The IT Nerd

The ASUS Security Situation Is Actually Way Worse Than I Thought

Posted in Commentary on July 21, 2025 by itnerd

A few months ago, I posted a story on ASUS having vulnerabilities in their router products that could lead to you not only getting pwned, but your ASUS router being part of a botnet. Related to that, I offered up some advice as to how to check if you’ve been pwned. But this was the second time this year that ASUS has found itself in a situation where their had serous security vulnerabilities. Because earlier this year ASUS had to fess up to the fact that their AI Cloud feature which allows for remote access to their routers was vulnerable to being pwned.

A couple of days ago, things got way worse for ASUS. YouTube channel Gamers Nexus, who had previously called out ASUS for their shady warranty practices did a video on a number of other vulnerabilities that have been discovered in a variety of ASUS products. If you want to watch the video, here it is:

For those of you who want to skip past watching the video, here’s the TL:DR.

Security researcher Paul “Mr. Bruh” discovered a zero-click remote code execution vulnerability in Asus DriverHub and hardcoded administrator credentials within MyAsus and the RMA portal—exposing user data including names, birthdates, addresses, and phone numbers. As it stands, ASUS claims to have fixed this.

Cisco Talos researcher Marson Icewall Noga also documented two kernel-level exploits in Armory Crate’s ASIO3 driver, enabling physical memory mapping and low-level hardware access. It gets worse because Armory Crate is built into to ASUS motherboards. Which means that even if you nuke Windows and reinstall it, Armory Crate will simply reinstall itself unless you dig into your BIOS and turn off the ability for it to install. For those of you who have Armory Crate installed, removing it is the recommended way to protect yourself. Another reason why you should get rid of Armory Crate is that I noted that when I was testing HYAS Protect At Home, I noted that Armory Crate which was on the ASUS PC that I owned at the time, sent and received a lot of data to and from the Internet for reasons that I couldn’t discern. But given that ASUS seems to have other security problems, that’s another reason why you should strongly consider removing their software ASAP.

And that’s on top of their router issues. And I have to admit, that was one of the motivating factors that made me dump this router from ASUS for this Unifi router. Currently the only ASUS product that I have left on my network is a pair of Zen WiFiXT8’s that I am using in access point mode. I am currently researching how to replace them with Unifi products that have as good or ideally better performance in a mesh setup. But given how bad ASUS security is, I am now making that a today problem Because clearly ASUS is really dropping the ball when it comes to security. And that is on top of their RMA issues and their technical support issues. Which the TL:DR on that is that ASUS tech support is horrifically bad.

The bottom line is that ASUS is really becoming a company to avoid. I don’t know how how else to put it. And honestly the sooner that ASUS products are gone from my network, the better off that I will be be. And if you own ASUS products, you might want to consider getting rid of them as well as you’ll likely be better off as well.

Leave a comment »

HP’s WXP Helps Canadian Companies Reimagine Hybrid Work

Posted in Commentary with tags HP on July 18, 2025 by itnerd

As hybrid work becomes the norm in Canada, a growing tech disconnect is fueling employee frustration and burnout. With an explosion of new devices and digital tools, two-thirds of employees report they regularly struggle with workplace tech yet only half feel adequately supported by their IT teams.

This gap is taking a toll on productivity and morale, not just for frontline staff but also for the IT professionals tasked with holding it all together. As Canadian businesses push to modernize, the message is clear: improving the digital employee experience is no longer optional.

HP’s Workforce Experience Platform (WXP) is more than just IT support, it’s a strategic solution that streamlines workflows, resolves issues before they surface, and helps teams thrive in a complex, always-on world.

Some key ways WXP helps IT and security teams reshape the modern workplace:

AI Sentiment Analysis: WXP now includes AI capabilities to assess and improve employee experience by analyzing sentiment data, allowing IT teams to identify and address issues before they impact productivity.
Smarter Insights, Less Guesswork: Integration with Vyopta allows businesses to monitor and optimize collaboration environments with integrated insights into video and telephone endpoints, enhancing user satisfaction and performance.
Fleet Explorer: A new AI-powered tool that uses natural language processing to help IT managers quickly access fleet data. Instead of sifting through reports, they can ask questions like “Which devices had the highest memory over-utilization in the past 30 days?” and get instant insights—enabling faster issue resolution before employee performance is affected.

To learn more about the HP Workforce Experience Platform, visit here.

Leave a comment »

Slack announces new AI and search capabilities

Posted in Commentary with tags Slack on July 18, 2025 by itnerd

Slack has released new AI and search capabilities that deeply integrate AI across everything that makes up the Slack experience.

Built to harness institutional knowledge and conversational data that teams create daily, the new capabilities will also increase the user experience by cutting down the need to dig through threads, jump between apps, or rewrite content from scratch.

New features:

AI writing assistance in canvas built directly into Slack canvas that allows users to draft project briefs, generate action items, refine content, and more with natural language prompts.
AI message explanations by hovering over any message to get instant, in-context explanations of unfamiliar concepts, terminology, or technical details.
AI action items enable users to stay on top of highest-priority tasks. AI will identify what’s most important and only notify users when it provides a meaningful update or adds more value than current activity.
AI profile summaries give users quick context on another user’s role and recent contributions. This means teams can align faster and minimise unnecessary back-and-forth communication.

Slack is also announcing the general availability of:

Translations to let teammates read and contribute in their preferred language. When users come across a message in a different language, they’ll see a button they can use to translate that message into any language they’d like.
Enterprise search, which surfaces information across connected apps, data, and conversations from a single search bar. Teams can connect to systems like Salesforce, Microsoft Teams, Google Drive, Confluence, Box, and more, essentially making the Slack search bar the unified interface for all of the team’s structured and unstructured data.

More details can be found here: AI That Actually Works for You | Slack

Leave a comment »

Here’s A New One For Me…. A Phishing Email That Uses QR Codes

Posted in Commentary with tags Security on July 18, 2025 by itnerd

I get phishing emails all the time. Such as my email address is about to be “deactivated” if I don’t re-authenticate to my server. Or I need to authenticate to my server to “keep my same password”. Since I run my own email server, I find these phishing attempts to be downright hysterical because there’s zero chance that they will work on me. But today I got this phishing attempt which is a bit more “interesting”, I got this email this morning:

Sidebar: Seeing as I am a company of two. The two being my wife and I, it’s funny that the threat actors think that we have an HR department. But I guess that a threat actor has to start someplace to try and phish you.

Now I obscured the QR code as I don’t want anyone scanning it. But in lieu of an attachment with a payload that executes on a target’s computer, or a link that the target clicks on, I got a QR code. Likely because it can evade spam filters and other security software or devices.

If you scan the QR code, which should be clear you should not scan the QR code if you get an email like this, it will take you to a phishing page that you are meant to enter your email address and your email password. This fits some other reports of this type of phishing that I have heard about. Here’s a quick list that I’ve posted on this blog in the past:

Fortra Discovers Sophisticated QR Code Phishing Campaign That Targets Office 365 Users

Abnormal Security Announces Enhanced Capabilities to Detect QR Code Attacks

C-Suite Receives 42x More QR Code Attacks Than Average Employee: Abnormal Security

New Report to Reveal QR Code Phishing Scams: Quishing You a Happy Holiday Season

INKY Discusses How Threat Actors Are Using QR Codes To Harvest Credentials

So what this means is that attacks like this one are becoming increasingly pervasive. Thus this is another attack vector that you need to be aware of to keep you and your organization safe.

1 Comment »

Researchers share popular US states used in passwords

Posted in Commentary with tags Cybernews on July 18, 2025 by itnerd

The Cybernews’ research team examined billions of passwords from over 200 cybersecurity incidents, revealing that individuals frequently select US states as their passwords. Carolina, Dakota, and Texas are the most popular and appear in thousands, even millions, of analyzed passwords, making them not a reliable choice for account security.

Being proud of your state makes you more likely to get hacked

Even though everything is bigger in Texas, it is not the biggest and best choice for a password. And even though Texas appeared in passwords around 1M times, it only came out third on the list. Surprisingly, even California, the most populated state in the US, only ranked 11th on the wordlist (p. 18), with 556.9K uses.

Carolina (1.9M) and Dakota (1.2M) are the two most popular US states that will not keep hackers away. At least one of these states will appear once around every 6K passwords. Interestingly, the number of times Alaska is mentioned in passwords is almost the same as that of its residents.

The ten most popular states used in passwords

You can find the ten most popular states and how often they were named in passwords here:

Carolina — 1,921,229
Dakota — 1,171,849
Texas — 1,067,634
NewYork — 968,905
Florida — 879,400
Montana — 795,246
Maine — 783,380
Georgia — 710,455
Alaska — 674,948
Hawaii — 589,977

Network Assured released a report listing the 10 U.S. states with the most data breaches, both historically and in 2022. The data shows that Texas was the third-worst state for data breaches, with 581 reported incidents, despite having the highest state cybersecurity budget at $800 million. Not only does Texas rank third overall in the report, but it also ranked high in Cybernews research, being the third most mentioned state in passwords. These statistics suggest that investing heavily in cybersecurity alone may not solve issues caused by poor human practices unless resources are used effectively.

However, some states appeared in passwords the least number of times. States and combinations like “NorthDakota,” “SouthDakota,” “NewHampshire,” “SouthCarolina,” “WestVirginia,” “Massachusetts,” “RhodeIsland,” “Pennsylvania,” “NorthCarolina,” and “NewMexico” were mentioned only about 3K times each.

The combinations mentioned above, especially those containing two words, are safer than the most popular states, but aren’t the safest option. Even though they are longer than eight characters and include both lower-case and upper-case letters, passwords should also incorporate numbers and special characters to reduce the risk of being leaked. Tools like the Password leak checker are available to check if a password has been compromised.

To read the complete research, please click here.

Leave a comment »

Abstract Security and SentinelOne Partner to Deliver Faster, Smarter, AI-Driven Security Operations

Posted in Commentary with tags Abstract Security on July 17, 2025 by itnerd

Abstract Security and SentinelOne have joined forces to deliver a powerful new integration between Abstract’s real-time security data pipeline and SentinelOne’s AI-powered Singularity Platform—reshaping how security teams detect, analyze, and respond to threats.

This partnership addresses one of cybersecurity’s biggest challenges: how to find true threats in a sea of irrelevant data. Together, Abstract and SentinelOne® provide a scalable, intelligent solution that filters out noise, reduces cost, and accelerates response times across the enterprise.

The Power of Two: Intelligence at the Edge, Clarity at the Core

SentinelOne brings market-leading autonomous protection to endpoints, cloud workloads, and identities—combining behavioral and agentic AI, real-time threat detection, and automated response across the attack surface. With Singularity AI SIEM, organizations gain fast, searchable access to ‘hot’ security data—critical for reducing MTTD (mean time to detect) and MTTR (mean time to respond).

Abstract Security complements this with a streaming-first, AI-enhanced data pipeline built specifically for security use cases. It ingests from any source, normalizes data to open standards (OCSF), applies advanced filtering, and routes high-value data into the Singularity platform.

What This Partnership Delivers

Noise Reduction at Scale
Abstract filters out irrelevant data before it reaches SentinelOne’s Singularity™ AI SIEM, removing noise and reducing alert fatigue.

Real-Time Analytics and Threat Detection
By combining Abstract’s in-stream threat enrichment with SentinelOne’s threat detection capabilities, teams can detect and respond to threats faster and with greater accuracy.

No-Code Integration & Easy Migration to SentinelOne
With Abstract’s easy to use drag-and-drop pipeline creation, security teams can deploy in minutes without engineering effort and migrate from legacy SIEMs to SentinelOne’s Singularity™ AI SIEM with zero downtime—thanks to prebuilt connectors and automatic data normalization.

Unified Security Architecture
Together, the platforms create a streamlined, modern security stack—eliminating data silos, blind spots, and manual workflows.

Why It Matters Now

Organizations are under pressure to reduce risk, lower costs, and modernize outdated security infrastructure. This partnership offers a practical, high-impact path forward—unlocking value from existing data and enabling security teams to operate at machine speed.

For security teams looking to move beyond the limitations of legacy SIEMs, this opportunity delivers a modern security operations platform built for today and ready for what’s next.

Leave a comment »

KnowBe4 Research Reveals That Fake Internal Emails Dominate Phishing Simulation Clicks

Posted in Commentary with tags KnowBe4 on July 17, 2025 by itnerd

KnowBe4 today released its Q2 2025 Simulated Phishing Roundup report. The roundup highlights a continued trend of employee susceptibility to social engineering techniques that exploit familiarity and trust, as seen in dominant interactions with internal communications and well-known brands, making up 98% of top email subject lines. All data for this roundup was taken from the KnowBe4 HRM+ platform between April 1, 2025, and June 30, 2025.

Key Findings from the Roundup Report:

Consistency with Previous Quarter
- Phishing simulation trends remained largely consistent with Q1 2025 (January 1 – March 31, 2025).
Internal Topics Dominate
- Internal-themed topics made up 98.4% of the top 10 most-clicked email templates.
- Among these, HR was cited in 42.5% of phishing failures and IT in 21.5%.
Branded Landing Pages
- 71.9% of malicious landing page interactions involved branded content.
- Microsoft was the most common, accounting for 26.7%, followed by LinkedIn, X, Okta, and Amazon.
Top Clicked Hyperlinks
- 80.6% of the top 20 clicked links came from internally-themed simulations.
- 68.2% of these used domain spoofing techniques.
Attachment Interactions
- PDF attachment clicks rose by 8.1% compared to Q1.
- PDFs comprised 61.1% of the top 20 attachments, followed by HTML files (20.9%) and Word documents (18.0%).

Download a copy of the Q2 2025 KnowBe4 Simulated Phishing Roundup report, here.

Leave a comment »

Companies are at Risk of Filtering Out “the Rick Rubins of the World”

Posted in Commentary with tags Foxit on July 17, 2025 by itnerd

Today’s Wall Street Journal published an article titled, “It’s Time to Rethink the One-Page Résumé” that argues the traditional one-page résumé rule is outdated in the age of AI-driven hiring, and job seekers may improve their chances by providing more detailed, keyword-rich submissions, as long as the content remains relevant and well-structured.

Evan Reiss, VP, Head of Marketing, Foxit, had this to say:

“As AI systems evolve toward deeper semantic understanding and contextual analysis, there’s a growing risk of inadvertently introducing bias into high-stakes processes like hiring,” said Evan Reiss, VP, Head of Marketing at Foxit. “Over-reliance on AI to screen candidates can filter out unconventional thinkers. But businesses need the ‘Rick Rubins’ of the world, individual creatives and innovative thinkers whose value lies precisely in what makes them hard to quantify. If AI-first screening mindset spreads across the enterprise, we risk building systems that reward conformity over creativity.”

Reiss continued, “The decline of the one-page résumé reflects a broader shift in the information economy. AI is redefining how we assess candidacy, but also how we extract meaning from content.”

“At Foxit, we’re seeing this shift across sectors like legal, HR, and finance,” Reiss added. “Documents are being designed with intelligent systems in mind. For professionals and job seekers alike, this means rethinking how content is designed, so it can be easily parsed, understood, and surfaced by AI. Designing for machine comprehension is no longer optional for job seekers.”

So when Evan says companies risk filtering out “the Rick Rubins of the world,” he’s referring to people whose value can’t be easily measured by keywords or conventional metrics — people who bring breakthrough thinking precisely because they don’t follow standard templates. The kind of breakthrough thinking that only humans (not AI) can deliver. In other words, the kinds of candidates AI might overlook, but companies desperately need.

However, that doesn’t mean that you can/should ignore the growing prevalence of AI across HR, and virtually every other functional area.

Given the state of the job market, it would be wise for people to adjust their job hunting strategies to match the fact that AI is more and more common to deal with resumes. That way it gives a much better chance of scoring an interview at the very least, or in the best case a job. And I would say that companies need to adjust as well to avoid missing out on the perfect candidate because the AI that they use is filtering that person out.

Leave a comment »

Kyndryl unveils Agentic AI Framework that dynamically evolves to drive enhanced business performance

Posted in Commentary with tags Kyndryl on July 17, 2025 by itnerd

Kyndryl, a leading provider of mission-critical enterprise technology services, today launched the Kyndryl Agentic AI Framework, a new approach to deploying agentic AI to augment human teams. The enterprise-grade Framework orchestrates and dispatches a portfolio of specialized, self-directed, self-learning AI agents that dynamically respond to shifting conditions and keep humans in the loop for oversight.

The Kyndryl Agentic AI Framework enables enterprises to adopt, deploy and scale agentic AI-powered solutions — whether on-premises, in the cloud or in a hybrid IT setting — to transform and improve their business operations. In deploying the Framework, Kyndryl leverages its expertise from thousands of infrastructure deployments and its experience with generating over 12 million AI-driven insights monthly via Kyndryl Bridge. The Framework combines advanced algorithms, self-learning, optimization and secure-by-design AI agents that translate complex data into clear, understandable insights.

Kyndryl’s new Agentic AI Framework deploys intelligent agents that act, learn and collaborate with humans to drive positive outcomes across complex workflows.

Customers across industries are already working with Kyndryl to explore and understand how they can leverage the Agentic Framework’s sophisticated capabilities, including:

A national government evaluating the Kyndryl Agentic AI Framework for a large-scale deployment across their complex IT estate. The government aims to enhance citizen experiences, improve public service, ensure compliance and reduce regulatory risks by leveraging the Framework and Kyndryl’s expertise in transparent and responsible AI. This will empower government stakeholders to align policies with best practices and operate efficiently for the benefit of their constituents. The capability will enable government employees to view real-time, up-to-date insights on metrics such as traffic congestion, hospital bed availability and school attendance.
As part of an ongoing modernization program, a leading financial institution is working with Kyndryl Consult to assess how it can apply Kyndryl’s Agentic AI Framework to introduce AI agents for automating compliance, optimizing IT and accelerating service delivery. By leveraging this solution, the institution aims to enhance agility, strengthen cyber resilience, meet regulatory standards, and drive long-term innovation and operational efficiency.

This new Framework comes at a critical moment for enterprise leaders who are struggling to see benefits from AI use cases. In fact, according to Kyndryl’s recently published 2025 People Readiness Report, only 4 in 10 leaders report using AI-powered insights to enhance decision-making or unlock business growth. In addition, only one-fifth of business leaders say the primary use case of AI in their organization is to develop new products and services for customers.

The Kyndryl Agentic AI Framework can help organizations confidently deploy AI with trust and security in mind. The Framework was built with industry-standard encryption protocols, privacy-by-design principles and zero-trust security — fostering trust in AI-driven processes and assurances that agent actions are traceable, interpretable and continuously improved with human oversight. It can also be tailored to meet enterprises’ needs and adapt to industries through self-directed learning, enabling organizations to apply the Framework to a wide range of use cases and projects with speed and confidence.

Kyndryl Consult experts will work side-by-side with customers to assess, design, engineer and plan deployments of the Framework that are tailored to individual customer business requirements.

Learn more information about Kyndryl’s Agentic AI Framework.

Leave a comment »

Guest Opinion: Do we really want our chatbots driving our Teslas?

Posted in Commentary with tags Nordpass on July 17, 2025 by itnerd

By Karolis Arbaciauskas, head of business product at NordPass

Google recently announced it enabled Gemini AI to access and interact with third-party apps on Android — so far, only a handful, including Phone, Messages, WhatsApp, and utilities on your phone. But I’m sure the scope will expand.

Elon Musk also recently took to his X account to announce that xAI’s chatbot is coming to Teslas. The announcement came after quite a rough week for Grok, which experienced a sort of meltdown, praising Adolf Hitler and instructing users on how to commit sexual assault.

In the early years of large language models (LLMs), when discussing language models vs. artificial general intelligence (AGI), I remember people joking that you wouldn’t want your chatbot driving your Tesla. It’s not funny anymore. The sight of people saying, “Grok, park my car and keep it cool till I come back,” is probably not that far away.

Agents and passwords

It’s only a matter of time before our aspirations to further empower AI agents emerge. The use case where AI agents use password managers and even banking apps on behalf of the user is probably in the very near future. Prompt “calculate and pay the utility bills while I go for a run” sounds appealing, doesn’t it?

In principle, we can already send agents to password vaults, allow them to retrieve passwords, and perform certain operations. There are ways to do that, and they work. However, at this point it is extremely unsafe.

In the near future, AI agents (operators) will likely be able to retrieve passwords or other secrets from password vaults through API integrations without compromising their own login credentials. Such a model of machine-to-machine authentication is already working in other scenarios. It is also secure in principle. The only questions are how much control will the AI have and if it or threat actors will be able to somehow exploit this access further?

We were promised robots but got social networks instead

Do we want this to happen? I think we do. Pop culture – especially books, movies and games – has long created expectations for this. And in recent years businesses, with the help of the media, have been fueling these expectations. So people in general, or should I say we as a humanity, seem to be waiting for AGI, even though we worry about our privacy and are a little afraid of it. Agentic AI is the closest thing we have right now, so I’m sure the technology will catch on and evolve further.

Especially seeing how much money venture capital is pouring into AI startups. According to PitchBook, in the first half of 2025 more than half of all venture capital dollars globally, and 64% in the US, went to AI startups. Over the same period, AI helped 36 tech companies achieve unicorn status.

I won’t go into technology adoption theories (such as Diffusion of innovation or TAM), but KPMG is right in saying that agentic AI deployment will accelerate despite its risks. Why? Because if businesses want it, and people want it, it will happen. We just need to be careful about potential vulnerabilities and how much control we give away to AI agents. We still don’t know what might happen when the real AGI emerges.

Let’s not forget that passwords to all our accounts (via access to password managers) and banking data are among the most important and most valuable, to us, to AI agents (because when we give them access to our credentials, their capabilities grow significantly), and to criminals. At the same time, the metadata of our interactions with AI agents is very valuable for companies that created those agents.

ABOUT NORDPASS

NordPass is a password manager for both business and consumer clients. It’s powered by the latest technology for the utmost security. Developed with affordability, simplicity, and ease of use in mind, NordPass allows users to securely access their passwords on desktop, mobile, and browsers. All passwords are encrypted on the device, so only the user can access them. NordPass was created by the experts behind NordVPN – the advanced security and privacy app trusted by more than 14 million customers worldwide. For more information: nordpass.com.

Leave a comment »

Pages

Blogroll