The IT Nerd

Slack announces new AI and search capabilities

Posted in Commentary with tags Slack on July 18, 2025 by itnerd

Slack has released new AI and search capabilities that deeply integrate AI across everything that makes up the Slack experience.

Built to harness institutional knowledge and conversational data that teams create daily, the new capabilities will also increase the user experience by cutting down the need to dig through threads, jump between apps, or rewrite content from scratch.

New features:

AI writing assistance in canvas built directly into Slack canvas that allows users to draft project briefs, generate action items, refine content, and more with natural language prompts.
AI message explanations by hovering over any message to get instant, in-context explanations of unfamiliar concepts, terminology, or technical details.
AI action items enable users to stay on top of highest-priority tasks. AI will identify what’s most important and only notify users when it provides a meaningful update or adds more value than current activity.
AI profile summaries give users quick context on another user’s role and recent contributions. This means teams can align faster and minimise unnecessary back-and-forth communication.

Slack is also announcing the general availability of:

Translations to let teammates read and contribute in their preferred language. When users come across a message in a different language, they’ll see a button they can use to translate that message into any language they’d like.
Enterprise search, which surfaces information across connected apps, data, and conversations from a single search bar. Teams can connect to systems like Salesforce, Microsoft Teams, Google Drive, Confluence, Box, and more, essentially making the Slack search bar the unified interface for all of the team’s structured and unstructured data.

More details can be found here: AI That Actually Works for You | Slack

Leave a comment »

Here’s A New One For Me…. A Phishing Email That Uses QR Codes

Posted in Commentary with tags Security on July 18, 2025 by itnerd

I get phishing emails all the time. Such as my email address is about to be “deactivated” if I don’t re-authenticate to my server. Or I need to authenticate to my server to “keep my same password”. Since I run my own email server, I find these phishing attempts to be downright hysterical because there’s zero chance that they will work on me. But today I got this phishing attempt which is a bit more “interesting”, I got this email this morning:

Sidebar: Seeing as I am a company of two. The two being my wife and I, it’s funny that the threat actors think that we have an HR department. But I guess that a threat actor has to start someplace to try and phish you.

Now I obscured the QR code as I don’t want anyone scanning it. But in lieu of an attachment with a payload that executes on a target’s computer, or a link that the target clicks on, I got a QR code. Likely because it can evade spam filters and other security software or devices.

If you scan the QR code, which should be clear you should not scan the QR code if you get an email like this, it will take you to a phishing page that you are meant to enter your email address and your email password. This fits some other reports of this type of phishing that I have heard about. Here’s a quick list that I’ve posted on this blog in the past:

Fortra Discovers Sophisticated QR Code Phishing Campaign That Targets Office 365 Users

Abnormal Security Announces Enhanced Capabilities to Detect QR Code Attacks

C-Suite Receives 42x More QR Code Attacks Than Average Employee: Abnormal Security

New Report to Reveal QR Code Phishing Scams: Quishing You a Happy Holiday Season

INKY Discusses How Threat Actors Are Using QR Codes To Harvest Credentials

So what this means is that attacks like this one are becoming increasingly pervasive. Thus this is another attack vector that you need to be aware of to keep you and your organization safe.

1 Comment »

Researchers share popular US states used in passwords

Posted in Commentary with tags Cybernews on July 18, 2025 by itnerd

The Cybernews’ research team examined billions of passwords from over 200 cybersecurity incidents, revealing that individuals frequently select US states as their passwords. Carolina, Dakota, and Texas are the most popular and appear in thousands, even millions, of analyzed passwords, making them not a reliable choice for account security.

Being proud of your state makes you more likely to get hacked

Even though everything is bigger in Texas, it is not the biggest and best choice for a password. And even though Texas appeared in passwords around 1M times, it only came out third on the list. Surprisingly, even California, the most populated state in the US, only ranked 11th on the wordlist (p. 18), with 556.9K uses.

Carolina (1.9M) and Dakota (1.2M) are the two most popular US states that will not keep hackers away. At least one of these states will appear once around every 6K passwords. Interestingly, the number of times Alaska is mentioned in passwords is almost the same as that of its residents.

The ten most popular states used in passwords

You can find the ten most popular states and how often they were named in passwords here:

Carolina — 1,921,229
Dakota — 1,171,849
Texas — 1,067,634
NewYork — 968,905
Florida — 879,400
Montana — 795,246
Maine — 783,380
Georgia — 710,455
Alaska — 674,948
Hawaii — 589,977

Network Assured released a report listing the 10 U.S. states with the most data breaches, both historically and in 2022. The data shows that Texas was the third-worst state for data breaches, with 581 reported incidents, despite having the highest state cybersecurity budget at $800 million. Not only does Texas rank third overall in the report, but it also ranked high in Cybernews research, being the third most mentioned state in passwords. These statistics suggest that investing heavily in cybersecurity alone may not solve issues caused by poor human practices unless resources are used effectively.

However, some states appeared in passwords the least number of times. States and combinations like “NorthDakota,” “SouthDakota,” “NewHampshire,” “SouthCarolina,” “WestVirginia,” “Massachusetts,” “RhodeIsland,” “Pennsylvania,” “NorthCarolina,” and “NewMexico” were mentioned only about 3K times each.

The combinations mentioned above, especially those containing two words, are safer than the most popular states, but aren’t the safest option. Even though they are longer than eight characters and include both lower-case and upper-case letters, passwords should also incorporate numbers and special characters to reduce the risk of being leaked. Tools like the Password leak checker are available to check if a password has been compromised.

To read the complete research, please click here.

Leave a comment »

Abstract Security and SentinelOne Partner to Deliver Faster, Smarter, AI-Driven Security Operations

Posted in Commentary with tags Abstract Security on July 17, 2025 by itnerd

Abstract Security and SentinelOne have joined forces to deliver a powerful new integration between Abstract’s real-time security data pipeline and SentinelOne’s AI-powered Singularity Platform—reshaping how security teams detect, analyze, and respond to threats.

This partnership addresses one of cybersecurity’s biggest challenges: how to find true threats in a sea of irrelevant data. Together, Abstract and SentinelOne® provide a scalable, intelligent solution that filters out noise, reduces cost, and accelerates response times across the enterprise.

The Power of Two: Intelligence at the Edge, Clarity at the Core

SentinelOne brings market-leading autonomous protection to endpoints, cloud workloads, and identities—combining behavioral and agentic AI, real-time threat detection, and automated response across the attack surface. With Singularity AI SIEM, organizations gain fast, searchable access to ‘hot’ security data—critical for reducing MTTD (mean time to detect) and MTTR (mean time to respond).

Abstract Security complements this with a streaming-first, AI-enhanced data pipeline built specifically for security use cases. It ingests from any source, normalizes data to open standards (OCSF), applies advanced filtering, and routes high-value data into the Singularity platform.

What This Partnership Delivers

Noise Reduction at Scale
Abstract filters out irrelevant data before it reaches SentinelOne’s Singularity™ AI SIEM, removing noise and reducing alert fatigue.

Real-Time Analytics and Threat Detection
By combining Abstract’s in-stream threat enrichment with SentinelOne’s threat detection capabilities, teams can detect and respond to threats faster and with greater accuracy.

No-Code Integration & Easy Migration to SentinelOne
With Abstract’s easy to use drag-and-drop pipeline creation, security teams can deploy in minutes without engineering effort and migrate from legacy SIEMs to SentinelOne’s Singularity™ AI SIEM with zero downtime—thanks to prebuilt connectors and automatic data normalization.

Unified Security Architecture
Together, the platforms create a streamlined, modern security stack—eliminating data silos, blind spots, and manual workflows.

Why It Matters Now

Organizations are under pressure to reduce risk, lower costs, and modernize outdated security infrastructure. This partnership offers a practical, high-impact path forward—unlocking value from existing data and enabling security teams to operate at machine speed.

For security teams looking to move beyond the limitations of legacy SIEMs, this opportunity delivers a modern security operations platform built for today and ready for what’s next.

Leave a comment »

KnowBe4 Research Reveals That Fake Internal Emails Dominate Phishing Simulation Clicks

Posted in Commentary with tags KnowBe4 on July 17, 2025 by itnerd

KnowBe4 today released its Q2 2025 Simulated Phishing Roundup report. The roundup highlights a continued trend of employee susceptibility to social engineering techniques that exploit familiarity and trust, as seen in dominant interactions with internal communications and well-known brands, making up 98% of top email subject lines. All data for this roundup was taken from the KnowBe4 HRM+ platform between April 1, 2025, and June 30, 2025.

Key Findings from the Roundup Report:

Consistency with Previous Quarter
- Phishing simulation trends remained largely consistent with Q1 2025 (January 1 – March 31, 2025).
Internal Topics Dominate
- Internal-themed topics made up 98.4% of the top 10 most-clicked email templates.
- Among these, HR was cited in 42.5% of phishing failures and IT in 21.5%.
Branded Landing Pages
- 71.9% of malicious landing page interactions involved branded content.
- Microsoft was the most common, accounting for 26.7%, followed by LinkedIn, X, Okta, and Amazon.
Top Clicked Hyperlinks
- 80.6% of the top 20 clicked links came from internally-themed simulations.
- 68.2% of these used domain spoofing techniques.
Attachment Interactions
- PDF attachment clicks rose by 8.1% compared to Q1.
- PDFs comprised 61.1% of the top 20 attachments, followed by HTML files (20.9%) and Word documents (18.0%).

Download a copy of the Q2 2025 KnowBe4 Simulated Phishing Roundup report, here.

Leave a comment »

Companies are at Risk of Filtering Out “the Rick Rubins of the World”

Posted in Commentary with tags Foxit on July 17, 2025 by itnerd

Today’s Wall Street Journal published an article titled, “It’s Time to Rethink the One-Page Résumé” that argues the traditional one-page résumé rule is outdated in the age of AI-driven hiring, and job seekers may improve their chances by providing more detailed, keyword-rich submissions, as long as the content remains relevant and well-structured.

Evan Reiss, VP, Head of Marketing, Foxit, had this to say:

“As AI systems evolve toward deeper semantic understanding and contextual analysis, there’s a growing risk of inadvertently introducing bias into high-stakes processes like hiring,” said Evan Reiss, VP, Head of Marketing at Foxit. “Over-reliance on AI to screen candidates can filter out unconventional thinkers. But businesses need the ‘Rick Rubins’ of the world, individual creatives and innovative thinkers whose value lies precisely in what makes them hard to quantify. If AI-first screening mindset spreads across the enterprise, we risk building systems that reward conformity over creativity.”

Reiss continued, “The decline of the one-page résumé reflects a broader shift in the information economy. AI is redefining how we assess candidacy, but also how we extract meaning from content.”

“At Foxit, we’re seeing this shift across sectors like legal, HR, and finance,” Reiss added. “Documents are being designed with intelligent systems in mind. For professionals and job seekers alike, this means rethinking how content is designed, so it can be easily parsed, understood, and surfaced by AI. Designing for machine comprehension is no longer optional for job seekers.”

So when Evan says companies risk filtering out “the Rick Rubins of the world,” he’s referring to people whose value can’t be easily measured by keywords or conventional metrics — people who bring breakthrough thinking precisely because they don’t follow standard templates. The kind of breakthrough thinking that only humans (not AI) can deliver. In other words, the kinds of candidates AI might overlook, but companies desperately need.

However, that doesn’t mean that you can/should ignore the growing prevalence of AI across HR, and virtually every other functional area.

Given the state of the job market, it would be wise for people to adjust their job hunting strategies to match the fact that AI is more and more common to deal with resumes. That way it gives a much better chance of scoring an interview at the very least, or in the best case a job. And I would say that companies need to adjust as well to avoid missing out on the perfect candidate because the AI that they use is filtering that person out.

Leave a comment »

Kyndryl unveils Agentic AI Framework that dynamically evolves to drive enhanced business performance

Posted in Commentary with tags Kyndryl on July 17, 2025 by itnerd

Kyndryl, a leading provider of mission-critical enterprise technology services, today launched the Kyndryl Agentic AI Framework, a new approach to deploying agentic AI to augment human teams. The enterprise-grade Framework orchestrates and dispatches a portfolio of specialized, self-directed, self-learning AI agents that dynamically respond to shifting conditions and keep humans in the loop for oversight.

The Kyndryl Agentic AI Framework enables enterprises to adopt, deploy and scale agentic AI-powered solutions — whether on-premises, in the cloud or in a hybrid IT setting — to transform and improve their business operations. In deploying the Framework, Kyndryl leverages its expertise from thousands of infrastructure deployments and its experience with generating over 12 million AI-driven insights monthly via Kyndryl Bridge. The Framework combines advanced algorithms, self-learning, optimization and secure-by-design AI agents that translate complex data into clear, understandable insights.

Kyndryl’s new Agentic AI Framework deploys intelligent agents that act, learn and collaborate with humans to drive positive outcomes across complex workflows.

Customers across industries are already working with Kyndryl to explore and understand how they can leverage the Agentic Framework’s sophisticated capabilities, including:

A national government evaluating the Kyndryl Agentic AI Framework for a large-scale deployment across their complex IT estate. The government aims to enhance citizen experiences, improve public service, ensure compliance and reduce regulatory risks by leveraging the Framework and Kyndryl’s expertise in transparent and responsible AI. This will empower government stakeholders to align policies with best practices and operate efficiently for the benefit of their constituents. The capability will enable government employees to view real-time, up-to-date insights on metrics such as traffic congestion, hospital bed availability and school attendance.
As part of an ongoing modernization program, a leading financial institution is working with Kyndryl Consult to assess how it can apply Kyndryl’s Agentic AI Framework to introduce AI agents for automating compliance, optimizing IT and accelerating service delivery. By leveraging this solution, the institution aims to enhance agility, strengthen cyber resilience, meet regulatory standards, and drive long-term innovation and operational efficiency.

This new Framework comes at a critical moment for enterprise leaders who are struggling to see benefits from AI use cases. In fact, according to Kyndryl’s recently published 2025 People Readiness Report, only 4 in 10 leaders report using AI-powered insights to enhance decision-making or unlock business growth. In addition, only one-fifth of business leaders say the primary use case of AI in their organization is to develop new products and services for customers.

The Kyndryl Agentic AI Framework can help organizations confidently deploy AI with trust and security in mind. The Framework was built with industry-standard encryption protocols, privacy-by-design principles and zero-trust security — fostering trust in AI-driven processes and assurances that agent actions are traceable, interpretable and continuously improved with human oversight. It can also be tailored to meet enterprises’ needs and adapt to industries through self-directed learning, enabling organizations to apply the Framework to a wide range of use cases and projects with speed and confidence.

Kyndryl Consult experts will work side-by-side with customers to assess, design, engineer and plan deployments of the Framework that are tailored to individual customer business requirements.

Learn more information about Kyndryl’s Agentic AI Framework.

Leave a comment »

Guest Opinion: Do we really want our chatbots driving our Teslas?

Posted in Commentary with tags Nordpass on July 17, 2025 by itnerd

By Karolis Arbaciauskas, head of business product at NordPass

Google recently announced it enabled Gemini AI to access and interact with third-party apps on Android — so far, only a handful, including Phone, Messages, WhatsApp, and utilities on your phone. But I’m sure the scope will expand.

Elon Musk also recently took to his X account to announce that xAI’s chatbot is coming to Teslas. The announcement came after quite a rough week for Grok, which experienced a sort of meltdown, praising Adolf Hitler and instructing users on how to commit sexual assault.

In the early years of large language models (LLMs), when discussing language models vs. artificial general intelligence (AGI), I remember people joking that you wouldn’t want your chatbot driving your Tesla. It’s not funny anymore. The sight of people saying, “Grok, park my car and keep it cool till I come back,” is probably not that far away.

Agents and passwords

It’s only a matter of time before our aspirations to further empower AI agents emerge. The use case where AI agents use password managers and even banking apps on behalf of the user is probably in the very near future. Prompt “calculate and pay the utility bills while I go for a run” sounds appealing, doesn’t it?

In principle, we can already send agents to password vaults, allow them to retrieve passwords, and perform certain operations. There are ways to do that, and they work. However, at this point it is extremely unsafe.

In the near future, AI agents (operators) will likely be able to retrieve passwords or other secrets from password vaults through API integrations without compromising their own login credentials. Such a model of machine-to-machine authentication is already working in other scenarios. It is also secure in principle. The only questions are how much control will the AI have and if it or threat actors will be able to somehow exploit this access further?

We were promised robots but got social networks instead

Do we want this to happen? I think we do. Pop culture – especially books, movies and games – has long created expectations for this. And in recent years businesses, with the help of the media, have been fueling these expectations. So people in general, or should I say we as a humanity, seem to be waiting for AGI, even though we worry about our privacy and are a little afraid of it. Agentic AI is the closest thing we have right now, so I’m sure the technology will catch on and evolve further.

Especially seeing how much money venture capital is pouring into AI startups. According to PitchBook, in the first half of 2025 more than half of all venture capital dollars globally, and 64% in the US, went to AI startups. Over the same period, AI helped 36 tech companies achieve unicorn status.

I won’t go into technology adoption theories (such as Diffusion of innovation or TAM), but KPMG is right in saying that agentic AI deployment will accelerate despite its risks. Why? Because if businesses want it, and people want it, it will happen. We just need to be careful about potential vulnerabilities and how much control we give away to AI agents. We still don’t know what might happen when the real AGI emerges.

Let’s not forget that passwords to all our accounts (via access to password managers) and banking data are among the most important and most valuable, to us, to AI agents (because when we give them access to our credentials, their capabilities grow significantly), and to criminals. At the same time, the metadata of our interactions with AI agents is very valuable for companies that created those agents.

ABOUT NORDPASS

NordPass is a password manager for both business and consumer clients. It’s powered by the latest technology for the utmost security. Developed with affordability, simplicity, and ease of use in mind, NordPass allows users to securely access their passwords on desktop, mobile, and browsers. All passwords are encrypted on the device, so only the user can access them. NordPass was created by the experts behind NordVPN – the advanced security and privacy app trusted by more than 14 million customers worldwide. For more information: nordpass.com.

Leave a comment »

Printer Firmware Gaps Leave Organizations Exposed

Posted in Commentary with tags HP on July 17, 2025 by itnerd

New research from HP Wolf Security reveals that printer platform security – firmware and hardware protection – is being neglected, exposing organizations to security threats that can exfiltrate critical data and hijack devices.

Printers are now smart, connected devices storing sensitive data and operating on long refresh cycles. If left unsecured, they become long-term entry points for data breaches and firmware-based attacks.

The global study, based on 800+ ITSDMs, shows only 36% of IT and security decision-makers apply printer firmware updates promptly, even though IT teams spend an average of 3.5 hours per printer each month managing security issues.

The report also found security gaps across the other stages of the printer’s lifecycle, including:

Supplier Selection & Onboarding: Just 38% of ITSDMs say procurement, IT, and security teams collaborate on printer security standards, with 60% warning that lack of collaboration increases risk.
Remediation: 70% of ITSDMs are now more worried about offline print risks, like sensitive documents being printed or mishandled by employees.
Decommissioning: 86% of ITSDMs say data security concerns block printer reuse or recycling, even as approximately eighty printers per organization sit idle or near end-of-life.

The link to the live report from HP is here: https://www.hp.com/content/dam/sites/garage-press/press/press-kits/2025/hp-wolf-security-study-reveals-gaps-in-print-security-leaving-devices-vulnerable-to-risk/Print%20Lifecycle%20Short%20Report.pdf

Leave a comment »

Healthcare Ransomware on the decline in 2025, but why?

Posted in Commentary with tags Comparitech on July 17, 2025 by itnerd

Comparitech researchers have released a study looking at the impact of healthcare ransomware in H1 2025, finding a decline in attacks compared to H1 2024.

While the healthcare sector hasn’t seen the same influx in attacks as other industries (a recent 2025 H1 report saw a 50 percent increase across the board from 2024), this could be due to several factors.

Ransomware attacks on healthcare companies continue to have devastating consequences. This became only too evident recently when a patient’s death was linked to the June 2024 attack on Synnovis in the UK.

Key findings include:

211 attacks in total – 125 in Q1 and 86 in Q2
68 confirmed attacks – 45 in Q1 and 23 in Q2
143 unconfirmed attacks – 80 in Q1 and 63 in Q2
2,372,777 records are known to have been breached in the confirmed attacks
Average ransom demand of $479,000
The most prolific ransomware strains with the highest number of claims against healthcare companies were INC (34), Qilin (25), SafePay (14), RansomHub (13), and Medusa (13)
INC and Qilin had the most confirmed attacks (10 each), followed by Medusa (7), RansomHub (6), and SafePay (4)

The research can be viewed at this link: https://www.comparitech.com/news/healthcare-ransomware-roundup-h1-2025/

Leave a comment »

Pages

Blogroll