to avoid a situation like this. I say that because the sort of information that has been leaked should be extremely difficult to get. In this case, that does not seem to be case.

Leave a comment »

NATO’s Biggest Naval Exercise Proves Undetectable Ship-to-Ship Laser Communication

Posted in Commentary with tags on October 17, 2025 by itnerd

Lithuanian space and defense tech company Astrolight has successfully demonstrated undetectable, unjammable, and high-bandwidth laser-based ship-to-ship communication with its POLARIS terminal during REPMUS’25, NATO’s largest unmanned maritime exercise recently.

During the REPMUS (Robotic Experimentation and Prototyping using Maritime Uncrewed Systems)/Dynamic Messenger mission, hosted by the Portuguese Navy, POLARIS laser terminals maintained a stable, jam-proof horizon-limited laser-based link between two vessels: NRP Dom Francisco de Almeida and NRP Dom Carlos I. During testing, the link wasn’t detected by a single sensor of other participating ships, drones, and land assets.

Astrolight’s terminals also transmitted gigabytes of data at latencies and speeds that allow for more than 10 concurrent, real-time HD video streams, even through rain and fog, during the day and night.

Jamming is a serious problem at sea because it can distort satellite navigation, confuse radar and ship-tracking displays, and interrupt radio and satellite communications. In such cases, crews switch to less secure backup methods like noisy radio or signal lamps that increase a ship’s electromagnetic signature and make it easier to detect.

The demonstration of Astrolight’s POLARIS in Portugal builds on prior tests with the Lithuanian Navy.

NATO’s REPMUS/Dynamic Messenger exercise combines REPMUS, the top event for maritime robotics and unmanned tech, and Dynamic Messenger, a program for testing innovative naval systems. They bring together NATO Allies, partners, academia, and industry experts, and provide a realistic setting to evaluate new maritime capabilities and promote their integration into NATO operations.

Leave a comment »

Forcepoint X-Labs Publishes Research on Escalating AI Cybersecurity Arms Race

Posted in Commentary with tags on October 17, 2025 by itnerd

 Forcepoint X-Labs has released a new post by researcher Jyotika Singh, which is a deep dive into the accelerating AI Cybersecurity Arms Race. The post details how artificial intelligence is simultaneously empowering defenders with real-time detection while helping adversaries automate deception at massive scale. The central finding is that every algorithm built for protection can now be turned to exploit, making speed and continuous adaptation the only sustainable advantages.  This analysis highlights that the challenge for security leaders is no longer whether to use AI, but how to stay ahead of sophisticated, AI-enabled adversaries.

Key highlights from the research include:

  • Adversaries are leveraging malicious LLM variants (such as FraudGPT and WormGPT) to automate phishing kit creation, malware generation, and massively scale social engineering operations. 
  • Deepfake technology has fully graduated from theory to multi-million-dollar real-world fraud, exemplified by a confirmed £20M video-call scam that impersonated company officers for a fraudulent transfer. 
  • Attackers are using Reinforcement Learning (RL) to train generative models to automatically evolve polymorphic payloads, creating malware that changes structure to evade endpoint security products. 
  • Defenders are fighting back with multi-layered ML/DNN classifiers and ‘Agentic AI’ systems, cutting average dwell time by automating real-time threat detection and high-volume tasks like alert triage. 
  • Actionable recommendations for organizations, including enforcing out-of-band verification for high-value transfers and continuously red-teaming internal ML models against adversarial inputs.

This research reinforces that the future of cybersecurity will be decided by who adapts the fastest, and that human oversight paired with intelligent automation is critical to maintaining confidence in protection.

The full blog post can be found at https://www.forcepoint.com/blog/x-labs/ai-cybersecurity-arms-race

Leave a comment »

Microsoft Logo Used in Fake Browser Lock Tech Support Scam – SOCRadar’s CISO Comments 

Posted in Commentary with tags on October 16, 2025 by itnerd

Researchers have uncovered a new campaign that weaponizes Microsoft’s name and branding to lure users into fraudulent tech support scams. What makes this scam different from others is the use of social engineering, fake system alerts and deceptive UI overlays to execute the scam.

More details can be found here: https://cofense.com/blog/weaponized-trust-microsoft-s-logo-as-a-gateway-to-tech-support-scams

Ensar Seker, CISO at SOCRadar, provided the following comments:

“This scam is an advanced form of client-side browser manipulation that exploits both psychological and technical blind spots. By weaponizing the browser through JavaScript-based UI freezing, attackers simulate a system-level lock, often hijacking the mouse cursor, displaying modal pop-ups, and suppressing keyboard interactions. This creates a false sense of urgency and loss of control, coercing victims into calling a fraudulent support number.

“Technically, this scam evades email security layers by using CAPTCHA challenges and redirect chains to delay payload execution until after user interaction, which frustrates sandbox-based detection. It also mirrors tactics used in scareware and fake AV campaigns from a decade ago, now modernized with brand impersonation and responsive browser exploits.

“For defenders, it reinforces the importance of browser hardening, zero-trust browsing environments, and robust user awareness, especially training users to recognize fake urgency cues and never call unknown support numbers prompted by web pop-ups.”

Threat actors seem to be evolving faster than defenders can keep up. And this campaign illustrates that. That should make it clear that defenders need to evolve just as fast or bad things will happen to those they are protecting.

Leave a comment »

Centreon Launches a Scalable and Cost-Effective Observability Platform    

Posted in Commentary on October 16, 2025 by itnerd

Centreon today announces the launch of the Centreon Observability Platform, a portfolio of simple, scalable and cost-effective solutions designed to deliver extended visibility and make enterprise-grade observability accessible to all organizations.

Rising Demand for Observability

Modern organizations rely on increasingly complex digital infrastructure, from hybrid cloud environments to distributed applications and customer-facing services. Downtimes, performance degradation, and poor user experience directly impact revenue, brand reputation, and employee satisfaction. 

As Gartner highlights, observability platforms are now vital to ensure availability, resilience, and business continuity, with the market expected to reach $14.2 billion by 2028, growing at 11.1% CAGR. 

In this context, Centreon extends its leadership in IT infrastructure monitoring to deliver extended visibility, helping organizations keep digital systems always-on and high-performing. 

The Centreon Observability Platform

The Centreon Observability Platform combines IT infrastructure monitoring, log management, and digital experience monitoring in a simple, scalable, and cost-effective solution. 

Built on open-source standards and designed for flexibility, it empowers IT teams to detect incidents faster, resolve issues smarter, and operate with greater efficiency. Its modular design allows organizations to deploy each capability independently or as an integrated observability stack, ensuring maximum adaptability and optimized total cost of ownership.

Centreon Infra Monitoring

Since 2005, Centreon Infra Monitoring provides a single platform to monitor the entire hybrid IT stack, from cloud-native and containerized environments to legacy systems and OT/IoT infrastructures. With auto-discovery, 700 built-in connectors, and powerful visualization, Centreon Infra Monitoring empowers IT Ops and NOC teams to gain complete visibility across distributed infrastructures and detect issues faster. By reducing MTTR, ensuring SLA compliance—while integrating seamlessly with ITSM and automation tools and aligning IT performance with business outcomes, Centreon Infra Monitoring eradicates downtime and maximizes productivity. 

Centreon Infra Monitoring is available immediately as open source download, or commercial self-hosted or full SaaS offering. Visit Centreon Infra Monitoring overview, to learn more. 

Centreon Digital Experience Monitoring

Centreon Digital Experience Monitoring (DEM) helps e-commerce, digital businesses, and public organizations maximize user satisfaction, customer conversion rates and sustainability goals. By combining real-user monitoring (RUM), synthetic testing (STM), and financial impact insights, Centreon DEM provides a shared view across business, marketing, and IT teams of how performance drives both revenue and ESG outcomes. This ensures faster detection and resolution of issues, measurable ROI from optimization initiatives, and a direct link between digital performance and corporate sustainability strategies. 

Centreon DEM is available immediately for commercial purchase. To learn more visit Centreon DEM Overview.

Centreon Log Management

Centreon Log Management is a next-generation solution designed for simplicity, scalability, and compliance, accessible to every IT Operations team. Designed for simplicity, scalability, and speed, it combines OpenTelemetry standard with data enrichment to cut through log noise and surface what really matters. From real-time alerting to root cause analysis, every feature is built to reduce complexity and accelerate decision-making. Delivered as a sovereign, cloud-native platform, Centreon Log Management helps IT teams stay compliant, proactive, and always in control without the complexity, while managing cost effectively. 

Centreon Log Management is currently on Beta Release. Visit Centreon Log Management Overview, to learn more.

Leave a comment »

Over 850 New Phishing Sites Target US Taxpayers

Posted in Commentary on October 16, 2025 by itnerd

Ahead of the October 15th tax deadline extension, Netcraft researchers discovered at least 850 newly registered domain names in September and October with phishing links that use tax refunds as a lure. 

Fast Facts:  

  • Most of the websites are engineered to display in mobile browsers, meaning visitors typically arrive at the pages from smishing attacks targeting the messaging apps in their mobile phones.
  • Visitors to any of the sites are presented with pages that direct the target to enter personal financial information into a form, including the target’s name, home address, telephone number and email address, as well as payment card details. 
  • The attackers employ a ruse in which the explanation for the request for information is that it is needed to process a refund, or reimbursement, of taxes ostensibly overpaid by the target. 

Netcraft has a blog on this here: https://www.netcraft.com/blog/taxpayers-drivers-targeted-in-refund-and-road-toll-smishing-scams

Leave a comment »

More Dreamforce News: AWS, Google + Stripe Partnerships

Posted in Commentary with tags on October 16, 2025 by itnerd

Here’s a new update from Dreamforce 2025 —where Salesforce unveiled Agentforce 360, the world’s first platform designed to connect humans and AI agents in one trusted system.

The core message from Dreamforce is that AI’s real potential lies in deeply interwoven LLMs and enterprise software. Salesforce announced a series of partnerships with OpenAIAnthropic and more, putting it at the heart of delivering secure, interoperable AI at scale and strengthening the backbone of the $6T agent economy.

Noteworthy highlights from Dreamforce below (all fresh updates since our email on Tuesday):

  • Expanded Google Partnership – Salesforce and Google announced an expansion of their strategic partnership, introducing a new wave of AI innovations designed to transform the enterprise. This collaboration brings Google’s cutting-edge Gemini models to the new Agentforce 360 Platform. The expanded partnership places employee productivity at the forefront, integrating Agentforce 360 with Google Workspace for sales and IT service and expanding the Salesforce Gemini integration, already available in Gmail, to more Google Workspace tools.
  • Stripe Partnership – Salesforce announced a collaboration with Stripe and OpenAI to build an Instant Checkout integration, guided by the Agentic Commerce Protocol (ACP), allowing thousands of merchants using Agentforce Commerce to harness the power of conversational AI for a faster path to purchase and create seamless, intelligent shopping experiences that unlock new avenues of growth.
  • Salesforce and AWS announced how they are accelerating AI transformation for Agentic Enterprises across four core pillars — unified data, secure and interoperable AI agents, modernized contact centers, and streamlined customer procurement of AI solutions through AWS Marketplace.  This makes it easier, safer, and faster for customers like Toyota Motor North America and others, to harness powerful technologies without compromising security or trust.

Leave a comment »

« Older Entries
Newer Entries »