Massive data leak exposes 1.6M of Etsy and other TikTok shops customer details

Posted in Commentary with tags on May 28, 2025 by itnerd

The Cybernews research team has uncovered a major data breach affecting 1.6 million customers of Etsy, Poshmark, and other TikTok shops, primarily in the U.S., with some affected users in Canada and Australia.

Two exposed instances revealed shipping confirmation emails in HTML format, exposing personal information such as full names and addresses.

What data was leaked? 

  • Full names
  • Home addresses
  • Email addresses
  • Shipping order details

Why is an Etsy shipping email leak dangerous?

  • Attackers could impersonate Etsy or shipping providers to launch convincing phishing campaigns.
  • Leaked order details make fraudulent emails appear legitimate, increasing the success rate of scams.
  • Access to email and shipping info enables social engineering tactics to extract additional personal or financial data from victims.

To read the full research report, please click here.

Leave a comment »

Radiant Logic Unveils Real-Time Identity Observability Capabilities to its Identity Security Posture Management Platform 

Posted in Commentary with tags on May 28, 2025 by itnerd

Radiant Logic today announced its new Identity Observability features as part of the RadiantOne platform. As identity remains the dominant attack vector for cybercriminals, the latest enhancements to the RadiantOne platform deliver real-time visibility and context into the entire Identity and Access Management (IAM) ecosystem—empowering organizations to proactively detect, prioritize and remediate risks before they are exploited. 

Gartner® in their 2025 Guidance for Comprehensive IAM Architecture Strategy recommends organizations should “Invest in a centralized identity and access data platform that integrates discovery tools across all IAM layers to aggregate, correlate and reconcile identity and access data. Implement emerging artificial intelligence (AI)-driven identity and access intelligence solutions to enhance observability and automation to quickly remedy vulnerabilities or facilitate a response to identity threats.”  

RadiantOne discovers, correlates and unifies all human and non-human identity data through a centralized, AI-powered platform that delivers real-time visibility and risk remediation across an organization’s hybrid and multi-cloud environments.    

RadiantOne Key Features include:

  • Real-Time Discovery and Observability: Continuously monitors identity systems, change events and access paths—alerting teams to anomalies and deviations from policy. 
  • Unified Visibility Across the Identity Stack: Provides a graph-based, semantic model of the entire identity ecosystem, including Active Directory, LDAP, On-premise apps, Entra Identity, SaaS apps and more. 
  • Dynamic Risk Scoring: Uses advanced heuristics and pattern recognition to evaluate the maturity and risk of identities and access relationships. 
  • AI-Driven Remediation with AIDA: The AI Data Assistant (AIDA) analyzes complex identity relationships, recommends corrective actions, and facilitates collaborative remediation with line managers and resource owners. 
  • Dashboards and Reporting: Offers real-time identity hygiene monitoring, rich reporting, and maturity assessments to guide policy enforcement and compliance. 

Deployed as a SaaS solution or in a self-managed environment, the RadiantOne platform fits seamlessly into enterprise architectures and accelerates the time-to-value for identity-first security initiatives such as IAM, IGA, and Zero Trust—without the need to rip and replace.  

Leave a comment »

Darktrace uncovers novel botnet targeting IoT devices 

Posted in Commentary with tags on May 28, 2025 by itnerd

 Darktrace researchers have identified a novel Go-based Linux botnet named “PumaBot” targeting embedded Linux IoT devices – notably, the malware checks for the presence of the string “Pumatronix”, a manufacturer of surveillance and traffic camera systems. 

Unlike typical botnets that scan the entire internet, PumaBot uses a remote command-and-control (C2) server to get a list of devices to attack. It gains access by brute-forcing credentials and then disguises itself as legitimate software to avoid detection. The malware establishes persistence, creates multiple backdoors and performs checks to avoid honeypots or other restricted environments, suggesting a sophisticated campaign to establish long-term access to these systems.   

You can read this blog post here.

Leave a comment »

Introducing dmarcian

Posted in Commentary with tags on May 28, 2025 by itnerd

Founded in 2012 by the primary author of the DMARC specification, dmarcian is mission-driven to upgrading the entire world’s email by making DMARC accessible to all with free resources, educational guides, superior tooling and knowledgeable deployment support. They bring together thousands of senders, vendors, and operators in a common effort to build DMARC into the email ecosystem. By staying focused on its mission, dmarcian is able to continue to discover the challenges that everyone faces while deploying DMARC and help make the process as easy as possible.

Best in Class Tooling
dmarcian was formed at the birth of DMARC, offering the first public tooling to help people understand and deploy the control effectively. They created dmarc.io as a free, comprehensive listing of sources (any entity that can send email on behalf of a domain), and their capabilities to support DMARC, DKIM and SPF. Such clarity allows for deployment without disrupting an organization’s most vital business resource—their email.

Their powerful SaaS platform takes reports generated by DMARC and enhances them with its powerful source-classification engine, giving clear insight and actionable steps for a smooth deployment. The DMARC Management Platform offers extensive alerting and reporting so organizations are able to keep their domain catalogs safe and to efficiently deploy new email-based services. 

DMARC Academy
To advance their mission, dmarcian launched DMARC Academy, the first free, comprehensive DMARC curriculum, in May 2022. DMARC Academy provides an opportunity to understand DMARC and its underlying technologies, SPF and DKIM, and how to effectively deploy these technologies across organizations of all sizes to protect domains from phishing and abuse.

Proudly Independent & Self-Funded
dmarcian has expert staff around the world. With offices in key locations covering the Americas, EMEA, and APAC, they are able to meet people where they are and in their time zones while data remains local and in compliance with regulations. 

As a self-funded organization with a mission to help people deploy DMARC, dmarcian concentrates on making email more trustworthy by helping the people who are doing the real work of making it safe—not venture capitalists or investors. Being mission-driven advocates for safer and more reliable email has made dmarcian a trusted advisor among governments and working groups globally. 

Business as a Force for Good
dmarcian is a certified B Corporation, reflecting their values and operating principles upon which they were founded. B Corp certification is to sustainable business what Fair Trade certification is to coffee or USDA Organic certification is to produce. dmarcian continues to stand as stewards to the environment, their employees, and the communities they serve.

“It’s one thing to be part of a successful company, but when we use that success for the greater good—to connect to each other, to the community around us, and to the larger environment—it elevates that success beyond bettering ourselves and turns it into lasting change for a better world,” says Ehrow Draegen, dmarcian Chief Executive Officer.

Leave a comment »

Outpost24 Named an Overall Leader in 2025 KuppingerCole Leadership Compass Report for Attack Surface Management

Posted in Commentary with tags on May 27, 2025 by itnerd

Outpost24 today announced it has been recognized as an Overall Leader in the 2025 KuppingerCole Leadership Compass Report for Attack Surface Management and is the only European vendor named as an Overall Leader in the report. The company was also named a leader in the Product and Market categories. Outpost24 has quickly moved up from its previous position as “Challenger” in 2023 to the Overall Leader category in 2025.

The KuppingerCole Leadership Compass Report provides an overview of the Attack Surface Management market and guides organizations to find the solution that best meets their needs. They examine the market segment, vendor service functionality, and innovative approaches to providing Attack Surface Management solutions.

According to the report, the modern attack surface has expanded significantly due to the use of cloud services, mobile devices, APIs, Internet of Things (IoT) devices, supply chains, and remote work practices. This expansion introduces new endpoints and potential vulnerabilities and makes organizations more susceptible to cyber threats. Implementing Attack Surface Management (ASM) solutions enables organizations to identify potential vulnerabilities, assess the effectiveness of their cybersecurity systems, and strengthen their security posture accordingly. A proactive approach to cybersecurity has become an essential requirement for organizations, as cyber threats continue to evolve in complexity and frequency.

Outpost24 key features selected by KuppingerCole are:

  • Detects websites and applications that are without GDPR-compliant cookie consent practices. (Distinguishing feature)
  • Strong M&A risk analysis capabilities
  • Easy licensing which includes unlimited assets and users per organization
  • Contributing member of the Cyber Threat Alliance
  • Pen testing availability as a service
  • Proprietary risk-scoring framework
  • Supported MITRE ATT&CK mapping

Outpost24’s cloud-based External Attack Surface Management (EASM) platform helps organizations identify, protect and monitor their external attack surface and improve their cyber resilience. Outpost24 offers automatic data gathering, enrichment, and AI-driven analysis modules that analyze all known and unknown internet-facing assets for vulnerabilities and attack paths to then offer simple, effective remediation actions to close any security gaps.

“We are honored to be named an Overall Leader in the 2025 KuppingerCole Leadership Compass Report for Attack Surface Management,” said Ido Erlichman, CEO of Outpost24. “As the modern attack surface continues to expand, organizations must take a proactive approach to protecting themselves by understanding their specific attack surface and identifying any potential vulnerabilities. Our ASM solutions, including recently launched Outpost24 CyberFlex, provide a comprehensive view of internal and external attack surfaces to identify unknown assets, close security gaps, prioritize risk mitigation and holistically protect organizations.”

To download a complimentary copy of the 2025 KuppingerCole Leadership Compass Report, please visit this link.

Outpost24 offers industry-leading Attack Surface Management solutions that keep security teams one step ahead of emerging threats. They help thousands of organizations around the world to identify, protect, and monitor digital risks before they can be exploited. Outpost24 was founded in 2001 and is headquartered in Sweden, with offices in the US, UK, France, Belgium, and Spain.  Visit https://outpost24.com/ for more information.

Leave a comment »

New KnowBe4 Report Reveals Local Governments Face Surge in Ransomware Attacks with Minimal Resources

Posted in Commentary with tags on May 27, 2025 by itnerd

KnowBe4 today released new research highlighting the critical cybersecurity challenges facing state, local, tribal, and territorial (SLTT) governments. The report details how government organizations have become prime targets for cybercriminals while simultaneously facing severe resource constraints.

The data reveals that despite being the third most-targeted sector by ransomware in 2023, over 80% of SLTT organizations operate with fewer than five employees dedicated to cybersecurity. This staffing shortage coincides with a dramatic increase in cyberattacks, as evidenced by a 313% rise in security incidents reported in the MS-ISAC’s 2022 survey. The situation is worsened by the recent cut of $10 million in federal funding for the Center for Internet Security (CIS), which supports crucial information sharing networks for government agencies.

Human error, often exploited through social engineering, remains the most common entry point for cyberattacks in 70-90% of cases. The limited staffing and resources highlight the need for cost-effective and low-maintenance tools to support government entities. KnowBe4’s 2025 Phishing by Industry Benchmarking Report found that a year of security awareness training can reduce an organization’s phishing susceptibility from approximately 33.1% to just 4.1% after one year of implementation. These findings underscore that effective human risk management offers resource-constrained organizations a powerful and affordable defense against the rising tide of cyberthreats.

Key findings from the report:

  • 70% of surveyed SLTT organizations cite lack of sufficient funding as their top security concern
  • More than 80% of government organizations operate with fewer than five dedicated cybersecurity employees.
  • Average ransom per attack reached $872,656 between 2018 and December 2024, with total costs exceeding $1.09 billion.
  • Security awareness training reduced phishing susceptibility from approximately 33.1% to just 4.1% after one year.

To download the “State and Local Cybersecurity: Facing New Burdens Amid Rising Threats” report, visit here.

Leave a comment »

TELUS investing $70 billion in Canada through 2029 

Posted in Commentary with tags on May 27, 2025 by itnerd

TELUS has announced that it is investing more than $70 billion over the next five years to expand and enhance its network infrastructure and operations across Canada. As the country navigates a challenging economic environment and seeks to attract more investment to stimulate growth, this commitment to Canada’s future will help fuel homegrown innovation and support the prosperity of urban and rural communities. This investment builds on an impressive track record, with TELUS investing more than $276 billion since 2000 to boost productivity and support a robust national economy.

Now through 2029 in Canada, TELUS is:

  • Bringing TELUS PureFibre connectivity to homes and businesses across B.C., Alberta, Quebec and Ontario, driving job creation, accelerating innovation and fueling productivity
  • Deploying targeted enhancements to our 5G and LTE services at more than 500 macro and micro sites nationwide this year, significantly increasing wireless coverage and capacity to meet the evolving needs of our customers and communities, now and in the future
  • Addressing the increasing demand for affordable rental housing by redeveloping our central office buildings into TELUS Living initiatives as part of our world-leading copper retirement program. Advancing the journey to net-zero, TELUS continues to support the circular economy by reclaiming and repurposing legacy copper networks, helping meet Canada’s need for this important resource. To date, they have mined more than 4,600 tonnes of copper from their network and enabled a reduction of 9,300 tonnes of GHG emissions – equal to removing nearly 2,000 cars from roads for a year
  • Launching two Sovereign AI Factories in Kamloops and Rimouski. These secure facilities provide Canadian businesses and researchers access to cutting-edge technology, ensuring every piece of data, computation and breakthrough created will remain within Canadian borders
  • Deepening their commitment to rural and Indigenous connectivity by expanding TELUS’ advanced broadband networks to an additional 20 Indigenous lands and 53 rural communities through 2026, on top of the 637 Indigenous lands and 530 rural communities that are already connected to their networks
  • Further bridging digital divides through TELUS Internet, Mobility, Tech and Health for Good, as well as TELUS Wise. Since inception, these initiatives have enhanced access to connectivity and healthcare for 1.4 million people across Canada, while helping them remain safe in the digital world
  • Supporting local youth-focused charities, community partners and projects across Canada and around the world by granting more than $138 million in cash donations since 2005 through the TELUS Friendly Future Foundation and TELUS Community Boards to enable health and education programming
  • Building healthier workplaces and communities through TELUS Health by increasing access to health and well-being solutions, caring for or supporting someone every 10 seconds in Canada and across the globe, in collaboration with innovative Canadian organizations such as McMillan LLP, Canadian Men’s Health Foundation and Clinia
  • Reducing inefficiencies in food and consumer goods production, distribution and consumption through digital tools and data insights provided by TELUS Agriculture & Consumer Goods, improving supply chain connectivity, sustainability, efficiency and traceability
  • Fostering community connection through strategic partnerships with leading sports organizations (Canada Soccer, Canadian Premier League, Vancouver Rise, Vancouver Whitecaps FC, CF Montreal, Canadian Football League, Calgary Flames, Hockey Canada), resorts (Whistler Blackcomb, Resorts of the Canadian Rockies, Mont Tremblant), and cultural and educational venues (MTELUS, Vancouver Symphony Orchestra, Science Centres in Toronto, Montreal, Edmonton and Calgary), while delivering free sports programs and scholarships to over 14,000 youth across Canada, including 15 remote and Indigenous communities

Additionally since 2000, TELUS, team members and retirees have provided $1.8 billion in cash, in-kind contributions, time and programs, including 2.4 million days of volunteerism to communities in Canada and around the world. 

These investments are consistent with TELUS’ capital expenditure guidance for 2025 as disclosed in the company’s fourth quarter 2024 results and 2025 targets news release dated February 12, 2025 and in the company’s first quarter 2025 results news release dated May 9, 2025.

TELUS also embraces tax morality as a means of further investing in our communities. Since 2000, TELUS has paid approximately $61 billion in total tax and spectrum remittances to federal, provincial and municipal governments across Canada, consisting of corporate income taxes, sales taxes, property taxes, employer portion of payroll taxes, various regulatory fees and spectrum remittances, including more than $2.3 billion in taxes in 2024 alone. These funds support public works projects, education, healthcare, cultural pursuits and other initiatives that improve the social and economic well-being of communities.

Leave a comment »

5 out of 10 leading AI LLM providers have experienced data breaches

Posted in Commentary with tags on May 27, 2025 by itnerd

Cybernews researchers evaluated the cybersecurity postures of the top 10 large language model (LLM) providers—including OpenAI, Claude, Perplexity, and DeepSeek — and discovered that half had suffered data breaches, with one breach occurring just nine days before the audit.

The Cybernews Business Digital Index, which evaluates companies based on key cybersecurity criteria, also revealed that all providers had vulnerabilities in their SSL/TLS configurations, and several faced widespread issues in system hosting, credential hygiene, and password reuse.

Additionally, nearly half of sensitive AI prompts are submitted via personal accounts, bypassing official company channels and potentially exposing corporate data without oversight — a growing risk as LLM tools become standard in the workplace.

Key research takeaways:

  • 50% of the top LLM providers have experienced data breaches, including OpenAI (1,140 incidents) and Perplexity AI (190 credentials leaked just 13 days before the audit).
  • All providers had SSL/TLS configuration issues, exposing them to potential man-in-the-middle attacks and data interception.
  • Credential reuse was widespread — 35% of Perplexity AI employees and 33% of EleutherAI reused breached passwords.
  • System hosting vulnerabilities were found in 8 out of 10 providers. Only AI21 Labs and Anthropic avoided major issues in this area.
  • The average cybersecurity score across all providers was 88/100 — but scores ranged widely, with Inflection AI receiving an F.
  • U.S. and Israeli providers generally scored higher than Chinese providers—none of the Chinese companies rated above a C.
  • The growing use of personal accounts to interact with LLMs increases the risk of unmanaged data exposure.

To read the full research, please click here.

Research Methodology

For this study, Cybernews researchers analyzed 10 popular LLM providers. The report evaluates cybersecurity risk across seven key dimensions: software patching, web application security, email protection, system reputation, hosting infrastructure, SSL/TLS configuration, and data breach history.

The report’s Methodology can be found here. It provides detailed information on how researchers conducted this analysis.

Leave a comment »

Samsung Introduces Galaxy XCover7 Pro and Galaxy Tab Active5 Pro

Posted in Commentary with tags on May 26, 2025 by itnerd

Samsung Electronics Co., Ltd. today announced the new Galaxy XCover7 Pro and Galaxy Tab Active5 Pro, enterprise-ready devices designed to meet the demands of today’s fast-paced, high-intensity work environments. Continuing the legacy of Samsung’s ruggedized devices, these latest Pro models are versatile, optimized and secure — delivering water resistance, steady performance and optimized workflow to empower frontline workers, from the office to the field and beyond.

With 5G connectivity, an upgraded processor and increased memory, the XCover7 Pro and Tab Active5 Pro offer high performance. The XCover7 Pro features a powerful new stereo speaker system with anti-feedback technology, which minimizes unwanted audio loops for clearer communication. Both devices offer enhanced battery capacity, with the XCover7 Pro equipped with a 4,350mAh battery for longer usage, while the Tab Active5 Pro comes with a 10,100mAh battery set designed to support demanding workflows. The Tab Active5 Pro also supports Dual Hot-Swap battery functionality, allowing workers to replace batteries without powering down their devices and ensuring seamless operation even when battery levels are low.

These high-performing and durable devices can be an asset in ensuring seamless operations in any work environment, including retail, government, logistics, healthcare and manufacturing.  

he Galaxy XCover7 Pro and Galaxy Tab Active5 Pro are designed to thrive on the frontlines of all industries. Having undergone rigorous testing to ensure they withstand demanding environments, they are ideally built to offer reliable performance in the field. Both devices feature IP68-rated water and dust resistance,[7] helping to protect against dust ingress and exposure to water – making them a great choice for conditions where accidental splashes or occasional submersion may occur.

The Tab Active5 Pro’s S Pen — an essential tool for field professionals who annotate documents, sign forms or input data on the go — further extends usability by functioning even in certain wet conditions.

Their MIL-STD-810H certified designs help ensure resistance to drops, extreme temperatures and vibrations, while the Corning® Gorilla® Glass Victus®+ display on the Tab Active5 Pro helps provide enhanced scratch and impact protection. Those in retail, government, and manufacturing settings can also depend on enhanced touch sensitivity in both devices, allowing seamless use with compatible gloves.

Clear communication is crucial in fast-paced work environments, especially for teams relying on walkie-talkie functionality in industries like construction and emergency response. The Galaxy XCover7 Pro and Galaxy Tab Active5 Pro enhance speaker technology with anti-feedback noise reduction, minimizing disruptive sounds that can occur when multiple devices that share the same channel are in close range. With higher volume and improved clarity, these upgraded stereo speakers help frontline workers stay connected and relay critical information without disruption. The Tab Active5 Pro further strengthens communication with optimized audio tuning, boosting volume levels and incorporating intelligent sound processing to filter out background noise, making collaboration even more effective.

Both devices also offer Vision Booster, which enhances outdoor visibility by improving screen readability in bright environments. The Galaxy Tab Active5 Pro further builds on this with an upgraded display brightness of up to 600 nits — a notable increase from 480 nits in the previous model — ensuring clearer visuals even in challenging lighting conditions. Whether reviewing critical information on-site or navigating workflows outdoors, these upgrades provide better contrast, improved tone mapping, and enhanced visibility against strong illumination, allowing users to stay focused wherever the job takes them.

With extended battery life and seamless power solutions, the Galaxy XCover7 Pro and Galaxy Tab Active5 Pro support uninterrupted workflow. Both devices feature POGO charging interfaces, making it easy for workplaces with POGO docks to charge multiple devices at once. For environments in which devices remain plugged in, the Tab Active5 Pro supports No Battery Mode, allowing it to function when connected to a dedicated power source — ideal for in-vehicle setups, kiosks and workstations.

Seamless connectivity is also key to maintaining work continuity. The XCover7 Pro and Tab Active5 Pro both support 5G connectivity, Wi-Fi 6E and network slicing to prioritize device communication even in dense network environments and ensure fast and stable network access. With dual SIM support (pSIM + eSIM) on the Tab Active5 Pro, workers can effortlessly switch between networks, keeping them connected in any environment.

The Tab Active5 Pro introduces front-facing NFC Tagging, enhancing usability in retail, hospitality and logistics environments where fast, secure interactions are essential. Enabling seamless authentication, asset tracking and mobile payments, the tablet can effectively be used as a mobile point-of-sale (mPOS) system in retail stores and restaurants alike. Employees can quickly validate credentials, process transactions and manage assets without any additional hardware, enhancing efficiency in industries where speed and security are critical.

Samsung’s latest ruggedized devices also introduce AI-driven enhancements, reinforcing Samsung’s commitment to expanding AI capabilities across its entire ecosystem. These intelligent features make everyday tasks more intuitive and efficient, helping frontline professionals work smarter and faster in dynamic environments while making advanced AI more accessible across a broader range of devices.

Equipped with high-performance chipsets, enhanced usability features and intuitive AI-powered tools, both devices enable workers to multitask with ease. Features like Circle to Search with Google, Object Eraser, AI Select and Read Aloud allow users to complete tasks more efficiently, reducing manual effort. The Galaxy XCover7 Pro is powered by the Snapdragon® 7s Gen 3 Mobile Platform (4nm Octa-Core) chipset which optimizes power efficiency and processing speed, while the Tab Active5 Pro, featuring the same chipset, delivers increased RAM and expanded storage options to handle demanding workloads.

Designed for professionals who need flexibility, both devices support Samsung DeX, allowing them to connect to a monitor or PC for a desktop-like experience. Whether managing field reports, performing administrative tasks or presenting data, users can transition seamlessly between mobile and desktop environments.

Additionally, programmable keys allow users to assign shortcuts to frequently used applications, such as barcode scanning, push-to-talk or emergency alerts. This customization enhances workflow efficiency, reducing time spent navigating menus and improving responsiveness in critical situations.

Security remains a cornerstone of Samsung’s ruggedized devices, with Samsung Knox Vault safeguarding sensitive data through advanced encryption and authentication to ensure compliance with enterprise security standards. Beyond that, Samsung offers a comprehensive suite of security innovations designed to provide strong protection, transparency and user control. Real-time Kernel Protection and DEFEX deliver runtime protection at both the app and kernel layers, while Samsung’s Warranty Bit detects tampering and restricts access to sensitive applications, such as Work Profile, helping to maintain a trusted device environment.

Availability

The new Galaxy XCover7 Pro and Galaxy Tab Active5 Pro will be available starting May 26, 2025.

Leave a comment »

SafeBreach Analysis: Russian APTs and LummaC2

Posted in Commentary with tags on May 23, 2025 by itnerd

The U.S. government recently issued two critical cybersecurity alerts: AA25-141A and AA25-141B. These alerts highlighted a surge in sophisticated threat activity, from Russian state-sponsored campaigns to the rise of LummaC2 malware. SafeBreach recently published in-depth breakdowns of both alerts, offering insights into the attack chains and how enterprises can validate their defenses against them.

Links to the related blog posts can be found here:

Leave a comment »

« Older Entries
Newer Entries »