Today is Data Innovation Day

Posted in Commentary on May 11, 2025 by itnerd

Today is Data Innovation Day, an annual event held on May 11 to celebrate the pivotal role of data in driving innovation and growth in business, government, and society. It is a day we recognize data professionals’ achievements and raise awareness about data innovation’s crucial role in shaping the modern world. 

As we commemorate Data Innovation Day, Robert Renzoni, Director of Technical Sales, Federal at Hammerspace, the high-performance data platform for AI, shares his unique perspective on its significance to the U.S Federal Government and why mobilizing data is the key to empowering the future of AI and government modernization:  

Every year, Data Innovation Day invites us to reflect on how data shapes our world—and to reimagine how we manage, access, and use it to drive societal progress. The celebration is more than symbolic for government leaders, federal system integrators, and IT modernization strategists. It’s a call to action.

As artificial intelligence and machine learning have become central to national security, public services, and policy execution, the ability to mobilize and share data securely and efficiently is now a strategic imperative. But there’s a challenge: most federal agencies are still grappling with legacy IT systems not built for today’s distributed, data-intensive demands.

At the heart of modernization lies a fundamental question: Can data be moved as fast as the mission requires?

AI Is Starving Without the Right Data Infrastructure

AI doesn’t just need data —it requires the correct data in the right place and time. Whether it’s training large language models, performing real-time inference at the edge, or deploying predictive analytics for public health or defense, AI workloads demand:

  • High-performance access to diverse, often siloed data sources
  • Rapid, policy-based orchestration of data across hybrid and multi-cloud environments
  • Data provenance, governance, and compliance in every step of the pipeline

Yet federal data often resides in legacy storage systems, scattered across geographically separated locations, air-gapped environments, and cloud enclaves. This fragmentation makes it incredibly difficult, sometimes impossible, for agencies to leverage AI’s potential fully.

Data Innovation Is More Than a Buzzword—It’s a Modernization Mandate

Data Innovation Day isn’t just about technology—it’s about creating the conditions for innovation to flourish. In government, that means breaking down systemic data barriers to support faster, smarter, and more secure decision-making.

Data mobilization—the ability to move and access data transparently across environments—is no longer a “nice to have.” It is a foundational requirement for AI-readiness and a cornerstone of initiatives like:

  • Executive Order 14110 on Safe, Secure, and Trustworthy Development of AI
  • Federal Data Strategy and the Federal Data Maturity Model
  • The Department of Government Efficiency (DOGE) Modernization Goals
  • Zero Trust Architecture mandates, which require dynamic access and control

On this Data Innovation Day, we applaud bold thinkers who push boundaries and incorporate cutting-edge technology to advance their data strategies. While AI, hybrid cloud, and edge computing constantly improve, one fact remains unchanged: true innovation relies on providing optimized access to data.”

Leave a comment »

Qilin Ransomware gang says it hacked the Sheriff of Hamilton County, TN

Posted in Commentary with tags on May 9, 2025 by itnerd

Ransomware gang Qilin this week claimed responsibility for an April 14, 2025 cyber-attack on the Hamilton County Sheriff’s Office in Chattanooga, TN. The office on May 2 acknowledged a ransomware attack, saying the hackers demanded $300,000 in ransom. The sheriff says HCSO did not pay the ransom, but did pay $48,000 to Vendetta, a third-party cybersecurity firm.

In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:

“Qilin is a ransomware gang that started claiming responsibility for attacks on its website in late 2022. Also known as Agenda, Qilin is a Russia-based hacking group that mainly targets victims through phishing emails to spread its ransomware. It launched in August 2022 and runs a ransomware-as-a-service business in which affiliates pay to use Qilin’s malware to launch attacks and collect ransoms. Qilin made another 171 unconfirmed attack claims that haven’t been acknowledged by the targeted organizations. Three of those allegedly hit government organizations.”

“Ransomware attacks on US government agencies and departments can both steal data and lock down computer systems. The attacker then demands a ransom to delete the stolen data and in exchange for a key to recover infected systems. If the target doesn’t pay, it could take weeks or even months to restore systems, data could be lost forever, and people whose data was stolen are put at greater risk of fraud. According to our data, it takes an average of 19.5 days for government organizations to recover from ransomware attacks.”

This gang appears to be on a roll as I have been writing a fair amount about them recently. That’s not good for all of us as that will embolden them to launch increased and more devastating attacks on organizations.

Leave a comment »

Broadcom’s customer shakedown opens old pathways for ransomware gangs 

Posted in Commentary with tags on May 9, 2025 by itnerd

Broadcom who recently bought VMware has started to send cease and desist letters to customers who are running perpetual licenses of VMware without an active support contract. If you want to see what one of these looks like, here is an example. In short, this is more of a shakedown letter that says that users may continue to use their perpetual licenses. However, they can no longer purchase support unless they had prior contractual agreements to do so. Support is now only offered through subscription models. This sometimes leads to cost increases of 300 percent or more from what I have heard. But more importantly it forces customers to roll back security updates if they choose not to pay Broadcom and thus leaving them open to old vulnerabilities that ransomware gangs may start exploiting. 

In a blog post published today, Comparitech analyzed this new policy. The analysis looks at what happened, the security ramifications, the impact to VMware customers, and what companies can do to protect themselves against ransomware threats. 

For full details, please see the full analysis here. But if you want my advice, I would look for an alternative to Broadcom’s products. I say that because even with a supposedly free product like VMware Fusion, I can no longer check for updates. Instead, I have to log in using my Broadcom account to download and reinstall the entire application to get a security update. This has been noted on Broadcom’s own forums. While that is a first world problem of sorts, it means that I am less likely to get security updates in a timely fashion. That I find to be unacceptable because companies shouldn’t do things like this that impact the security of their customers in a negative way.

1 Comment »

Reddit Announces Reddit Pro Profile Tools

Posted in Commentary with tags on May 8, 2025 by itnerd

There’s some news from Reddit today. The company announced the availability of new profile tools to help businesses build their presence and connect with Reddit’s 100,000+ communities via Reddit Pro, a free suite of tools designed to support businesses of all sizes with organic engagement on the platform.

These enhancements will allow businesses to:

  • Set up their profiles more quickly by generating suggested bio descriptions when they sign up for Reddit Pro
  • Crosspost relevant community posts and comments about their products and services directly from the Reddit Pro trends tab to their profiles.

You can learn more about these new features and Reddit Pro on Reddit for Business.

Leave a comment »

The Westfield Fire District Has Apparently Been Pwned By The Medusa Ransomware Gang

Posted in Commentary with tags on May 8, 2025 by itnerd

The Westfield Fire District in Middleton, CT this week confirmed it notified victims of a November 2024 data breach that compromised their personal info. Ransomware gang Medusa claimed responsibility for the breach on December 12, 2024, but Westfield Fire District has not verified Medusa’s claim.

In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:

“Medusa is a ransomware gang that first surfaced in September 2019. It debuted its leak site in February 2023, where it publishes stolen data of victims who don’t pay ransoms. Medusa often uses a double-extortion approach in which victims are forced to pay both to unlock their systems and for Medusa to not sell or publish stolen data. In 2024, Medusa claimed responsibility for 68 confirmed ransomware attacks compromising nearly 2.4 million records. Its average ransom demand is $576,000.”

“In 2024, Comparitech researchers logged 93 confirmed ransomware attacks on US government entities, which compromised more than 2.4 million records. In 2025 so far, we’ve tracked 20 such attacks. The average ransom is just over $2.1 million.”

“Ransomware attacks on US government agencies and departments can both steal data and lock down computer systems. The attacker then demands a ransom to delete the stolen data and in exchange for a key to recover infected systems. If the target doesn’t pay, it could take weeks or even months to restore systems, and people whose data was stolen are put at greater risk of fraud. Ransomware can disrupt everything from communications to billing, payroll, and online services.”

Every single day I am writing about a ransomware attack. That alone should make it crystal clear that this is a problem that is a “right now” problem. Because ransomware gangs are running the show right now and that must not be allowed to continue.

Leave a comment »

Outpost24 Enhances EASM Platform with Digital Risk Protection Modules for Social Media and Data Leakage

Posted in Commentary with tags on May 8, 2025 by itnerd

Outpost24, leading provider of cyber risk management and threat intelligence solutions, today announced the integration of two new Digital Risk Protection (DRP) modules to its External Attack Surface Management (EASM) platform. The Social Media and Data Leakage modules are now offered alongside the Leaked Credentials and Dark Web modules to enhance customer insights into the entire attack surface. 

From access to private and exclusive sources, strong automation capabilities, and powered by advanced threat intelligence, Outpost24’s new DRP modules assist organizations in getting a full overview of external threats and risks, empowering proactivity and prioritization. 

With threat actors leveraging information on social media profiles to launch attacks against companies, the Social Media DRP module monitors organizations’ profiles as part of the attack surface. From the real-time tracking of social media impersonation, external breaches, and internal leaks, this module enables organizations to respond faster to threats and incidents as they emerge. 

Likewise, an organization’s sensitive documents are an integral asset to keep protected from external eyes. The Data Leakage DRP module detects potentially leaked documents and potentially leaked source code, providing organizations with enough time to react appropriately. 

Together, these attack surface monitoring modules empower companies to:

  • Respond faster to threats as they emerge on social media 
  • Detect leaked documents and source code and inform teams before they become a problem 
  • Protect their reputation and reduce the risk of phishing or fraud 
  • Prevent confidential information from spreading by catching issues early

To learn more about Outpost24’s EASM Platform with Digital Risk Protection modules, including the new Social Media and Data Leakage additions, please click here

Leave a comment »

Guest Post: If The Cat Game Can Leak Your Data, Any App Can – Here’s How to Protect Yourself

Posted in Commentary with tags on May 8, 2025 by itnerd

By Aras Nazarovas

If you thought downloading a cute cat game was harmless, think again. We at Cybernews have cracked open the code of “Cats Tower: The Cat Game!” – an iOS app with half a million users – and found it purring out plenty of secrets: user IP addresses, Facebook tokens, and locations and credentials for the app’s backend systems.

This is a symptom of a much bigger problem hiding in plain sight on your iPhone – and it’s happening at a scale that should make every user pause before tapping “Install.”

The Cat’s Out of the Bag

Let’s break it down: we went spelunking through the guts of 156,000 iOS apps – about 8% of everything on the App Store. What we found is the stuff of digital nightmares: 71% of those apps were leaking at least one hardcoded secret. We’re talking API keys, cloud credentials, and other sensitive endpoints.

Many people believe iOS apps are more secure. But our research shows developers often leave keys to the kingdom in plain sight. It’s like locking your front door but taping the key to the window. Wouldn’t this make you anxious? 

In the case of the cat game, that meant 450,000 users’ IP addresses and ~250 Facebook access tokens were up for grabs. With that kind of data, a savvy bad actor could track you, hijack your social media, or even spin up fake requests to the app’s backend – weaponizing the app against its own users.

How to Keep Your Data Out of the Litter Box

So you’re one of the 1.38 billion active iPhone users in the world, and you love your apps – maybe even that cat game that’s spilling half a million users’ secrets across the internet. Here’s the truth: your data is only as safe as the laziest developer in your app library. But you don’t have to be a sitting duck.

Start with permissions. Every time you install an app, it asks for access – to your location, your photos, your contacts. Most people just tap “Allow.” Don’t. Head to Settings > Privacy & Security and audit who’s got the keys to your digital house. If a game wants your location, ask yourself why. Spoiler: It likely doesn’t need it.

Update like your privacy depends on it – because it does. Apple pushes out security updates for a reason. Hackers love old software. Go to Settings > General > Software Update and don’t let those red notification dots linger. The same goes for your apps: update early and often.

Lock it down. Still using “123456” or your birthday as a passcode? Time to level up. Use a long, unique passcode and enable Face ID or Touch ID. If someone snatches your phone, you want it to be a brick, not a gold mine.

Don’t trust – verify. That adorable new app? Treat it like a stranger at your door. Check reviews, look up the developer, and think twice before granting permissions. Even the App Store’s walled garden isn’t weed-free.

Clean your digital house. Delete apps you don’t use. Every extra app is another potential leak. Before deleting the app, delete the account you created for the service, if they don’t have your data, they can’t leak it. Less is more.

Stay skeptical. Phishing isn’t just for email. If an app asks you to log in with Facebook or Google, make sure it’s legit. And never, ever tap on sketchy links.

Remember, if iOS apps are leaking secrets, it’s up to users to protect themselves first. Assume your favorite app could have a data breach tomorrow. Act accordingly.

The Bottom Line

The cat game leak is a warning shot. As mobile cyberattacks surge and the App Store’s walled garden shows cracks, it’s clear that mobile security is your problem too, not just Apple’s. So next time you download a new app – even one with adorable kittens – remember that on the internet, curiosity doesn’t just kill the cat. It can put your privacy at risk, too.

ABOUT THE AUTHOR

Aras Nazarovas is an Information Security Researcher at Cybernews, a research-driven online publication. Aras specializes in cybersecurity and threat analysis. He investigates online services, malicious campaigns, and hardware security while compiling data on the most prevalent cybersecurity threats. Aras along with the Cybernews research team have uncovered significant online privacy and security issues impacting organizations and platforms such as NASA, Google Play, App Store, and PayPal. The Cybernews research team conducts over 7,000 investigations and publishes more than 600 studies annually, helping consumers and businesses better understand and mitigate data security risks.

Leave a comment »

OWC Launches “My OWC” App to Further Streamline Setup, Support, and Ownership Experience

Posted in Commentary with tags on May 8, 2025 by itnerd

Other World Computing today announced the launch of the My OWC app on iOS. From when the box is opened, the new intuitive mobile companion streamlines every stage of the customer experience (CX), empowering users to effortlessly set up and manage their OWC products, access personalized support, and stay up to date with push notifications – all from the palm of their hand.

OWC has always focused on making technology approachable and easy to use. And with the My OWC app, that experience is even more seamless. The app offers a more connected way to set up, manage, and get the most out of your gear, right from the start. Getting started is simple. Customers can simply scan a QR code or select their device from the list. Step-by-step guides, how-to videos, FAQs, are now at your fingertips, as well as instant real-time notifications of firmware alerts, compatibility tips, and maintenance suggestions. All of which is completely personalized for their exact product(s).

​​My OWC app key features include:

●     Quick Start & Setup Resources – Instantly access product manuals, setup instructions, troubleshooting resources, and commonly asked questions

●     Product-Specific Alerts – Stay informed with real-time notifications about firmware updates, performance tips, product news, and more

●     3D Product Previews – Use augmented reality to view select OWC products in your own workspace – see how devices will fit before setup

●     Easy Product Management – Register your OWC products in seconds to ensure you stay up to date with product-specific news and updates

●     Stay Updated – Get the latest OWC news, upcoming events, and exclusive updates right from the app

The My OWC app is available now as a free download from the Apple App Store, here: https://download.owc.com/myowc/ios

For further information about the My OWC app, please visit: https://www.owc.com/solutions/my-owc-app

Leave a comment »

Google Uncovers New LOSTKEYS Malware Linked to Russia-Based Hacker

Posted in Commentary with tags on May 7, 2025 by itnerd

Google has uncovered a new piece of malware called LOSTKEYS, attributed to the Russian government-backed threat group Cold River (also known as UNC4057, Star Blizzard, and Callisto). The group is capable of stealing files from a hard-coded list of extensions and directories, along with sending system information and running processes to the attacker. LOSTKEYS marks a new development in the toolset of Cold River, a group primarily known for credential phishing against high-profile targets like NATO governments, non-governmental organizations (NGOs), and former intelligence and diplomatic officers.

More info can be found here. https://cloud.google.com/blog/topics/threat-intelligence/coldriver-steal-documents-western-targets-ngos 

Erich Kron, security awareness advocate at cybersecurity firm KnowBe4, commented:

“There can be no doubt that intelligence gathering and cyber warfare is taking place at the nation-state level and will probably do so for the foreseeable future. This is simply the digital version of a spy sneaking in a micro camera and taking pictures of sensitive information and then providing it to whomever they work for. While these attacks are targeting mostly non-governmental organizations (NGOs), many of them do have ties to government agencies and could have information useful to that government’s adversaries.

“Because it seems they prefer tactics such as social engineering through email phishing, organizations should ensure that they have a well implemented human risk management (HRM) program in place that includes training and education to help employees fend off social engineering attacks.”

The human element is always the weakest point. Thus improving that would go a long way in terms of heading off attacks.

UPDATE: Another comment has come in from Darren Siegel, Lead Sales Engineer at Outpost24:

“This is yet another example showing that credential theft is an ongoing area of risk, as even the strongest passwords can be captured by this kind of malware attack.  While obviously the ideal outcome here would be to prevent such attacks from occurring in the first place, it underscores the need for organizations to implement continuous monitoring for compromised credentials, ideally using tools that are informed by threat intelligence that can quickly identify and respond to new breaches.” 

Leave a comment »

Specops Analysis: Marks & Spencer Hack – Active Directory & Service Desk Security Lessons

Posted in Commentary with tags on May 7, 2025 by itnerd

The significant cyberattack on British retailer Marks & Spencer highlights the growing impact of sophisticated ransomware attacks on major corporations – as well as the ongoing need for strong Active Directory security.  

Specops Software has analyzed the attack in an updated post M&S ransomware hack: Active Directory & Service Desk security lessons.

The first critical lesson is that Active Directory (AD) environments must be treated as crown jewels and defended accordingly. While attackers getting access to the NTDS.dit file is obviously a serious breach, if your passwords are strong (long, not using common base words, not using existing breached passwords) it can still be quite expensive for an attacker to brute force those hashes to learn the users’ actual passwords. There also needs to be a focus on detecting and containing lateral movement in the event of a breach. Implementing certain measures will harden Active Directory environments against both offline-hash cracking and the misuse of elevated credentials—two of the primary enablers of the M&S attack. 

To vew the full Specops Software analysis, please see the report M&S ransomware hack: Active Directory & Service Desk lessons, which includes a summary of the attack, how it happened, who is Scattered Spider and what can be learned from the attack.   

Leave a comment »

« Older Entries
Newer Entries »