Insider Threat Awareness Month highlights key threats and opportunities 

Posted in Commentary on September 5, 2025 by itnerd

September is National Insider Threat Awareness Month, which serves both as a reminder of the challenges that insider threats can pose security teams, and also raise awareness for the best practices for preventing breaches as a result of these hidden threats.

Here is some commentary from a group of cybersecurity experts regarding Insider Threat Awareness month and insider threats in general. They are Steve Wilson, Chief AI and Product Officer at Exabeam, Aditya Sood, VP of Security Engineering and AI Strategy at Aryaka, Joshua Roback, Principal Security Solution Architect at Swimlane, and Pete Luban, Field CISO at AttackIQ.

Steve Wilson, Chief AI and Product Officer at Exabeam:

“The danger from insider threats continues to grow in the modern cyber landscape, particularly as AI accelerates their speed, stealth, and sophistication. With 64% of cybersecurity professionals now viewing insiders as a greater risk than external actors, Insider Threat Awareness Month serves as a critical opportunity to emphasize proactive defense strategies. 

While 88% of organizations have insider threat programs, many lack behavioral analytics needed to detect AI-enhanced attacks that exploit trusted access and mimic legitimate user behavior. As threats intensify across sectors like government, healthcare, and manufacturing, this initiative provides an opportunity to call for stronger governance, cross-functional collaboration, and real-time detection capabilities to stay ahead of both human and AI-driven insider risks.”

Aditya Sood, VP of Security Engineering and AI Strategy at Aryaka:

“Insider Threat Awareness Month is a critical initiative for raising awareness about the unique security risks posed by internal actors. There have been several examples of insider threats wreaking havoc on major corporations, with Elon Musk’s X being the most prominent recent example. 

A malicious insider is a significant cybersecurity risk, as such individuals can steal intellectual property, exfiltrate confidential information, sabotage systems, or manipulate business operations for personal gain or in collusion with outside threats. The impact can range from financial losses and reputational damage to regulatory penalties and national security risks. 

Awareness about malicious insider activities is crucial because employees and stakeholders must understand the importance of safeguarding credentials, and the necessity of reporting suspicious activity. By teaching employees to recognize the signs of suspicious behavior and reinforcing the importance of strict access controls and reporting protocols, organizations can transform our entire workforce into a crucial line of defense against internal threats. Employees’ role in this is not just important: it’s indispensable. They are the first line of defense, and their commitment to this cause is what will keep organizations secure.”

Joshua Roback, Principal Security Solution Architect at Swimlane:

“Insider threats have always been one of the hardest challenges for security teams because they originate from people with legitimate access. Unlike external adversaries, they don’t have to find a way in. They already have the keys. That makes their actions harder to spot and far more damaging when they turn malicious or careless.

It’s up to organizations to ensure their security systems are well-protected, starting with determining who has access to which systems. Poorly managed access controls creates an environment for insider threats to sprout and thrive. Implementing a mature identity access management solution is the most powerful weapon in mitigating insider threat risks. User behavioural analytics (UBA) can provide proactive detection of anomalous user behaviors, giving security teams a leg up against unannounced attackers.

The rise of insider threats has resulted in the development of security measures which can ensure that threats are monitored, analyzed, and neutralized before they escalate into catastrophic breaches. Building resilience has required organizations to combine continuous monitoring, automated response, and a strong security culture to reduce the window of opportunity for insider abuse.”

Pete Luban, Field CISO at AttackIQ:

“Insider threats, whether from disgruntled employees or compromised credentials, are difficult to detect and prevent with traditional security measures. Insider Awareness Month serves as a reminder to security teams about the importance of simulating real-world insider attack scenarios to assess the effectiveness of their security controls and response protocols. 

Recent spikes in shadow AI usage and lack of proper cyber hygiene increase the likelihood of insider threats. Use of unauthorized tools or platforms can unknowingly expose sensitive data or create exploitable vulnerabilities, as well as poor security practices, like maintaining out-of-date software or weak passwords.

By integrating techniques, such as adversarial emulation, into the security lifecycle, organizations can uncover gaps in their detection and mitigation strategies before a real attack occurs. Simulated, continuous testing can ensure that security teams can mitigate attacks before insider threats sidestep defenses and steal valuable company data.”

Leave a comment »

SIOS Technology Named Among the Best Places to Workin South Carolina for the Sixth Consecutive Year

Posted in Commentary with tags on September 4, 2025 by itnerd

 SIOS Technology Corp. today announced that it has been named the 2025 Best Places to Work in South Carolina list for the sixth consecutive year. The annual program, created by SC Biz News in partnership with the Best Companies Group, honors workplaces that demonstrate a strong commitment to their employees and communities. Winners were recognized at a celebration event on Monday, August 25 at the Columbia Metropolitan Convention Center.

The headquarters of SIOS’ research and development facility as well as its professional services and support departments are located at the M. Bert Storey Engineering and Innovation Center at the University of South Carolina’s College of Engineering and Computing in Columbia. In addition to its campus partnerships, SIOS is an active contributor to the greater Columbia community, with employees participating in local initiatives and collaborating closely with the University of South Carolina’s Computer Science Department.

SIOS high availability and disaster recovery solutions have become the gold star standard for protecting critical Windows and Linux applications such as SQL Server, SAP HANA, and Oracle across cloud, hybrid cloud and datacenter environments from downtime and disasters.

Leave a comment »

Starburst Announces AI & Datanova 2025, the Global Virtual Summit for Trino, Data and AI Innovation

Posted in Commentary with tags on September 4, 2025 by itnerd

 Starburst, the data platform for apps and AI, today announced details for AI & Datanova 2025 virtual events, a global virtual event taking place October 22-23, 2025. The two-day experience will bring together engineers, data scientists, analysts, and technical decision-makers to explore innovations in Trino, data, and enterprise AI.

Day 1: Trino Day launches the event and delivers community-driven sessions with real-world stories featuring deep dives into architecture, performance tuning, and integration best practices from engineers running Trino at scale.

Day 2: AI + Datanova, Starburst’s marquee virtual showcase, highlights data and AI innovations, including an exclusive look at Starburst’s products powering next-generation applications. Attendees will leave with practical insights from smarter cloud data access and stronger governance, to proven strategies for accelerating AI adoption through robust data foundations. Registration grants free full access to both days with a single sign-up.

Registration for the virtual event is free and includes full access to both days. Details and sign-up are available at https://www.starburst.io/info/ai-datanova-2025/

In addition to the virtual experience, Starburst will host an exclusive in-person AI & Datanova Summit for data  and AI leaders on October 9, 2025, at The Westin N

Leave a comment »

Nikon Releases a New Silver Edition of the Z f Full-Frame Mirrorless Camera

Posted in Commentary with tags on September 4, 2025 by itnerd

Nikon Canada Inc. is pleased to announce the release of a new silver edition of the full-frame/FX-format Nikon Z f mirrorless camera. The Nikon Z f combines a timeless design inspired by an iconic Nikon film camera with the superior performance of a full-frame mirrorless camera.

Three new Premium Exterior1 colour options will also be available, providing more choices for users to customize the colour of their Z f camera body1. Additionally, the Z f will support a new Film Grain feature that adds grain to photos and videos, further expanding creative possibilities.

Designed to resemble the silver plating on film-era cameras like the Nikon F, the metallic texture creates an authentic feel suited to the premium, full-frame retro design. Three new Premium Exterior colour options have been added: Cognac Brown, Teal Blue, and Mauve Pink – all with an embossed texture. These are subtle, yet elegant tones that complement the silver body, providing more options for customizing the exterior of the camera than ever before. In addition to the three colours, Moss Green, Stone Gray, Sepia Brown are available – allowing for six colour variations in total. Additionally, the sophisticated design will help inspire users every time they pick up the camera.

A Film Grain Feature for Film-Like Expression

A future firmware update for the Nikon Z f will offer the new Film Grain feature, which adds grain to photos and videos. Users will be able to achieve more creative imaging expression in accordance with the scene and their intent by adjusting grain size (three options) and strength (six options). By combining this feature with Imaging Recipes (downloadable imaging presets created by Nikon and creators) and Picture Controls, users will enjoy film-like expression tailored to their personal and creative style. This update is scheduled for release within 2025.

Price and Availability

The new Nikon Z f Silver Edition will be available in late September for a Manufacturer’s Suggested Retail Price (MSRP) of $2,699.95, or $2,829.95 for the new premium exterior options. For more information about the latest Nikon products, including the vast collection of NIKKOR Z lenses and the entire line of Z series cameras, please visit www.nikon.ca.

Leave a comment »

Bridgestone Pwned In Cyberattack

Posted in Commentary with tags on September 4, 2025 by itnerd

Tire giant Bridgestone has confirmed it is investigating a cyberattack that impacts the operation of manufacturing facilities in North America. Bridgestone doesn’t yet know how bad this is.

Rebecca Moody, Head of Data Research at Comparitech had this comment: 

“As our August ransomware roundup report found, manufacturers are facing an increasing number of ransomware attacks (figures rose by 57 percent from July to August). Manufacturers are a prime target for hackers due to the amount of disruption they can cause by encrypting systems–something we’re also seeing with Jaguar Land Rover in the UK. If this is a ransomware attack and Bridgestone hasn’t paid a ransom, it’s likely we’ll see a group claiming the attack in the coming weeks. For example, in the last 24 hours, Scattered Spider has come forward to claim the JLR attack.”

Erich Kron, Security Awareness Advocate at KnowBe4 adds this: 

“While every industry is threatened by modern cyberattacks, organizations in time sensitive industries such as manufacturing or healthcare can really suffer when an attack occurs. Even if the attack doesn’t get very far, it is generally wise to shut down or isolate networks or systems before malicious things can spread. This means that even if the actual production systems are not impacted, the manufacturing lines can stop while things are being checked, then must be restarted again, which is not a trivial matter. Even with those challenges, it is much better to be safe than to risk an actual cyberattack, such as ransomware, getting loose within the organization.”

“Organizations that perform time sensitive tasks need to have a good business continuity plan in place that includes recovery and steps to be taken to minimize damage. This is not something you want to be coming up with on the fly during an attack, so planning for it is essential.”

“Since a majority of malware, including ransomware, is spread through modern social engineering attacks such as email phishing, it has never been more critical to have a good human risk management program in place that helps reduce the chances of a human error causing significant problems.”

Paul Bischoff, Consumer Privacy Advocate at Comparitech provided this comment: 

“This attack has many of the hallmarks of a ransomware attack, although ransomware hasn’t been confirmed as the culprit yet. Bridgestone suffered a previous ransomware attack in 2022 by LockBit, which would make this the second time that the company fell victim to ransomware. This attack actually disrupted the company’s manufacturing facilities, not just non-essential stuff like communications, sales, and payroll like we see with most attacks. Although Bridgestone says it stopped the attack early, it’s best to assume the worst until the investigation is complete.”

Chris Hauk, Consumer Privacy Champion at Pixel Privacy chimes in with this comment:

“We can expect to continue to see cyber-attacks on companies like this, attacks that aren’t aimed at stealing data but that target their manufacturing facilities. While Bridgestone believes no customer or company data was compromised, Bridgestone customers and employees will still want to stay alert for phishing attempts, as well as possible new accounts opened in their name. Firestone customers should also be on alert, as Firestone is a subsidiary of Bridgestone.”

Bridgestone customers should be prepared for attacks as I totally see that coming. I’m basing that on the fact that Bridgestone doesn’t yet know the extent of this incident. But I am willing to bet that it will be bad.

Leave a comment »

EnGenius Expands Into Data Center Infrastructure with Latest Intel® Xeon® 6 Server Series

Posted in Commentary with tags on September 4, 2025 by itnerd

EnGenius Technologies today announced its expansion into the data center server market with the launch of the EAS Series DC-MHS Data Center Servers. This milestone marks EnGenius’ entry into the high-performance, AI-driven data center market. The new EAS2210 (2U) and EAS1210 (1U) servers, powered by Intel® Xeon® 6, are purpose-built to accelerate digital transformation with modular OCP scalability for AI, virtualization, and private cloud workloads.

EnGenius has strategically entered the data center server industry in response to the growing demand for hybrid cloud architectures and adoption of Industry 4.0 technologies such as genAI. EnGenius’ collaboration with Intel and commitment to open standards including DC-MHS and OCP NIC 3.0 enable the introduction of the EAS Series, designed to help enterprises and cloud service providers (CSPs):

  • Accelerate multimodal AI with scalable processing performance and dedicated accelerator support for training, inference, and additional HPC workloads.
  • Streamline cloud infrastructure to support high-density virtualization and resource-intensive applications including SQL and microservices.
  • Modular DC-MHS framework that simplifies server configurability to optimize deployment workloads, improve lifecycle management with seamless scalability.
  • Lower total cost of ownership with license-free, Redfish-based server management and energy-efficient performance-per-watt for sustainable data centers.

Enterprise-Grade Platforms for Modern Data Centers

The EnGenius EAS2210 and EAS1210 are modular, high-performance servers designed for private cloud and edge data centers. Built on the OCP DC-MHS standard and powered by the latest Intel® Xeon® 6 processors, these platforms deliver high compute density, advanced AI acceleration, and flexible storage and networking options.

  • EAS2210: 2U Dual-socket Intel Xeon 6 with up to 24 hot-swap NVMe U.2 drive bays and 5 PCIe Gen 5 slots for GPUs, FPGAs, and accelerators, ideal for HPC tasks, AI training, and large-scale private clouds.
  • EAS1210: 1U Dual-socket Intel Xeon 6 with up to 12 hot-swap NVMe U.2 drive bays and 2 PCIe Gen 5 slots for low-profile accelerators, optimized for high-density virtualization and multi-VM operations.

Key Features the EAS Series:

Dual-Socket Intel® Xeon® 6 Performance

Supporting dual-socket Intel® Xeon® 6 (6500/6700 Series) processors with up to 86 performance cores (P-cores) or 144 efficient cores (E-cores), the EAS series is optimized to handle networking and storage demands for high-performance computing (HPC), AI inferencing/training, and enterprise IT operations.

Modular DC-MHS Framework

The EAS series is built on the DC-MHS standard that enables seamless and flexible scaling of compute performance, storage, and networking. It simplifies configurability to meet specific deployment requirements, minimizes vendor lock-in, and incorporates long-term lifecycles for extended support.

Expansion-Ready PCIe Gen 5 Architecture

The EAS series features up to five PCIe Gen 5 slots plus a dedicated OCP NIC 3.0 slot for extremely flexible integration of various acceleration and expansion cards such as GPUs, NICs, or RAID controllers that is ideal for AI inferencing and virtualization.

License-Free EDCC Remote Management

Integrated with the EnGenius Data Center Controller (EDCC), the servers provide a license-free, Redfish-based centralized management platform for IT professionals to remotely access and control essential telematics.

The introduction of the EAS server line (EAS2120 and EAS1120) represents a pivotal expansion for EnGenius, signaling the company’s commitment to innovation in the data center infrastructure market.

For more information, visit: https://www.engeniustech.com/data-center-servers.html

Leave a comment »

Palo Alto Networks Unveils Protection for Highly Evasive Threats with Prisma Browser, Extending SASE Leadership

Posted in Commentary with tags on September 4, 2025 by itnerd

Today, Palo Alto Networks announced Prisma® SASE 4.0, the industry’s most advanced AI-driven secure access service edge (SASE) solution. It sets a new standard with innovations in Prisma Browser that neutralize sophisticated web threats in real-time directly within the browser, where legacy solutions have critical blind spots. It’s designed to intercept and neutralize encrypted, evasive attacks that assemble inside the browser and bypass traditional secure web gateways.

The browser is becoming the new operating system for the enterprise, the primary interface for AI and cloud applications. Securing it is not optional. As more critical applications and data reside within the browser, traditional consumer-grade browsers are no longer sufficient for businesses as they lack the necessary security controls to protect against the increasing number of cyberattacks. With Prisma SASE 4.0, Prisma Browser’s new in-browser advanced web protection identifies and neutralizes malware in real-time before it can do harm. This provides a critical layer of defense that other solutions miss.

In addition, Prisma SASE 4.0 delivers new capabilities designed to secure the modern workforce, including:

  • Unprecedented Data Security powered by AI: Prisma SASE 4.0 offers a unified, frictionless data security approach, essential for protecting against the growing risks posed by AI agents, copilots, and plugins directly accessing corporate data. It uses AI-augmented classification to automatically and precisely classify sensitive information across all formats, including unstructured content and data in use – achieving 10x fewer false positives than traditional methods. It includes over 140 pre-trained machine learning classifiers and customizable models to secure critical assets like patents, contracts and source code.
  • Smarter, Faster Protection with Private App Security: Private applications are the engine of many businesses and are prime targets for cyberattacks. Older static rule-based web application firewalls (WAF) are simply no match for threats custom-built for dynamic applications. Palo Alto Networks’ new Private App Security automatically adapts to shield these essential applications and constantly updates security policies for applications.

Palo Alto Networks continues to demonstrate market leadership and disruptive innovation in SASE, with SASE ARR reaching $1.3 billion in fiscal year 2025, growing 35% year-over-year—more than twice the rate of the overall market. For three consecutive years, Palo Alto Networks has been named a Leader in the Gartner® Magic Quadrant™ for SASE Platforms for Prisma SASE. In addition, Palo Alto Networks has been named a Leader for three consecutive years in the Magic Quadrant for Security Service Edge, and five times in the Magic Quadrant for SD-WAN. With over 6,300 SASE customers, including one-third of the Fortune 500, this single-vendor platform simplifies operations and provides a clear path to scale, with adoption of the Prisma Browser surpassing 6 million licensed seats.

These innovations and other key SASE features will be generally available later this year. To learn more, read the blog.

Leave a comment »

Supersonik gets $5M from Andreessen Horowitz for its AI agent that runs live product demos

Posted in Commentary with tags on September 4, 2025 by itnerd

In a world where buyers expect everything on demand, sales teams are still asking leads to fill out a form and wait for a demo. Supersonik is here to end the wait. Launched today from stealth with $5 million in seed funding, the company is introducing an autonomous, multilingual AI agent that instantly joins live video calls, showcases real software in action, and adapts every demo to the buyer in real time.

The seed round was led by Andreessen Horowitz and joined by strategic angels from Google, DeepMind and Salesforce among others.

Supersonik is built for a new generation of software buyers: global, fast-moving, and impatient. Its AI agent jumps on an instant video call, shares its screen, and guides prospects through real software as if it were a seasoned sales rep. Unlike static tours or recordings, Supersonik adapts in real time to each prospect, drawing on live product use and conversational intelligence to make every interaction tailored and interactive. Supersonik agents are able to pull in live data from CRMs, websites, documentation, and knowledge bases meaning each demo is fully tailored to the prospect’s industry, size, geography, and tech stack without a briefing. And unlike traditional sales calls, Supersonik is available on demand, in almost every language, at the exact moment a buyer signals intent.

The use cases for Supersonik are immediate. Companies can place a button on their website that lets buyers request a demo instantly at peak intent. They can re-engage leads that went cold with a live conversation instead of just another email. They can use Supersonik to qualify and route prospects in real time or even upsell new features in existing accounts. Each scenario delivers the same advantage: scale every demo without stretching sales teams thin.

Supersonik was founded by Daniel Carmona Serrat, Joaquim Lechà, and Pol Ruiz. Daniel, a serial entrepreneur, had been working with Pol for the last 3 years in automating manual operations with AI. Together, they began exploring how AI agents could remove one of the biggest bottlenecks in software sales: delivering demos instantly and at scale. At the same time, Joaquim, then CEO of Typeform, shared their conviction that the way software is sold was overdue for change. Joining forces, the three combined entrepreneurial experience, SaaS leadership, and deep technical expertise to build Supersonik.

Supersonik is already working with multiple companies ahead of its launch and plans to double its team by the end of 2025. The funding will support hiring in engineering and go-to-market, as well as continued investment in secure, compliant and reliable AI infrastructure to ensure agents are not only reliable but enterprise-grade.

Looking ahead, Supersonik plans to deepen its product capabilities beyond demos, enabling AI agents to power onboarding, support, renewals, and more. The goal: to transform how businesses talk to their customers across the entire lifecycle, with zero lag and full intelligence. 

Leave a comment »

Bell launches Giga Hub 2.0 with Wi-Fi 7

Posted in Commentary with tags on September 4, 2025 by itnerd

Bell today announced the launch of its new Giga Hub 2.0 modem, bringing Wi-Fi 7 – the world’s best and latest Wi-Fi technology – to Canadian homes for the first time on its Pure Fibre network, Canada’s fastest Internet as named by Ookla® in their Speedtest AwardsTM.

Customers in major areas of Ontario – including Toronto and the GTA,  Ottawa,  London,  Windsor,  Kitchener,  Guelph,  Barrie,  Collingwood and Bradford – as well as Québec City and surrounding areas can now experience next-generation Wi-Fi performance built for today’s connected lifestyles.

With Canadians returning to back-to-school and their regular routines, Bell’s Giga Hub 2.0 with Wi-Fi 7 technology delivers the speed, responsiveness and capacity needed to power connected homes. Offering speeds up to four times faster than Wi-Fi 6E, lower latency for gaming, video calls and augmented/virtual reality (AR/VR) experiences and support for up to double the number of simultaneously connected devices, Wi-Fi 7 sets a new standard in home connectivity. Paired with Bell Pure Fibre – delivering symmetrical download and upload speeds, proven reliability, and an end-to-end low-latency fibre-to-the-home network (FTTH) – customers gain next-generation performance and future-proof technology that keeps pace with their growing digital needs.

Designed with customers in mind, the Giga Hub 2.0 also includes a high-resolution OLED display that makes it easy to run speed tests and share Wi-Fi passwords directly from the screen. Its accessible design features 80% recycled plastics, backlit buttons, raised symbols and colour-coded ports. For those who need even more enhanced connectivity, this modem offers 1x 10Gb, 2x 2.5Gb, and 2x 1Gb Ethernet ports for maximum wired performance.

The Giga Hub 2.0 modem with Wi-Fi 7 is available now on all Bell Pure Fibre Internet plans for new and existing customers with an eligible address. To check availability, visit Bell.ca, call Bell or visit a local Bell store.

Leave a comment »

SOCRadar Analysis: Salesloft Drift Breach – Everything You Need to Know

Posted in Commentary with tags on September 4, 2025 by itnerd

More than 700 organizations were affected by the recent Salesloft Drift Breachone of the largest SaaS supply-chain breaches to date, including high-profile technology and security vendors such as Cloudflare, Zscaler, Palo Alto Networks, and PagerDuty. Investigators describe the incident as a “widespread supply-chain attack spree” targeting one of the most widely used SaaS integrations. Drift, acquired by Salesloft in 2024, integrates with customer systems such as Salesforce, Slack, and Google Workspace via OAuth tokens. Threat actors exploited this integration to steal authentication tokens and gain access to customer environments.

In a just-published blog post, threat intelligence company SOCRadar analyzes:

  • How attackers got in/threat actor behind it
  • Technical reasons behind it
  • Type of info exposed/number of organizations affected
  • How to determine if your company was affected
  • How it compares to other supply chain attacks
  • Steps should CISOs take to mitigate risks from this incident
  • Indicators of Compromise (IOCs) related to Salesloft Drift breach

If you use Salesloft, this should be required reading: Salesloft Drift Breach: Everything You Need to Know 

Leave a comment »

« Older Entries
Newer Entries »