Posted in Commentary with tags Apple on April 16, 2025 by itnerd
Apple has a list of vintage and obsolete products. And as of today Apple has added the 2018 Mac mini. By adding that Mac to the list, every single Intel Mac is now either vintage or obsolete. So what does that mean? We’ll there’s a couple of things:
A device is vintage after five years since it was put on the market. Vintage devices can still be supported for repairs though.
When the device hits seven years, it is given the ‘obsolete’ label. At this point, you can’t get repairs.
But the larger issue is that if you have an Intel Mac you should start considering making a move to an Apple Silicon Mac as clearly the days of Intel Macs are clearly numbered.
Posted in Commentary with tags MITRE on April 16, 2025 by itnerd
The non-profit research and development organization MITRE put out a statement saying that their funding which allows them to run the Common Vulnerabilities and Exposures (CVE) program is about to get cut as of TODAY.
Let me get to the point. This is the single dumbest thing that anyone can do as this underpins a huge chunk of vulnerability management, incident response and critical infrastructure protection efforts. In short, we as a whole are screwed from an INFOSEC perspective.
Debbie Gordon, CEO and Founder, Cloud Range had this to say:
“A network is only as secure as the known vulnerabilities that have been patched. Given that our Nation’s Critical Infrastructure is operating under heavy reliance on the CVE repository to discover and resolve reported vulnerabilities, this transition will surely cause major gaps to their level of security. In these times of constant cyber threats, organizations will now need to increase their levels of visibility and awareness, and their defense teams need to have even greater critical thinking and situational awareness to detect and respond to threats.”
Buckle up folks because INFOSEC is about to get really rocky. And I have to admit, I am really, really scared as to what is about to come down the track.
Hammerspace, the high-performance Data Platform for AI, today announced that several strategic venture investors, who were early backers of transformative companies like NVIDIA, Meta, Palantir, SpaceX and Tesla, have invested $100 million in new strategic growth capital in Hammerspace.
This is not a typical venture round. Altimeter Capital, ARK Invest, and other hand-selected strategic investors are participating not just for returns—but for the opportunity to drive the next era of AI infrastructure. These partners bring more than funding. They bring strategic insight, deep sector experience, and an active commitment to our long-term success.
Data performance has evolved from a competitive edge to a requirement in the race to scale AI infrastructure. Hammerspace delivers that edge across every dimension of unstructured data: storage, access, movement, and deployment. Whether training thousands of GPUs on-premises or in the cloud, deploying large-scale inference or maximizing NVMe performance in local GPU servers, Hammerspace is purpose-built to unleash data performance at scale.
The Investors Betting on Performance at Scale
Altimeter Capital, which identified industry shifts early with investments in Meta, MongoDB, NVIDIA, Snowflake and Uber, led the Series B round.
ARK Invest, led by Cathie Wood, joined the round through its ARK Venture Fund. Known for its conviction-based investing in disruptive technology companies—including early bets on Tesla, NVIDIA and Palantir—ARK sees Hammerspace as foundational to the performance infrastructure AI demands.
The remainder of the funding round was filled out by a combination of new and existing investors. Early investors identified Hammerspace as a disruptive force in data infrastructure well before AI workloads reshaped enterprise, hyperscaler and cloud priorities. With demand for high-speed, scalable access to data now surging, existing supporters continue to invest in Hammerspace to support its expansion into a fast-growing market.
The Next Era of Data Infrastructure
Global technology leaders, including Hitachi Vantara (a subsidiary of Hitachi Ltd., HTHIY) and Supermicro (SMCI), are building solutions on Hammerspace’s software for customers like Meta, the U.S. Department of Defense, the National Science Foundation, and major life sciences organizations. These deployments demonstrate a new standard in performance across hybrid, multi-cloud, and edge environments—without complexity or vendor lock-in.
Hammerspace gives organizations a Linux-native, standards-based, parallel file system and object store that delivers unmatched performance across file and object protocols using standard Ethernet or high-speed interconnects like InfiniBand. The platform uniquely overcomes data gravity by combining instant data-in-place assimilation from other sources with high-speed movement across hybrid environments – all in the service of delivering peak performance everywhere.
Hammerspace stands apart as the first platform built entirely around the performance needs of modern computing. From unmatched GPU throughput to instant access across file and object data to deployment time measured in minutes—not weeks—every capability of the platform is designed to remove bottlenecks, maximize speed and deliver scale.
With this latest investment, Hammerspace will accelerate global expansion and deepen its position as the performance platform of record for AI, HPC and hybrid cloud environments.
Posted in Commentary with tags SAP on April 16, 2025 by itnerd
New data from the latest annual SAP Concur CFO Insights Survey* reveals the evolution of top priorities for Canadian finance leaders amid challenging economic conditions and geopolitical tensions – from AI to cybersecurity. The 2025 research highlights the opportunities and barriers finance leaders face today, while also providing comparisons with previous years’ results.
Economic conditions are the greatest external challenge
External factors are playing a big role in the decision-making of Canadian finance leaders. The following highlights demonstrate the uphill battle finance leaders now face:
The highest ranked external challenge is worsening economic conditions, with 50% placing the concern in their top 3
However, geopolitical tensions soared this year (30%) as a concern for finance leaders when compared with 2024 results (15%)
Regulatory compliance related to climate change is no longer as much of a worry in 2025, remaining in the top three for just 30% of respondents – compared with 83% in 2024
Though the challenges businesses face externally are outside of the finance leaders’ control, being able to mitigate their impact is within their remit – and it comes down to the software solutions and tools they have available. Yet, a lack of data visibility is impacting 53% of Canadian finance leaders – with problems with ease-of-use and adoption (43%), and limited reporting and analytics (47%) next in line.
Unlocking AI & Cybersecurity
Manual processes are a top internal challenge for more than a third of Canadian finance leaders (43%). This has risen significantly in the past few years, with just 1% ranking manual processes as the top challenge in 2023.
However, finance departments are embracing AI today, with over half (63%) highly automating general office tasks – a significant increase on 2024’s results with just 7% reporting this level of automation in their organisation. That’s a significant uptick in usage in the space of a year.
Other top AI automation use cases include journal entries and bookkeeping (63%), monitoring for fraud (47%) and financial planning (33%).
Finance leaders report AI is having a positive impact on various areas of their organisation including decision-making (97%), risk reduction (83%) or achieving ESG goals (40%).
When it comes to cybersecurity, more than half of finance leaders (63%) plan to increase their cybersecurity budget. Only 17% plan to enhance collaboration with the Chief Information Security Officer (CISO) and across the IT department though.
In fact, finance leaders today are split about who in the C-Suite should be responsible for driving progress on the increasing cybersecurity threat: 47% of finance leaders believe that driving progress on cybersecurity should be the reserve of IT leaders only, while 53% report it should be finance and IT leaders.
This sentiment comes at a time where the evolving cybersecurity landscape has the potential to influence organisation’s ability to pursue upcoming growth initiatives.
A third (43%) of finance leaders report that their growth plans will proceed as planned, while half (47%) say they will adapt growth initiatives to align with the cybersecurity landscape.
Just 10% say they will slow down growth initiatives to focus on cybersecurity.
Growth in 2025
For Canadian finance departments in 2025, optimising costs and efficiency is a key priority to drive growth (80%) – with investments in AI technology (70%) and focusing on sustainability and ESG (60%) next in line.
But they know they can’t do it alone – ensuring cross-functional collaboration is vital for driving growth.
All respondents (100%) rate themselves as ‘excellent’ or ‘good’ at communicating to get buy-in from the wider business on new growth initiatives – and 83% of HR leaders and 67% of IT leaders agree.
Yet, there’s controversy among those working in finance over who should be responsible for this growth – with 81% of CFOs believing the CFO is the primary driver of growth despite only 52% of finance Senior Vice Presidents (SVPs) agreeing.
Finance SVPs are more likely to think CFOs should support – but not lead – growth initiatives (20%) or that growth leadership should be shared across the c-suite (28%). While just 9% of CFOs agree that growth leadership should be shared.
*SAP Concur surveyed 350 chief financial officers and senior finance leaders, 115 HR leaders and 115 IT leaders for its latest CFO Insights report. The research, conducted between December 2024 and January 2025, covered Canada, Australia, Brazil, Germany, Japan, Mexico, the United Kingdom and the United States.
Posted in Commentary with tags Hacked on April 15, 2025 by itnerd
Yesterday, Comparitech reportedthat Ransomware gang Medusa over the weekend claimed responsibility for last week’s cyber attack against Fall River Public Schools in Bristol County, Massachusetts.
In the blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech,wrote:
“Medusa is a ransomware gang that first surfaced in September 2019. It debuted its leak site in February 2023, where it publishes stolen data of victims who don’t pay ransoms. Medusa often uses a double-extortion approach in which victims are forced to pay both to decrypt their systems and for not selling or publishing stolen data.”
“In 2025 so far, Medusa claimed responsibility 10 confirmed ransomware attacks and made 69 unconfirmed claims that have not been acknowledged by the targeted organizations. Many of those attacks targeted schools. Its attacks on Lee University and Laurens County School District 56 were both confirmed this year.”
“Medusa has claimed 24 confirmed ransomware attacks on schools and other educational institutions around the world since the group started publicizing its targets. Its average ransom demand is $430,000.”
“So far in 2025, Comparitech researchers logged 12 confirmed ransomware attacks on US schools and colleges. Last year, we recorded 75 such attacks, which compromised at least 2.8 million records. The average ransom demand is $815,000.”
“Ransomware attacks on schools and other education facilities can disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, and assignments. Ransomware attacks are often two-pronged: they lock down systems and steal data. Schools that refuse to pay can face extended downtime, lose data, and put students and faculty at increased risk of fraud.”
Ransomware attacks are insanely prevalent. That’s bad as they need to go in the other direction to keep everyone safe. Thus more needs to be done to turn this around and it needs to be done ASAP.
Posted in Commentary with tags Hacked on April 15, 2025 by itnerd
Ransomware gang Rhysida today claimedresponsibility for a cyber attack last week at the the Oregon Department of Environmental Quality which forced the department to shut down the email system, computer workstations, help desk, and vehicle inspection stations. Most of those services were brought back online by April 14.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech,wrote:
“Rhysida is a ransomware group that first surfaced in May 2023. Its ransomware can steal data and lock down targeted systems. It then demands a ransom both for deleting stolen data and for a key to restore infected systems. Rhysida operates a ransomware-as-a-service business in which affiliates pay Rhysida to use its malware and infrastructure to launch attacks and collect ransoms.”
“Rhysida claimed 86 confirmed ransomware attacks since it began, compromising more than 5.4 million records. It made another 104 attack claims that haven’t been acknowledged by the targeted organizations. Its average ransom demand is $1.07 million.”
“In 2025 so far, Comparitech researchers have logged 15 confirmed ransomware attacks on US government entities, plus 22 unconfirmed claims.”
“In addition to data theft, ransomware attacks on US government entities can disrupt computer access to essential services, payments, communications, and stored files. Officials must then either pay a ransom or face extended downtime, data loss, and putting constituents at increased risk of fraud.”
The research team at SafetyDetectives just wrapped up a really interesting study, where they compare the censorship and content moderation policies of major platforms and investigate whether they are actually effective or just security theater.
Key findings at a glance:
Censorship patterns for videos on major social media show that, profanity is the most censored type of content at 55.6%, followed by violence and conflict and sexual Abuse at 7%. On the other hand, the less censored are Self-Harm and People’s Faces tied at 2.3%.
News outlets and credible informational accounts are sometimes subject to different moderation standards. On the other hand, comedic and entertainment posts still experienced strict regulations on profanity, even on news outlets.
Content depicting graphic violence is the most widely prohibited in platforms’ policies, with only Meta allowing it with conditions. While YouTube is the only one to impose a blanket prohibition on gory or distressing materials.
Content censorship appears to be more performative than functional and double standards are also apparentin other platforms whose owners haveclear political ties.
Considering their findings, they believe that individuals and organizations must practice careful scrutiny when consuming media or information on these platforms, given the seemingly one-sided implementation of policies on different social media sites.
Rental car company Hertz says it suffered a data breach, attributed to software maker Cleo, that included customers personal information and driver’s licenses. Hertz has put up a page on this which you can see here:
“The data breach impacting Hertz and its associated brands is a textbook example of how third-party vulnerabilities can cascade into massive data exposure, even for well-established enterprises. What makes this breach especially concerning is the type of data compromised, not just names and contact details, but driver’s licenses, payment card information, Social Security numbers, and even workers’ compensation claims. This is prime identity theft material, and unfortunately, once it’s leaked, there’s no putting the genie back in the bottle.
“The breach relates to a known vulnerability exploited by the Clop ransomware group in Cleo’s enterprise file transfer solution. Last year, Cleo was already on the radar for widespread exploitation by Russian-linked actors, yet many organizations were slow to identify and isolate exposure paths. This reinforces a painful truth: companies are only as secure as their most vulnerable vendor.
“Hertz may not have been directly compromised, but its vendor relationships introduced risk vectors that weren’t fully mitigated. This is a growing pattern across the ransomware landscape, where attackers target software supply chains to scale their reach and impact.
“For consumers, the aftermath is frustratingly familiar. A driver’s license or Social Security number cannot be ‘reset’ like a password. These data points are permanent identifiers, and once they are exposed, victims become vulnerable to synthetic identity fraud, targeted phishing, and even fraudulent claims or loans.
“This breach highlights the necessity for increased proactive vendor due diligence, enhanced threat intelligence sharing, and stronger regulatory pressure on third-party software providers to comply with contemporary security standards. The risks impact millions of individuals and the public’s trust in digital infrastructure.”
Javvad Malik, lead security awareness advocate at KnowBe4 follows with this:
Zero-day vulnerabilities are rare, but when they occur have a large impact. Even if Hertz had all their systems patched and up to date, it would have been difficult to protect against the Cleo zero day attack. Offering identity monitoring is all well and good, but it is very much a case of bolting the barn door once the horse has bolted. The real challenge lies in staying ahead of these evolving threats. Organizations need to shift their mindset from reactive to proactive. Defense in depth needs to be adequately configured so that even if one system is compromised through a zero day, the whole infrastructure doesn’t fall like a house of cards. Part of this is building a strong security culture, where security is embedded throughout the organization and not just limited to the security team.
This is something that I will watch closely as my wife and I used Hertz when we were in France in 2023. Thus there is always the possibility that we’re impacted. Regardless, this is another example of you’re only as secure as the people your company works with. On top of that, why did it take so long for Hertz to report this? That’s a question that I would like answered sooner rather than later.
CloudSEK’s security researchers have uncovered a sophisticated malware campaign using fake PDF-to-DOCX conversion tools to infect unsuspecting users with a powerful information stealer. This comes just weeks after the FBI’s Denver office issued a public alert warning of malicious online file converters being leveraged to deliver malware.
The report reveals how cybercriminals have crafted deceptive websites, such as candyxpdf[.]com and candyconverterpdf[.]com, that meticulously mimic the legitimate pdfcandy.com service.
These fraudulent platforms lure users into executing a malicious PowerShell command, initiating a complex infection chain that delivers malware capable of stealing sensitive data, including browser credentials, cryptocurrency wallets, and other personal information.
A Sophisticated Blend of Deception and Technology
The campaign employs advanced social engineering to exploit users’ trust. Victims uploading a PDF for conversion encounter a fake processing animation, followed by an unexpected CAPTCHA prompt designed to enhance the site’s perceived legitimacy and rush users into action. This leads to instructions to run a PowerShell command, which triggers a redirection chain through domains like bind-new-connect[.]click, ultimately delivering a malicious “adobe.zip” payload. The archive contains “audiobit[.]exe,” which leverages legitimate Windows tools like MSBuild[.]exe to deploy Arechclient2. (Read Full Report, For More Information)
“This campaign highlights how cybercriminals exploit everyday digital tools. By combining psychological manipulation with technical sophistication, these attackers turn routine tasks like file conversion into opportunities for data theft. Our research aims to equip individuals and organizations with the knowledge to stay safe,” said Varun Ajmera, Threat Intelligence Researcher, CloudSEK.
The scale of this threat becomes clear when considering the popularity of the legitimate PDFCandy.com, which attracts approximately 2.8 million monthly visits. Notably, India represents the largest segment of its user base, accounting for 19.07% or roughly 533,960 monthly visitors. This substantial audience provides a vast pool of potential victims for the threat actors behind this malicious campaign. While the fraudulent sites, candyxpdf[.]com and candyconverterpdf[.]com, saw approximately 2,300 and 4,100 visits respectively in March 2025, these numbers demonstrate active exploitation of the impersonated service’s popularity.
How the Attack Works
Spoofed Websites: Domains like candyxpdf[.]com and candyconverterpdf[.]com imitate the real PDFCandy website.
Deceptive Flow: Fake file conversion followed by a CAPTCHA prompt creates trust and urgency.
Malware Trigger: Users are prompted to run a PowerShell command, leading to the download of a malicious ZIP file masquerading as a legitimate Adobe resource.
Payload Execution: The ZIP contains audiobit.exe, which executes via MSBuild.exe – a legitimate Windows utility weaponized to run ArechClient2. (Read Full Report, For More Information)
CloudSEK’s technical analysis traced the malware delivery chain through multiple redirections, eventually landing on a known malicious domain (bind-new-connect[.]click) to deliver the payload. The attacker’s infrastructure, command chain, and payload hashes are included in the full report.
Wider Implications
This campaign demonstrates a growing trend where attackers prey on routine digital activities—like file conversion—to compromise systems. Given the increasing use of online converters in corporate and personal workflows, this type of attack has wide-ranging implications for cybersecurity hygiene.
Protecting Against the Threat
CloudSEK’s report provides actionable recommendations to safeguard individuals and organizations:
Stick to Trusted Tools: Use reputable file conversion services from official websites and avoid unverified “free” converters.
Strengthen Technical Defenses: Keep antivirus software updated, deploy endpoint detection and response (EDR) solutions, and use DNS filtering to block malicious domains.
Educate Users: Train employees to recognize red flags, such as suspicious URLs, unexpected CAPTCHAs, or prompts to run command-line instructions.
Incident Response: Isolate compromised devices, change passwords from a clean device, and report incidents to authorities promptly.
Offline Alternatives: Consider offline conversion tools to avoid uploading sensitive files to remote servers.
A Call to Vigilance
As online file converters remain a staple in digital workflows, this campaign underscores the need for heightened awareness. “As threat actors become more creative with their tactics, cybersecurity must evolve to prioritize behavior-based detection, user awareness, and zero-trust principles. Organizations should invest in robust endpoint security, DNS filtering, and employee training. Most importantly, we need to reduce reliance on unknown web-based tools and encourage the use of secure, offline alternatives for tasks like file conversion,” said Varun Ajmera, Threat Intelligence Researcher, CloudSEK.
About CloudSEK:CloudSEK is a contextual AI company that predicts Cyber Threats. Our Cloud SaaS platform constantly seeks security solutions for our customers’ digital risks. To learn more about how CloudSEK can strengthen your external security posture and deliver value from Day One, visit https://cloudsek.com or drop a note to info@cloudsek.com.
Arcitecta, a creative and innovative data management software company, today announced it has been named a Leader and Fast Mover in the 2025 GigaOm Radar Report for Unstructured Data Management. The report recognized the innovation and leadership of the Arcitecta Mediaflux® data management platform, awarding it with “Exceptional” 5-star scores across crucial categories that included Metadata Analytics, Global Content Search, Workload Orchestration, Data Protection, Scalability, Flexibility, Performance and Manageability. These scores earned Arcitecta the top ratings for Key Features and Business Criteria, with the sole top average rating across business criteria comparisons (4.7 out of 5.0) and tying with IBM and Cohesity for the top average rating across key feature comparisons (each with 4.4 out of 5.0).
Unstructured data management has evolved from a storage-centric discipline into a strategic imperative for modern enterprises, requiring critical tools for transforming data repositories into actionable business assets, as noted in the GigaOm report. Organizations are facing exponential data growth – petabyte scale is the new normal. Without proper data acquisition and data management, the full value of all this data is often unrealized.
Arcitecta’s Mediaflux is an open platform with robust security and access controls, powered by hyperscale database technology and a simple API. It integrates data management, metadata curation and business policies into a single distributed solution, connecting business systems, compute infrastructure and data holdings.
The GigaOm report highlights the following key strengths that distinguish Arcitecta from its peers and fortify its position as a market leader:
Metadata Analytics: Arcitecta stands out with its sophisticated metadata analytics capabilities powered by its XODB database. This enables comprehensive data lifecycle management and empowers organizations to make informed decisions through real-time analysis and reporting.
Global Content Search: Arcitecta delivers exceptional performance with its implementation of a unified global namespace, facilitating efficient content search across distributed environments. With response times measured in milliseconds, even when handling billions of files, this feature ensures rapid and reliable data access.
Workload Orchestration: Arcitecta shines with its advanced orchestration capabilities, which effectively manage sequencing, storage allocation and computational resources throughout the data lifecycle. These features are complemented by robust error handling and recovery mechanisms, ensuring seamless operations.
The Mediaflux Difference
Mediaflux offers an advanced, comprehensive data management platform that can operate on a massive scale to help organizations better manage their data throughout its entire lifecycle. Its suite of solutions enables organizations to organize, search, share and preserve their data well into the future for lasting value and includes the following:
Mediaflux Real-Time. An ideal solution for growing file management, video, live sports, broadcast, experimentation and more. Arcitecta’s Mediaflux Real-Time provides nearly instant access to live data as it is being generated and delivers it to edge locations where it can be utilized. It supports real-time editing, removes workflow bottlenecks and enhances remote collaboration, enabling faster content delivery and seamless media management.
Mediaflux Point in Time. A revolutionary new backup and recovery approach that redefines data resilience at scale. Point in Time eliminates the cost and business impact of lost or corrupted data and provides self-service data recovery. It allows users or IT administrators to go back to any point in time to recover needed files – even in the event of a cyberattack where files have been encrypted. It provides a strong first line of defense against crypto locking with the ability to roll back ransomware attacks, enabling the complete and immediate recovery of data – a recovery time objective (RTO) of zero – and virtually no downtime with a recovery point objective (RPO) near zero, typically within milliseconds.
Mediaflux Livewire. A file transfer software solution that leverages the power of metadata to optimize data movement via parallelized data transfers across latent networks and eliminate redundant file transfers. Livewire enables customers to transmit large amounts of data over very low-bandwidth and unreliable network connections. It allows customers with smaller networks, especially relative to the size of data they need to transmit, to easily keep large amounts of data synchronized between sites and transmit data in both directions, regardless of low network bandwidth and reliability.
Mediaflux Universal Data System. A convergence of data management, data orchestration, multi-protocol access, and storage in one platform. The system manages the entire data lifecycle, both on-premise and in the cloud, with globally distributed access. With Mediaflux Universal Data System, data- and research-intensive organizations can easily share data across locations while achieving massive scalability, high performance and dramatic cost savings.
Mediaflux Multi-Site, Mediaflux EdgeandMediaflux Burst. These solutions enable users within geographically dispersed workforces to collaborate more efficiently, spend far less time waiting for data when needed and avoid unnecessary investments in compute resources when usage times peak. As part of Arcitecta’s evolving ecosystem of advanced data management capabilities, these solutions ensure data is moved to the right location for the right user at the right time, accelerating innovation, discoveries and business outcomes.
Every Intel Mac Is Now Vintage Or Obsolete
Posted in Commentary with tags Apple on April 16, 2025 by itnerdApple has a list of vintage and obsolete products. And as of today Apple has added the 2018 Mac mini. By adding that Mac to the list, every single Intel Mac is now either vintage or obsolete. So what does that mean? We’ll there’s a couple of things:
But the larger issue is that if you have an Intel Mac you should start considering making a move to an Apple Silicon Mac as clearly the days of Intel Macs are clearly numbered.
Leave a comment »