Palo Alto Makes A Number Of Announcements At RSA

Posted in Commentary with tags on April 28, 2025 by itnerd

Earlier today to kick off the start of RSA, Palo Alto Networks released multiple announcements:

  • Palo Alto Networks Bolsters SASE Capabilities for Modern Workplace. Palo Alto Networks announced its latest advancements in Prisma® SASE, the industry’s most comprehensive secure access service edge (SASE) solution, unveiling Prisma Access Browser 2.0, the world’s only SASE-native secure browser. Prisma Access Browser 2.0, along with Endpoint Data Loss Prevention (DLP) and expanded cloud presence with Oracle Cloud Infrastructure (OCI), are new Prisma SASE capabilities designed to secure generative AI (GenAI) usage, improve user experience and enhance operational resilience in the modern workplace.

Leave a comment »

Qilin Claims Cyberattack on Malaysia International Airport 

Posted in Commentary with tags on April 28, 2025 by itnerd

 It is being reported that the ransomware gang Qilin today claimed responsibility for a March 2025 cyber-attack against the Kuala Lumpur International Airport in Malaysia. The airport has not verified Qilin’s claim, but Qilin says it stole 2 TB of data from Kuala Lumpur International Airport in the attack.

In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:

“Qilin is a ransomware group that began claiming responsibility for attacks on its website in late 2022. Also known as Agenda, Qilin is a Russia-based hacking group that mainly targets victims through phishing emails to spread its ransomware. It launched in August 2022 and runs a ransomware-as-a-service business in which affiliates pay to use Qilin’s malware to launch attacks and collect ransoms. Qilin has claimed responsibility for 60 confirmed ransomware attacks since 2022, 14 of which it claimed in 2025.”

“Ransomware attacks can lock down computer systems and steal confidential data. For transportation businesses, these attacks can cause cancellations, delays, missed bookings and payments, data loss, and other disruptions. Infected organizations must either pay a ransom or face extended downtime, data loss, and putting data subjects at increased risk of fraud.”

“In 2025, Comparitech researchers logged eight confirmed ransomware attacks against organizations in the transportation sector, plus another 123 unconfirmed claims that haven’t been acknowledged by the targeted organizations.”

It’s only a matter of time before a ransomware gang takes responsibility for an attack that takes down a major transport hub. When, not if that happens, that will be devasting. At the same time it will highlight that not enough is being done to stop these criminals from causing havoc.

Leave a comment »

Flashpoint Announces Ignite Enhancements to Improves Threat Intelligence 

Posted in Commentary with tags on April 28, 2025 by itnerd

This morning Flashpoint announced the release of new robust capabilities to its flagship platform, Flashpoint Ignite, at the RSA Conference 2025.  These newest AI-powered Ignite innovations will address a growing need: making threat intelligence more usable, intuitive, and aligned to how teams actually work enabling them to reduce friction and extract more value from their threat intelligence.

Specifically, the new Ignite features include artificial intelligence (AI)-powered risk discovery, curated threat feeds, asset-centric intelligence, and on-demand expansion of highly relevant data sources. These innovations are uniquely designed to deliver the most actionable insights that are precisely aligned with customers’ threat and intelligence needs, enabling organizations to make informed decisions and protect their most critical assets.

You can get more details here.

Leave a comment »

SOCRadar Launches New AI-Powered Cybersecurity Assistant ‘Copilot’ 

Posted in Commentary with tags on April 28, 2025 by itnerd

 SOCRadar today introduced SOCRadar Copilot, an AI-powered cybersecurity assistant designed to enhance platform efficiency, share knowledge and insights, and automate routine security operations. It will help time-strapped security teams to streamline security processes and reporting, all while continuously learning, adapting and evolving to help security teams be proactive and future-proof their defenses against evolving risks. SOCRadar Copilot was officially announced at RSAC 2025.

Stress has become symptomatic of cybersecurity teams, especially as threats increase in volume and become more sophisticated. Statistics show that 70% of SOC teams are emotionally overwhelmed by security alert volumes, with 55% admitting that they aren’t entirely confident in their ability to prioritize and respond to threats. There’s concern that stress and overwhelm could lead to burnout, a big problem within the cybersecurity industry that contributes to low talent retention rates, loss of productivity and staff being signed off sick. Security teams need tools and partners that can cut through noise, reduce false positives and help them to prioritize the threats that matter.

SOCRadar Copilot aims to support security teams so that they can focus on the threats that matter. Core features of SOCRadar Copilot include:

  • AI-Powered Help and Insights – SOCRadar Copilot gives security teams access to round the clock, instant, in-platform answers, recommendations, knowledge, and insights.
  • Smart Task Automation – SOCRadar Copilot helps teams to easily configure smart workflows to enable AI agents to perform automated platform tasks and functions which once had been time-consuming, like threat intelligence analysis.
  • Automatically Reduce Alarm Noise – The AI engine automatically filters out irrelevant alarms and prioritizes significant threats.

SOCRadar Copilot is a dynamic cybersecurity partner that proactively helps teams to anticipate and counter future threats by continuously learning, adapting and evolving using the latest threat intelligence and insight. SOCRadar Copilot accelerates and enhances cybersecurity operations by filtering noise, prioritizing critical information, reducing manual workloads, and streamlining decision-making, reporting, and intelligence analysis.

SOCRadar Copilot is made up of three key components that are available to users:

  • AI Assistant Chatbot – Provides users with comprehensive cybersecurity support, including general knowledge, strategic advice, data-driven insights, platform assistance, threat analysis, and vulnerability information.
  • AI Insights Everywhere – AI-driven insights integrated throughout the platform streamline cybersecurity workflows by enhancing alarm management, threat intelligence, vulnerability response, dark web analysis, and supply chain risk mitigation. In practice, in dark web monitoring, for example, AI helps analyze and summarize key points, while in alarm management, it supports prioritization.
  • AI Agents – AI agents autonomously perform advanced tasks, including detecting phishing websites through domain analysis and acting as automated analysts correlating threat data with known attack patterns.

SOCRadar Copilot will be commercially available in May in two different versions: Light and Pro. The Copilot Light model is free and offers customers platform training, assistance, and support with usage. The Copilot Pro model includes special advanced Agentic AI applications designed to solve specific problems using various Copilot AI Agents. Demos of the product will be available throughout the RSA Conference 2025 (April 28 – May 1) in booth 5484.

Leave a comment »

Commvault announces new capabilities + CrowdStrike extended partnership

Posted in Commentary with tags on April 28, 2025 by itnerd

Today, during RSAC, cyber resilience leader Commvault has made two announcements, including: 

  • New capabilities for their Cleanroom Recovery offering
    • Factory Reset – an industry first capability, will accelerate the infrastructure recovery process by enabling customers to rapidly restore their infrastructure from a pre-defined, validated, clean image. Eliminating the concern of restoring infrastructure that’s tainted by ransomware and quickly rehydrating restored systems with data, helping to speed up the overall recovery process. 
    • Commvault Cloud Threat Scan  – added threat scanning capabilities will empower security and IT teams to scan their recovered data in a cleanroom and ensure their data is clean while helping enterprises remain in a state of continuous business after bad actors strike.
    • Delivery via managed service providers – MSP providers focused on helping enterprises be resilient will now be able to offer Cleanroom Recovery to their customers. 
  • Expanded partnership with CrowdStrike
    • Building on existing integrations between Commvault and CrowdStrike, this expanded partnership delivers a unified suite of services, including CrowdStrike’s elite incident response services and Commvault’s Guardian retainer-based services offerings. The companies will enable joint customers to improve readiness, respond faster, and achieve cleaner recoveries.  

On top of that, Commvault also secured GovRAMP Authorization – the company is the only cyber resilience vendor to hold GovRAMP Authorized, FedRAMP High Authorized, and FIPS 140-3 validated status for its SaaS data protection solutions. The press release can be found here.

Leave a comment »

KnowBe4 Releases Their Q1 2025 Phishing Report

Posted in Commentary with tags on April 28, 2025 by itnerd

KnowBe4 today released its Q1 2025 Phishing Report. This quarter’s findings reveal the most deceptive email subjects users click in phishing simulations, indicating HR and IT-related emails account for over 60% of top-clicked phishing emails. All data for this report was taken from the KnowBe4 HRM+ platform between January 1, 2025, and March 31, 2025.

KnowBe4’s Q1 2025 Phishing Report reveals that impersonating internal communications, such as from HR or IT, received the most failures. An overwhelming 60.7% of the simulations clicked mentioned an internal team and 49.7% mentioned HR specifically. Despite evolving techniques by bad actors, phishing emails remain among the most prevalent tools for executing cyberattacks. Exploiting this vulnerability, cybercriminals craft deceptively authentic phishing emails that align with current trends, exploiting human emotions to invoke urgency and trick recipients into clicking malicious links or opening harmful attachments. Top reported subjects included “Zoom Clips” from managers, HR training reports, and mail server warnings.

The report highlights the ongoing threat posed by email-embedded phishing links, which continue to be a primary attack tactic. Analysis shows people were more likely to click on links related to internal topics or impersonating known brands (61.6%), with 68.6% involving domain spoofing. Organizations are highly susceptible to branded landing pages from Microsoft, LinkedIn and Google, which ranked as the top three most effective phishing destinations for harvesting credentials.

The report also reveals people’s continued susceptibility to phishing emails leveraging QR codes. The top three QR codes people scanned in simulations related to: a new drug and alcohol policy from HR (14.7%), a DocuSign for review and signing (13.7%) and a Workday happy birthday message (12.7%). In attachment-based campaigns, people were most likely to open PDFs (53%), HTML files (28.5%) and Word files (18.5%).

To download a copy of the Q1 2025 KnowBe4 Phishing Report infographic, visit here.

Leave a comment »

 How User Departures From Twitter/X Are Reshaping Social Media Dynamics

Posted in Commentary with tags on April 28, 2025 by itnerd

Website Planet just wrapped up an fascinating study, where they explore the key reasons behind the exodus in the social media platform X, highlighting notable departures and exploring whether this shift will have lasting effects on X’s future in the social media landscape.

Key findings at a glance:

  • Many high-profile users and brands have left X due to content moderation concerns and Elon Musk’s leadership.
  • Ad revenue has dropped by 55% year-over-year, with a 78% decline in December 2022 alone.
  • While 27.6% of major advertisers returned by early 2025, overall ad revenue remains down.
  • Users are moving to platforms like Bluesky which has grown by 1,064% since October 2023, reaching 21 million users by March 2024.
  • Users are not flocking to a single alternative but spreading across multiple platforms, requiring brands to adapt to a multi-platform strategy.

In conclusion, the departure of high-profile users, brands, and advertisers from X since Elon Musk’s acquisition marks a major shift in the social media landscape. Taking that into consideration, while X explores financial services and analytics to regain stability, its long-term influence remains uncertain, highlighting the evolving nature of social media and corporate platform strategies.

You can access their report here: https://www.websiteplanet.com/blog/people-and-companies-leaving-x/

Leave a comment »

Ransomware attacks increased by 102% in 2025

Posted in Commentary with tags on April 28, 2025 by itnerd

Cybernews’ latest 2025 Q1 overview reveals an alarming surge in ransomware activity. According to the Ransomlooker tool, 2,028 known ransomware attacks occurred in just three months, with a 101.8% increase compared to Q1 2024. The number of active ransomware gangs also spiked, with 65 groups operating in the first quarter.

The findings also show ransomware gangs adopting a more calculated, high-stakes approach with attacks aimed at billion-dollar Fortune 500 corporations.

This report offers key insights into where ransomware is headed and who’s next in the crosshairs. The shift toward targeting billion-dollar corporations highlights the growing risk to industries essential to everyday life and the downstream effects the attacks can have on global supply chains and public services.

Key findings of this research:

  • 2,028 ransomware victims were tracked in Q1 2025 — up from 1,005 in Q1 2024. That’s a 101.8% increase in attacks.
  • LockBit dropped from first place to 21st, with attacks falling from 219 in Q1 2024 to just 23 in Q1 2025.
  • 65 ransomware gangs active in Q1 2025, up from 47 the year before — 14 were new or rebranded.
  • The top 10 victims had a combined annual revenue of $329.8 billion.
  • Estimated potential ransom demands (1%) from those top victims could exceed $3.3 billion.
  • Most targeted sectors are manufacturing and industrial, consumer and retail services, technology and IT, transportation and logistics, and business services.
  • Cl0p, Akira, and RansomHub were the most active ransomware gangs.
  • The US remains the top target with 783 known cases, followed by Canada and the UK.

To read the full research, please click here.

Leave a comment »

Review: Targus Terra EcoSmart 15-16″ Backpack 

Posted in Products with tags on April 28, 2025 by itnerd

Not long ago, I switched from a laptop bag that was literally falling apart to this Targus backpack. There’s nothing wrong with this backpack at all, but thanks to Targus, I now have an upgrade. They sent me the Terra EcoSmart 15-16″ backpack recently which looks like this:

This has a pretty modern and contemporary look to it which I like. And it’s a bit like the TARDIS. It’s bigger on the inside than on the outside. Let me illustrate that:

The very front pocket has a keyring for your keys.

But in my case, I use it for my GearAid Heroclip which is part of my everyday carry.

One cool feature is that it has this flap that makes the zipper difficult to unzip. Handy for places like Downtown Toronto which has a bit of a petty crime problem.

There’s an expandable pouch on each side of the backpack for water bottles.

On the back of the backpack is a zippered compartment that holds a rain cover for the backpack. Handy if you use this backpack to cycle to and from work. Speaking of cycling…

It has a pair of hooks on the front which you can use to do this:

You can hang your helmet on the backpack securely thanks to those hooks. Meaning that it’s one less thing that you have in your hands or inside the backpack.

And there’s loop at the bottom front of the backpack that allows you to hang a rear light so that you are always safe when cycling.

Pro tip: I always use front and rear lights when cycling. Daytime, night time, it doesn’t matter. You should too as it will help you to stay safe.

One of the straps has a slot for a card like a bus pass or in this case, my CAA card which I am using for demonstrating purposes.

Around back there’s a mesh like weave to keep your back cool, and a strap that allows you to slide the backpack through your luggage.

The middle compartment really has a lot of space. I’ve tossed my business cards, a pen, a paper notebook and a pack of tissues in it. But I can also throw my tech sling in here with ease and have lots space left over.

The laptop compartment is very well padded and fit my 16″ MacBook Pro with no issues. One thing to note that the bottom of this compartment is suspended off the ground. Meaning that putting your laptop down will not damage your expensive computer.

Targus gets bonus points for having this zipper for the laptop compartment that locks. Meaning that stealing your laptop is now harder to steal.

Other notes about this backpack include:

  • I sprayed some water onto the fabric and it beads. Meaning that at the very least it is water resistant. Handy if you live in a place where it rains a lot. The zippers also appear to be water resistant as well.
  • 8 plastic bottles were used to make this backpack. Meaning that by buying it, you’re helping the environment.

So is it perfect? Well, the only thing that I would improve is that I would have added a hidden AirTag compartment into it. Thus to put an AirTag in this backpack, I had to improvise by using one of these to hide it in a place were nobody would look for it. Having said that, Targus does make a backpack with FindMy functionality. So if you want some sort of tracking ability in your backpack, that’s an option for you.

The Targus Terra EcoSmart 15-16″ backpack goes for $70 MSRP. And you get a fair amount for your money including some cyclist friendly features. Which is why I will be using this backpack going forward. While I don’t use my bike to commute, everything else about this backpack is top shelf as far as I am concerned.

1 Comment »

The Evolution of Phishing Scams: Smarter, More Targeted, and Harder to Stop

Posted in Commentary with tags on April 25, 2025 by itnerd

The research team at SafetyDetectives just finished up a really interesting study, where they explore how phishing scams have transformed over time, especially with the advent of AI technology, highlighting the growing sophistication and challenges these scams pose to digital security.

Key findings at a glance:

  • On average, it takes a user around 60 seconds to fall for a phishing scam and over the past three years, deepfake attacks have increased by 2,137%, rising from 0.1% to 6.5% of all fraud attempts detected.
  • 2023 was the worst year on record for phishing attacks, with nearly five million incidents reported.
  • In the third quarter of 2024, the most popular free email client used in BEC attacks was Google’s Gmail, accounting for 83.1% of all free email accounts set up by scammers.
  • AI-generated phishing emails have an open rate of about 78%, with 21% of recipients clicking on harmful links or attachments within the email. Furthermore, generative AI tools can speed up the process of engineering phishing attacks by at least 40%.

As phishers continue to adapt their tactics, individuals and organizations alike need to stay vigilant and implement robust security measures to protect against these ever-evolving threats. By staying informed and proactive, we can reduce the impact of phishing scams and make our digital lives safer.

You can access the report here: https://www.safetydetectives.com/blog/phishing-metrics-research/

Leave a comment »

« Older Entries
Newer Entries »