Archive for the Commentary Category

« Older Entries
Newer Entries »

SIOS Technology Announces Strategic Partnership with FCS InfoTech 

Posted in Commentary with tags on June 24, 2025 by itnerd

SIOS Technology Corp. today announced a strategic partnership with FCS InfoTech, a rapidly growing IT solutions and services company based in India. The alliance is designed to empower enterprises across India and the GCC region, including Oman, with robust, cost-effective high availability and disaster recovery capabilities for critical applications.

With an extensive customer base and proven expertise in implementing enterprise IT solutions, FCS InfoTech will serve as a key channel and implementation partner for SIOS LifeKeeper and SIOS DataKeeper. These technologies provide seamless HA and DR protection for SAP, Oracle, SQL Server, and other critical workloads across cloud, hybrid, and on-premises environments.

The SIOS HA/DR software enables enterprises to:

  • Protect critical applications with proven clustering and replication technologies
  • Avoid unnecessary investments in costly SAN hardware or expensive application editions
  • Achieve SLAs for uptime and disaster recovery with minimal operational complexity
  • Benefit from local support and implementation from FCS’s certified experts

Together, SIOS Technology and FCS InfoTech are uniquely positioned to serve the growing demand for IT resiliency in a wide range of industries including finance, manufacturing, government, and energy across India and the Gulf Cooperation Council region.

Leave a comment »

Cobalt Research Reveals Critical Readiness Gap as Security Teams Fall Behind GenAI Risks

Posted in Commentary with tags on June 24, 2025 by itnerd

 Cobalt today announced the release of its State of LLM Security Report 2025. This new research reveals a widening readiness gap in enterprise security as the rapid adoption of generative AI (genAI) outpaces defenders’ ability to secure it. A staggering 36% of security leaders and practitioners admit that genAI is moving faster than their teams can manage, a sobering reality as organizations continue to embed AI deep into core business operations.

Despite growing concern, many are calling for a timeout: 48% of respondents believe a “strategic pause” is needed to recalibrate defenses against genAI-driven threats. But that pause isn’t coming.

Key findings from the report include:

  • 72% of respondents cite genAI-related attacks as their top IT risk, but 33% are still not conducting regular security assessments, including penetration testing, for their LLM deployments.
  • 50% of respondents want more transparency from software suppliers about how they detect and prevent vulnerabilities, signaling a growing trust gap in the AI supply chain.
  • Security leaders (C-suite and VP level) are more concerned about long-term genAI threats like adversarial attacks (76%) versus the 68% of practitioners which expressed the same concern. However when it came to near-term operational risks such as inaccurate outputs, 45% of practitioners expressed concern versus 36% of security leaders.
  • Top concerns among all survey respondents include sensitive information disclosure (46%), model poisoning or theft (42%), and training data leakage (37%), all pointing to an urgent need to protect the integrity of data pipelines.
  • Overall, 69% of serious findings across all pentest categories are resolved but this falls to just  21% of the high-severity vulnerabilities found in LLM pentests. This is a concern given that 32% of LLM pentest findings are serious and is the lowest resolution rate across all test types conducted by Cobalt.

Methodology

The report analyzes two different datasets. The majority of analysis is based on data collected during Cobalt pentests. This is supplemented by insights collected via a survey by a third-party research firm, Emerald Research. All penetration testing data analyzed in this report was collected through Cobalt pentests. This spans more than 2,700 organizations. Metadata from these pentests was exported from the Cobalt Offensive Security Platform, sanitized to remove client-identifying and other sensitive details, and provided to Cyentia Institute for independent analysis. 

Additional Resources:

Leave a comment »

Datadobi Launches StorageMAP 7.3, Enabling Smarter Data Automation, Governance, and Compliant S3 Migration

Posted in Commentary with tags on June 24, 2025 by itnerd

Datadobi has today launched the latest version of StorageMAP, its enterprise heterogeneous unstructured data management solution. Delivering new capabilities to orchestrate and automate data management tasks across file and object storage, StorageMAP 7.3 enables organizations to create policy-driven workflows, act on data more precisely, and migrate between S3-compatible platforms while maintaining compliance.

Workflow automation

StorageMAP 7.3 introduces policy-driven workflows that allow administrators to define tasks executed by its workflow engine in response to specific triggers, such as a time schedule. A “dry run” feature facilitates reviewing the scope of a policy before full execution.

These new workflows support a wide range of use cases, including periodic automated archival, creating data pipelines to feed GenAI applications, identifying and relocating non-business-related data to a quarantine area, and more. Once policies are published, StorageMAP runs the workflows on schedule without requiring manual supervision.

Granular deletion and targeted data control

In addition, StorageMAP 7.3 adds support for granular file-level deletes. Administrators can identify files that match specific criteria and save them as input to a targeted delete job, which StorageMAP will execute. Each delete job generates a report that documents the job’s details and outcome.

This functionality addresses situations where a coarse-grained directory-level deletion is not possible due to the presence of both relevant and disposable data. By enabling precise file selection, StorageMAP ensures that administrators can apply accurate and effective deletion policies.

Object migration enhancements

StorageMAP 7.3 also enhances its core object migration functionality by supporting the migration of locked objects between S3-compatible storage systems. This allows compliant data stored in a Write Once Read Many (WORM) format to be relocated across different vendor platforms while retaining its retention date and legal holds.

To support cost and performance objectives, the solution includes the ability to select the S3 storage class during object migration or replication. By specifying the desired storage class at the time of the job, organizations can avoid unnecessary post-migration lifecycle policies and ensure data is written directly to the appropriate tier.

Customers dealing with increasingly complex data landscapes require solutions that enable them to stay in control without incurring additional operational overhead. StorageMAP 7.3 offers a practical way to address these important challenges by reducing the time teams spend on routine tasks and helping them move critical data without disrupting compliance or performance.

Leave a comment »

Foxit Launches AI-Powered Research Agent to Transform How Users Analyze Complex Documents

Posted in Commentary with tags on June 24, 2025 by itnerd

Foxit, a leading provider of innovative PDF and eSignature products and services, helping knowledge workers to increase their productivity and do more with documents, today announced the launch of its AI-Powered Research Agent, an intelligent tool designed to help users quickly understand and extract insights from complex research documents like academic papers, clinical trial reports, or usability studies.

Foxit’s new AI-Powered Research Agent helps channel partners and end customers do what previously took hours, if not days, in just minutes: extract meaningful, structured insights from dense, complex research documents. Whether it’s academic papers, clinical trial reports, white papers, or usability studies, these types of documents are typically filled with technical language, inconsistent formatting, and lengthy sections that require time, expertise, and focus to fully understand. The Research Agent solves this pain point by using AI to automatically break down each document into five clearly defined sections:

  1. Overview – A summary of the document’s purpose and scope
  2. Research Methods – How the study was conducted
  3. Research Results – The key findings
  4. Conclusions – What the results mean
  5. Glossary – Definitions of technical terms

The Research Agent is part of a growing suite of AI features available at ai.foxit.com, which now also includes:

  • Document Translation – Instantly translate full documents into multiple languages
  • Read Aloud – Hear your documents read aloud for easier accessibility and review
  • Web Search – Enrich responses with real-time data from the web
  • Chat History – Organize and access past conversations in a refreshed left-side panel
  • Temporary Chat – Ask questions without saving the conversation history
  • Document View – View the uploaded document(s) side-by-side while chatting

Foxit’s AI-Powered Research Agent and expanding toolset are the latest example of the company’s commitment to creating intelligent, user-centric tools that enhance productivity and eliminate friction in everyday workflows. Explore these enhancements today at ai.foxit.com and discover how AI can help everyone work smarter with research-heavy documents.

Leave a comment »

McLaren Health Care Pwned…. 743,000 Patients Impacted 

Posted in Commentary with tags on June 23, 2025 by itnerd

McLaren Health Care is warning 743,000 patients that the health system suffered a data breach caused by a July 2024 attack by the INC ransomware gang:

Although the attack was discovered on August 5, 2024, forensic investigations determining who was impacted were only completed on May 5, 2025, with the notice circulation starting last Friday.

And:

In early August 2024, the healthcare organization suffered an IT and phone systems outage that prompted investigations. Patient databases were reported impacted, and people were asked to bring information about appointments and medication when visiting McLaren hospitals.

Even though the organization did not specify who the attackers were, an employee at one of McLaren’s hospitals in Bay City, Michigan, posted INC ransom notes online that were automatically printed on the hospital’s printers.

In the notice sent to impacted individuals, McLaren Health Care admits that the incident concerned a ransomware attack, though INC is still not mentioned.

Chris Hauk, Consumer Privacy Champion at Pixel Privacy had this to say:

“Patients of the McLaren Health Care system need to stay alert for both accounts being opened in their names and for phishing texts or emails that may use the harvested data to obtain additional information. If McLaren offers free credit monitoring services (and there is no reason not to do so), affected patients should definitely take advantage of it.”

Paul Bischoff, Consumer Privacy Advocate at Comparitech provided this comment: 

“McLaren has not publicly disclosed what types of data were compromised in the attack, but patients and staff should take steps to protect their finances and identities. Check your credit reports, account statements, and medical bills for signs of fraud. If McLaren offers you free credit monitoring or identity theft monitoring, then take it.”

“McLaren is the latest in a long list of targets hacked by Inc Ransomware, many of which are hospitals and clinics. Inc has also launched successful attacks against Access Sports Medicine and Orthopaedics, OnePoint Patient Care, Taylor Regional Hospital, and Tri-City Medical Center, plus many more in the last year alone.”

“Hospitals and clinics are attractive targets for ransomware gangs. Hospitals cannot go long without access to medical records and other data, and they hold a lot of sensitive information. That makes them more likely to pay a ransom.  They also have a lot of non-IT staff and internet-facing services, which give hackers more opportunities to break in through phishing and software vulnerabilities.”

Erich Kron, Security Awareness Advocate at KnowBe4 adds this: 

“Healthcare is one of the top industries to be targeted by bad actors for not only ransomware, but also data theft. The data that these organizations collect and the information they have related to individuals is significant and very sensitive, so when we hear about a data breach like this, we should certainly be taking notice, especially if you are a customer or patient.”

“What is very concerning is that the attack was discovered in August of 2024, but it seems the real victims, those whose data was stolen and potentially put up for sale, have not been informed until now. A delay in informing patients about their potential risk and exposure could end up costing those victims more than just frustration. Bad actors in possession of this information can easily develop social engineering attacks that use this data to make them seem very legitimate, and potential victims should be warned of this possibility as soon as possible.”

“For those whose data has been stolen, it’s important that they monitor their credit and be aware of the potential for increased numbers of scams and other social engineering attacks.”

“Organizations that handle sensitive information such as this should have a plan in place to quickly deal with the issue and to warn anyone potentially impacted as soon as possible. It’s not just how quickly you recover from something like this, but how quickly you help your customers and patients protect themselves.”

On top of the fact that this is yet another health care organization that has been pwned, it took an insane amount of time to notify those who are affected. That gives the bad guys a huge head start in terms of doing all sorts of bad things with the data that they stole. That means that the victims are not going to have a happy ending on with this one.

Leave a comment »

Cyberattack on Iran’s Largest Cryptocurrency Exchange Nobitex Analyzed By Outpost24

Posted in Commentary with tags on June 23, 2025 by itnerd

Earlier today I posted a story warning about Iran launching cyberattacks on the US. But it seems that Iran has to worry about coming under a cyberattack as well.

The cyberattack by Gonjeshke Darande on Nobitex (Iran’s largest cryptocurrency exchange) made global headlines, not only for its scale, but for its political intent. This bold act of digital sabotage occurred within a rapidly deteriorating geopolitical context.

On June 13, 2025, Israeli airstrikes targeted key Iranian military and nuclear facilities. Iran responded with swift retaliation, escalating tensions across the region. In this environment, the Nobitex hack stands out not just as a significant cyber incident, but as a symbolic strike, designed to undermine Iran’s financial stability, expose alleged regime corruption, and deliver a political message in the language of cyberwarfare.

Today, Outpost24 Strategic Research Lead Lidia López Sanz published an analysis of the attack in her post Analyzing the Gonjeshke Darande attack on Iranian crypto exchange Nobitex walking through how the attack happened and the lessons that can be learned.

According to Lidia:

“It is very unusual to see millions of dollars’ worth of cryptocurrency burned with the sole purpose of causing disruption and making a political statement. There have been other major attacks on cryptocurrency exchanges, for example the North Korean state-sponsored group Lazarus is well known for such attacks, but those had mainly a financial gain motivation. In this case, Gonjeshke Darande, appears to have chosen to not steal the funds for profit, in order to deliver a stronger message.”

This analysis is completely worth reading. Thus I would set aside some time to do so.

Leave a comment »

Play ransomware gang takes credit for attack on Dairy Farmer’s of America

Posted in Commentary with tags on June 23, 2025 by itnerd

Ransomware group Play yesterday took credit for last week’s cyber attack on Dairy Farmers of America which disrupted multiple dairy manufacturing plants in the USA’s largest dairy cooperative.

Play said it stole confidential data including budget, payroll, accounting, taxes, and financial info from the DFA. Play gave the DFA three days to pay an undisclosed amount in ransom.

In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:

“Play is a ransomware group that has targeted organizations in healthcare finance, manufacturing, real estate, education, and more since June 2022. Its double-extortion model forces targets to pay a ransom both for a decryption key to restore infected systems and to not sell or publicly release stolen data. Play has taken credit for 152 confirmed ransomware attacks since it began, compromising nearly 1.4 million records.”

“15 of its attacks hit businesses in the food and beverage industry. Those include recent attacks on Krispy Kreme, which notified 161,676 people of a November 2024 breach, and Ganong Bros, which reported a breach in February 2025. Krispy Kreme says it lost $11 million in revenue and spent $3 million on remediation due to Play’s attack. Play has claimed 11 confirmed attacks and made 193 unconfirmed claims since the start of 2025.”

“Ransomware attacks on food and beverage companies can both steal data and lock down computer systems. Businesses are forced to pay a ransom or face extended downtime, data loss, and putting customers at increased risk of fraud. Ransomware attacks can delay and disrupt supply chains, logistics, payments, orders, and other day-to-day tasks that rely on computer software.”

These guys sound like they are going to be the next ransomware group that we will have to really worry about as they sound like they are really going to town on victims. Thus consider this a warning to shore up your defences to make sure that you are not their next victim.

Leave a comment »

DHS Drops Warning About Iran Launching Cyberattacks Against The US

Posted in Commentary with tags , on June 23, 2025 by itnerd

DHS NTAS Bulletin is out that everyone should read given the escalated situation between the US and Iran:

The ongoing Iran conflict is causing a heightened threat environment in the United States. Low-level cyber attacks against US networks by pro-Iranian hacktivists are likely, and cyber actors affiliated with the Iranian government may conduct attacks against US networks. Iran also has a long-standing commitment to target US Government officials it views as responsible for the death of an Iranian military commander killed in January 2020. The likelihood of violent extremists in the Homeland independently mobilizing to violence in response to the conflict would likely increase if Iranian leadership issued a religious ruling calling for retaliatory violence against targets in the Homeland. Multiple recent Homeland terrorist attacks have been motivated by anti-Semitic or anti-Israel sentiment, and the ongoing Israel-Iran conflict could contribute to US-based individuals plotting additional attacks.

Tom Pace, former Head of Cyber for the Department of Energy (DoE) and current CEO of NetRise, provides his thoughts on what CISOs in the US are doing to prepare for potential retaliatory cyberattacks by Iran:

CISOs are moving quickly to prepare for potential Iranian retaliation in cyberspace by tightening access controls, validating backups, and watching for TTPs tied to groups like APT33 and APT34, which are tied to Iran. Coordination with ISACs and federal partners is essential to stay current on threat intelligence and emerging attack patterns.

This moment reinforces the urgency of visibility to know what code is running where, what it’s connected to, and whether it’s vulnerable or end-of-life. Software supply chain security is no longer an abstract concept. It’s a frontline defense against adversaries who exploit opaque systems. CISOs are asking: if Iranian actors drop a custom wiper tomorrow, would we know which systems could execute it?

Iran is going to be targeting low-hanging fruit vulnerabilities that they know they can exploit, or target outdated SOHO routers and infrastructure for the purposes of creating low to moderate scale botnets.

China tends to have very explicit goals and outcomes that they are pursuing, which tend to center around intelligence gathering and positioning. Iran may be looking to cause more destruction, given the attacks on their country. These targets may be small and incapable of defending themselves and hold little to no strategic value, but Iran needs to have a response that provides the illusion that they are a competent actor on the world stage.

This threat while being directed at the US may spill over to countries that are aligned with the US. Thus if you’re responsible for defending your organization from cyberattacks, consider this a heads up to redouble your efforts regardless of where you are.

1 Comment »

KnowBe4 Research Uncovers Disconnect Between AI Adoption and Policy Awareness in the Workplace

Posted in Commentary with tags on June 23, 2025 by itnerd

KnowBe4 has shared new survey findings highlighting a severe AI governance gap. A new KnowBe4 survey of employees across Germany, South Africa, the Netherlands, France, the UK, and the US reveals that while a large majority of employees already engage with Artificial Intelligence (AI) tools at work, a strikingly low percentage are aware of their company’s official policies governing its use.

The findings reveal that, on average, 60.2% of employees are using AI tools in the workplace. In contrast, only 18.5% are aware of their company’s policy on AI usage. This significant gap suggests that the vast majority of AI activity within organizations is taking place without guidance or oversight. One in 10 employees (10%) have admitted to putting client data into an AI tool to complete a work task. 

Other Takeaways Across Regions

  • Varying AI Adoption Rates: While the average percentage of employees using AI in the workplace is 60.2% globally, adoption rates varied by region. France shows the lowest adoption rate, with only 54.2% of employees  saying they use AI tools at work, indicating a slower adoption rate. Conversely, South Africa records the highest at 70.1%, suggesting a more widespread use of AI. 
  • Persistent Policy Awareness Gaps: An average of 14.4% of employees reported being unaware of their company’s AI policy. This lack of awareness is particularly notable in the Netherlands (16.1%) and the UK (15.8%), indicating a need for enhanced communication and training strategies.
  • Sanctioned AI Use is Lagging: Only an average of 17% of employees use AI at work with their IT/security team’s knowledge. This figure, though highest in South Africa (23.6%), remains low overall, indicating a need for organizations to proactively provide and promote approved AI solutions.

The research emphasizes the critical need for organizations to bridge this awareness-usage gap. This requires not just establishing policies, but actively communicating them, providing comprehensive training on ethical and secure AI use, and offering approved, user-friendly AI tools to mitigate the significant risks posed by uncontrolled AI adoption.

For more insights and best security practices, visit https://www.knowbe4.com/

Leave a comment »

Today Is International Women in Engineering Day

Posted in Commentary on June 23, 2025 by itnerd

With International Women in Engineering Day on June 23, here’s some commentary from some leading figures in the field:

 Devin Haynes, Product Owner, SIOS Technology on Challenging the Status Quo:

“Women bring a unique perspective to tech. When women are part of tech teams, innovation improves. We challenge assumptions, encourage broader thinking and reduce groupthink. Women often approach technology with a focus on usability, empathy, and real-world application. These qualities are essential in designing systems that meet our world today. Women bring this diversity of thought to any room and the solutions that are developed are better all around because of it. I often see that girls are hesitant to move into the tech field — that’s why representation matters. When girls and young women see me and others thriving in tech roles, it inspires them to do the same. It challenges the stereotype and opens their minds to a greater possibility. This is critical in a field where women, particularly women of color, remain underrepresented. Bringing more women into tech is a strategic advantage for any company. It leads to stronger teams, smarter products, and an industry that reflects the diversity of the world it serves.”

Yifan Lin, Software Engineer at Parallel Works:

“Growing up in a culture where engineering wasn’t seen as a path for women, I didn’t have role models who looked like me in this field,” said Yifan Lin, Software Engineer at Parallel Works. “People told us to aim for support roles—to be assistants, not builders. But I knew I wanted more. Entering this profession has taught me that you don’t need external validation to belong. If you’re drawn to solving problems and building things, trust that instinct and follow it—regardless of what others say. You don’t need permission to be here.” 

“We need more women to see that it’s not only possible to succeed in engineering, but also to lead. You’re allowed to take up space in this field. You don’t have to shrink yourself to meet others’ expectations—your future is yours to define. Every line of code we write, every system we build, helps normalize our presence and opens doors for the next generation.” 

Leave a comment »

« Older Entries
Newer Entries »