Author Archive

« Older Entries
Newer Entries »

Could the Spain and Portugal blackout have been a cyber-attack? 

Posted in Commentary with tags on April 29, 2025 by itnerd

‘Cyber-attack’ was the phrase on many people’s minds when large parts of Spain and Portugal were recently plunged into a blackout. Authorities are investigating the root cause, with early reports suggesting a technical malfunction caused by a ‘rare atmospheric phenomenon’. However, there has been speculation (yet to be ruled out) that a cyberattack could be to blame.

Specops Software today published a blog diving into the possibility that the widespread power outage across the Iberian Peninsula could be due to a cyber-attack. 

Questions asked include: 

  1. Why was a cyber-attack initially suspected in the blackout in Spain and Portugal?
  2. Why would hackers target a country’s energy grid?
  3. What are the signs of a cyber-attack on a power grid?
  4. Could weak passwords play a role in power grid attacks?
  5. Cyber-attack or cautionary tale?

For full details please see the analysis at this link: https://specopssoft.com/blog/spain-portugal-blackout-cyber-attack

Leave a comment »

Saviynt Launches the Most Comprehensive AI-Powered Identity Security Posture Management Solution

Posted in Commentary with tags on April 29, 2025 by itnerd

 Saviynt today announced the launch of its AI-powered Identity Security Posture Management (ISPM) as part of its converged Identity Cloud platform. Saviynt’s ISPM provides actionable insights into an organization’s identity and access posture, offering an intelligent starting point to prioritizing and remediating risks.

Many organizations have sought this level of identity insight, but a viable solution has previously been unavailable. Saviynt will showcase its market-transforming ISPM April 29 – May 1 at RSA Conference 2025 inside the Moscone Center in San Francisco. Interested organizations should come to Booth #N-5163 to see the solution and better understand how it elevates their identity security posture.

While Identity Governance and Administration (IGA) is a well-known foundational element of any strong identity security program, comprehensive visibility across identity and access risks, governance control effectiveness, and identity data hygiene is crucial for reducing the attack surface area, yet is missing in organizations today. Unlike other solutions that focus solely on access or credential management, Saviynt ISPM delivers a converged solution addressing the full spectrum of identity security challenges, from preventing breaches to maintaining compliance.

Built on Zero Trust principles, Saviynt’s ISPM incorporates all identity, access, activity, policies, configurations, events, and security signals into an AI-powered, enterprise-grade identity security data lake. Saviynt’s ISPM enables organizations to:

  • Discover and inventory all identities (human and non-human), access, and resources: This can be done across an organization’s environment, on-premises and cloud.
  • Enhance and improve data hygiene: Leverage auto-generated, clear and accurate role and entitlement descriptions, ownership discovery of orphan and service account, clean up duplicate identities and much more to improve quality of identity data.
  • Boost effectiveness of governance controls: Eliminate rubber stamping entirely as well as reducing access certifications time up to 90%, reduce onboarding cost by more than 60-70%, and cut down access request time by up to 80% by measuring and baselining an organization’s governance processes.
  • Reduce audit findings with improved preparedness and evidence collection: Maintain continuous compliance with self-service capabilities and timeline views that highlight any and every identity change, access assignments, and governance history.
  • Empower business users by unlocking the power of identity data with Savi Copilot: Quickly create dashboards that drill down into the data needed to easily identify problematic trends or generate reports showing program effectiveness without the need of technical resources or business intelligence (BI) tools.
  • Bringing Application Owners to the Center of Identity Management: Engage application owners by providing them with clear insights into access, control (Separation of Duty), risk, and usage data for their applications. Meaningful involvement of application owners remains a critical gap in most identity management programs today and ISPM addresses it completely and holistically.

Saviynt’s ISPM helps with risk prioritization and remediation and in turn reduces the identity attack surface. Self-serviceability and evidence collection with timeline views empower organizations with improved audit preparedness.

Saviynt’s ISPM is now generally available. To learn more, please visit the website and blog.

Leave a comment »

Quorum Cyber recognized as a Microsoft Security Excellence Awards winner for Security MSSP of the Year

Posted in Commentary with tags on April 29, 2025 by itnerd

 Quorum Cyber today announced it won the Security MSSP of the Year award in the Microsoft Security Excellence Awards 2025 presented by the Microsoft Intelligent Security Association (MISA). The company’s innovation and achievements over the past 12 months have elevated and distinguished it within the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors (ISVs) and managed security service providers (MSSPs) that have integrated their security products and services with Microsoft Security technology.

Award winners demonstrated excellence across the security landscape during the past 12 months. 

At the sixth annual Microsoft Security Excellence Awards on April 28, Microsoft announced award winners in 9 categories honoring partner trailblazers, customer and technology champions, and changemakers. This is the sixth year awards were given. Quorum Cyber won the Security MSSP of the Year award. 

Established as an association to bring together Microsoft leaders, ISVs, and MSSPs, MISA focuses on collaborating to combat security threats and create a safer environment for all. Its mission is to provide intelligent, industry-leading security solutions that work together to help protect organizations at the speed and scale of AI in an ever-increasing threat landscape. Together with Microsoft stakeholders, MISA members voted on the Microsoft Security Excellence Awards, recognizing their peers’ efforts towards enhancing security.  

Leave a comment »

Konica Minolta and Square 9 Softworks Launch Exclusive Partnership to Drive Growth Through BlueIrisIQ

Posted in Commentary with tags on April 29, 2025 by itnerd

Konica Minolta Business Solutions today announced the expansion of its longstanding relationship with Square 9 Softworks into an exclusive partnership. This announcement comes on the heels of launching BlueIrisIQ, a newly created business unit designed to spearhead market growth in the content and information management segment. Square 9 is a leading provider of AI-powered information management and workflow automation solutions. This enhanced agreement marks a major milestone, positioning Konica Minolta as the sole North American distributor of Square 9’s award-winning offerings, a strategic move designed to deliver end-to-end service and support across both direct and dealer channels.

The expanded partnership reinforces Konica Minolta’s leadership in intelligent automation and scales the capabilities of BlueIrisIQ through a unified, enterprise-ready model. Together, the two organizations have created a streamlined structure that centralizes service delivery, accelerates implementation and strengthens post-sales support, all while fueling national market power and momentum.

As part of the enhanced partnership, Konica Minolta has introduced a dedicated team of Square 9-certified engineers to support sales, deployment and ongoing service. Customers also gain access to an exclusive support hotline offering direct communication with solution experts for faster resolutions and technical guidance.

By combining Square 9’s advanced automation tools with Konica Minolta’s dedicated delivery engine, the companies will lead the charge in AI-driven automation, revolutionizing the accessibility and affordability of intelligent information. By significantly reducing the cost of data extraction and removing barriers to entry, this partnership opens the door to markets that were once out of reach due to complexity or budget constraints.

Square 9’s reputation as an industry leader is rooted in its rapid deployment, user-friendly design and award-winning customer support, all of which are now embedded into Konica Minolta’s BlueIrisIQ service model. The result is a turnkey solution for customers looking to outsource operational pain points and drive digital transformation.

Learn more about BlueIrisIQ and its service offerings here.

Leave a comment »

KnowBe4 Appoints Bryan Palma as President and CEO

Posted in Commentary with tags on April 29, 2025 by itnerd

KnowBe4 announced that cybersecurity industry veteran Bryan Palma has been appointed president and chief executive officer of KnowBe4, effective May 5. KnowBe4’s founder and current chief executive officer Stu Sjouwerman has transitioned to the role of executive chairman.

Palma is a highly regarded technology executive with over twenty-five years of experience and a proven track record of scaling global technology enterprises by driving profitable growth, improving customer experience, and delivering operational agility. Most recently, he was the chief executive officer of Trellix, a multi-billion dollar cybersecurity market leader formed through the merger of FireEye and McAfee Enterprise. Prior to joining Trellix, he guided some of the world’s leading organizations through pivotal technology and business transformations including Cisco, Boeing, EDS, PepsiCo, and the US Secret Service. Palma earned a masters of business administration from Duke University’s Fuqua School of Business, masters of education from the University of Maryland, and bachelor of arts from the University of Richmond. Palma serves on the President’s National Security Telecommunications Advisory Committee and the CloudBees board of directors.

Executive chairman, Stu Sjouwerman founded KnowBe4 over fifteen years ago and over the last two decades has led the company through multiple rounds of venture capital funding, executed key strategic acquisitions, successfully led a public offering, and grew KnowBe4 to serve over 70,000 customers.

For more information on KnowBe4, visit www.knowbe4.com.

Leave a comment »

OnX Adds Custom Agent Development and AI Adoption & Enablement Services to its AI Accelerator Portfolio

Posted in Commentary with tags on April 29, 2025 by itnerd

OnX has announced the addition of two new solutions to its AI Accelerator portfolio: AI Custom Agents and AI Adoption & Enablement Services. Created to assist both public and private organizations in expediting the incorporation of AI into their operations, these additions leverage OnX’s extensive expertise in artificial intelligence and established reputation as a trusted technology solutions advisor in Canada for over 40 years.

AI-powered platforms and tools enhanced by generative AI have become pervasive across all industries. These solutions, whether used for instantly summarizing vast amounts of content, extracting and synthesizing information from multiple files, analyzing data, or generating emails, articles, and presentations, are becoming indispensable.

Most importantly, OnX takes the necessary steps to ensure an organization’s data readiness is optimal for AI integration and customization within an existing enterprise environment, which is a precursor to achieving measurable outcomes and success.

Organizations can now build on these foundational AI capabilities with Custom Agents—advanced tools using natural language processing to interact with critical data and streamline complex business processes. OnX experts conduct a thorough assessment of an organization’s existing IT environment and then design custom solutions that align with the enterprise’s business goals, budget, and security requirements. Once implemented, these custom AI agents can perform specialized cognitive tasks, automate functional workflows, and reduce repetitive work to drive efficiency, scalability, and innovation.

Acknowledging that workforce readiness is essential to support AI investment, OnX also now provides AI Adoption & Enablement Services. Led by expert Change Management Consultants, these programs can provide comprehensive training end users need to fully leverage AI tools and seamlessly transition into AI-enhanced operations.

OnX recently achieved the M365 Copilot Jumpstart “Ready” Tier designation, which recognizes the range of enablement services the company offers to assist enterprises in every stage of AI adoption, from assessment, design, and deployment to training and ongoing support:

  • Readiness Workshop: Comprehensive sessions to prepare for AI adoption.
  • Readiness Assessment: Evaluating the current state and readiness for AI implementation.
  • Remediation: Addressing any gaps or issues identified during the assessment.
  • Deployment: Seamless deployment of AI tools.
  • Adoption & Enablement: Training & Organizational Change Management programs to ensure successful adoption and utilization of AI tools.
  • Custom Agents: Optimize business processes and enhance productivity using large language models and generative AI.

Please visit OnX HERE for more information about the Custom Agents and AI Accelerator Adoption & Enablement Services. 

Leave a comment »

Guest Post: Apple’s Walled Garden Is Leaking – and So Is Your Data

Posted in Commentary with tags on April 29, 2025 by itnerd

By Vincentas Baubonis

Apple built its empire on a promise: Your iPhone is safe. The company’s famously walled garden – with tightly controlled hardware, software, and App Store curation – is supposed to be the envy of the digital world. It’s why Apple users sleep a little easier, why regulators give the company more breathing room, and why Apple can credibly claim to “think differently.”

But what if the walled garden has holes?

New research conducted by my team at Cybernews reveals a massive security oversight at the heart of Apple’s App Store: over 110,000 iOS apps – roughly 7 out of every 10 we analyzed – leak “hardcoded secrets,” including API keys, authentication tokens, and cloud storage credentials. Many of these secrets unlock access to sensitive user data. Some could allow full account takeovers. Others – like those found in fetish dating apps – have exposed private photos sent in confidence.

It’s a systemic failure – and Apple, with all its resources and security rhetoric, should be held to account.

Secrets Hidden in Plain Sight

Let’s be clear about what we found. Our researchers downloaded 156,000 iOS apps, about 8% of the App Store. We used automated analysis and reverse engineering – the same techniques used by attackers – to scan for secrets embedded directly in the app’s code. The kind of secrets developers should never store there.

Among the more than 816,000 exposed secrets, we discovered:

  • 94,240 hardcoded Storage Buckets, with 836 (0.89%) lacking authentication. These open instances exposed over 76 billion files, leaking 406TB of data.
  • 51,098 Firebase URLs, of which 2,218 (4.34%) lacked authentication. These open instances exposed 19.8 million records, leaking 33GB of data, including user session tokens and backend analytics. Almost all of these instances are hosted in the US.
  • 8,439 Fabric API keys were exposed. Fabric, an order management system, uses these keys to manage, track, and fulfill orders.
  • 3,343 live Branch keys exposed. Branch.io is a marketing platform used to track campaigns and enable advanced deep linking.

In the case of five niche dating apps – catering to LGBTQ+ users and kink communities – the leaks were especially troubling. Because their developers embedded Google Cloud credentials into their iOS app code, we found 1.5 million private user images sitting in unprotected cloud buckets: intimate photos, identity verification selfies, even images flagged for violating platform rules. All publicly accessible.

This is the kind of leak that can ruin lives – especially in countries where homosexuality is criminalized. Yet these apps passed Apple’s review process and remain live in the App Store.

The Myth of the Secure App Store

Apple’s defenders might point to its App Store Review Guidelines. They’re robust – at least on paper – and cover safety, performance, and legal compliance. But nowhere do they mention scanning for hardcoded secrets. If Apple does check for these weak spots behind the scenes, our findings suggest it’s doing a very poor job.

In contrast, major tech companies like GitHub, Google, and AWS all have automated detection systems to catch exposed secrets in code. Apple, with its trillion-dollar valuation, could easily implement the same – but hasn’t.

Why not?

One reason may be speed. Apple’s app approval pipeline is enormous, and slowing it down to add deep security scanning might cut into App Store revenue – especially from free apps running on ad-driven models. But another reason may be philosophical. Apple prefers to position itself as a hardware company with privacy baked in. What happens inside apps, it implies, is the developers’ responsibility.

This distinction might have worked in 2010. It doesn’t hold up today.

The Cost of Convenience

Most developers aren’t malicious. They’re just under pressure. Hardcoding secrets is faster than building secure authentication flows. Updating an app to fix a leaked secret can be risky and time-consuming. Many developers simply hope no one notices.

But attackers do notice.

In 2016, Uber was breached because hackers found hardcoded AWS credentials. In 2022, Toyota left GitHub keys exposed for five years. These weren’t amateur operations – they were failures by major companies.

If these mistakes can happen at Uber and Toyota, imagine the risks among hundreds of thousands of apps built by small firms or freelance developers.

During the times when 78% of people use mobile devices for sensitive financial and healthcare tasks, and 71% of employees use phones for work, the stakes couldn’t be higher. One compromised API key could allow a threat actor to read your medical history, hijack your crypto wallet, or impersonate you in a phishing attack.

Apple Has the Power. It Should Use It.

Apple often casts itself as the privacy champion in a dangerous digital world. It markets encryption, app tracking transparency, and on-device processing. It draws a sharp contrast with Android, where data collection and security gaps are more openly discussed.

But security doesn’t end at the lock screen. And for all its technical prowess, Apple still hasn’t built the safeguards needed to prevent insecure apps from leaking user data – or even user dignity.

The tools to fix this are readily available:

  • Static analysis tools can detect hardcoded secrets automatically.
  • A requirement for credential scanning could be added to the App Store review.
  • Apple could revoke vulnerable secrets in coordination with developers.

These aren’t radical measures. They’re standard practices at companies far smaller than Apple.

Where Is Apple’s Accountability?

We shouldn’t mistake slick marketing for security. And we shouldn’t let Apple off the hook simply because the alternative might be worse. Apple’s tight control over its ecosystem gives it enormous power – but with that comes responsibility.

Apple already decides which apps can run on its devices, how payments are processed, and what APIs are accessible. It should also ensure that the apps it approves don’t recklessly expose private user data to the internet.

Until then, the walled garden may look pristine – but it’s full of weeds.

ABOUT THE AUTHOR

Vincentas Baubonis is an expert in Full-Stack Software Development and Web App Security, with a specialized focus on identifying and mitigating critical vulnerabilities in IoT, hardware hacking, and organizational penetration testing. As Head of Security Research at Cybernews, he leads a team that has uncovered significant privacy and security issues affecting high-profile organizations and platforms such as NASA, Google Play, and PayPal. Under his leadership, the Cybernews team conducts over 7,000 pieces of research annually, publishing more than 600 studies each year that provide consumers and businesses with actionable insights on data security risks. 

Leave a comment »

Flashpoint Reports on Top Ransomware Groups Targeting Healthcare Sector

Posted in Commentary with tags on April 29, 2025 by itnerd

Threat data and intelligence firm Flashpoint just released a report and blog on the Top Ransomware Groups Targeting the Healthcare Sector.

By industry in 2024, healthcare (11.5%) sustained the fourth most ransomware attacks behind Technology (24.6%), Manufacturing (18.3%), and Retail (12.3%). Almost every organization in the healthcare industry contains highly sensitive information such as patient data, treatment documentation, and financial records linked to patient insurance.

The blog hits on Ransomware-as-a-service and top ransomware groups from Jan-April 2025. If you’re in healthcare, you need to read this ASAP.

Leave a comment »

Team Cymru Appoints Joe Sander as CEO

Posted in Commentary with tags on April 28, 2025 by itnerd

Team Cymru today announced the appointment of Joe Sander as Chief Executive Officer. Sander succeeds Founder Rabbi Rob Thomas following his retirement, while Rabbi Rob will remain actively involved on Team Cymru’s Board of Directors.

Under Rabbi Rob’s leadership, Team Cymru has grown from a visionary startup to a globally recognized cybersecurity leader with a rapidly expanding base of partners and customers around the world. The appointment of Sander signals a new phase of growth and innovation.

Sander joins Team Cymru with proven expertise in scaling growth-oriented companies, enabling them to realize their full potential. By optimizing people, processes and innovation, he has guided SaaS technology companies through stages of rapid growth.

Sander most recently served as CEO of Radiant Logic where he achieved four consecutive years of double-digit growth during his tenure. At Radiant Logic, he successfully transitioned the business from a founder-led model to a high-performing private equity-backed operation while establishing it as a “rule of 50+” business that effectively balanced growth with profitability. Previously, as CEO of Arxan Technologies, he drove substantial expansion by pushing into new geographic markets and championing product innovation.

Team Cymru’s appointment of Sander comes during a period of momentum for the company. Over the past year, the company has introduced innovative solutions, including Pure Signal™ Scout, designed to elevate proactive cybersecurity capabilities, and an Insights Threat Feed, which delivers threat intelligence with greater speed and accuracy by combining 40 million daily IP classifications with more than 2,000 contextual tags. These innovations have played a key role in Team Cymru’s successful expansion into the Asia-Pacific region and have fueled significant year-over-year new business growth in its commercial business.

Under Sander’s leadership, Team Cymru will continue global expansion in key markets in North America, Europe and Asia Pacific to meet growing market demand while maintaining its commitment to partners and investing in its Community Services, which provides vital cybersecurity resources to underserved communities.

Leave a comment »

Palo Alto Makes A Number Of Announcements At RSA

Posted in Commentary with tags on April 28, 2025 by itnerd

Earlier today to kick off the start of RSA, Palo Alto Networks released multiple announcements:

  • Palo Alto Networks Bolsters SASE Capabilities for Modern Workplace. Palo Alto Networks announced its latest advancements in Prisma® SASE, the industry’s most comprehensive secure access service edge (SASE) solution, unveiling Prisma Access Browser 2.0, the world’s only SASE-native secure browser. Prisma Access Browser 2.0, along with Endpoint Data Loss Prevention (DLP) and expanded cloud presence with Oracle Cloud Infrastructure (OCI), are new Prisma SASE capabilities designed to secure generative AI (GenAI) usage, improve user experience and enhance operational resilience in the modern workplace.

Leave a comment »

« Older Entries
Newer Entries »