ConnectSecure Launches Google Workspace Assessments to Strengthen Cloud Security Posture for MSPs

Posted in Commentary on April 15, 2025 by itnerd

ConnectSecure today announced the launch of its new Google Workspace Assessments. This powerful new capability enhances ConnectSecure’s vulnerability platform by empowering MSPs to assess, detect, and mitigate risks within their clients’ Google Workspace environments. With this addition, ConnectSecure expands its cloud assessment capabilities beyond Microsoft 365, offering broader protection across key collaboration platforms.

As cloud adoption accelerates, the need for visibility and control over third-party platforms has never been greater. With the new Google Workspace Assessments, MSPs can now identify vulnerabilities, flag configuration issues, and generate client-facing reports — all within minutes. This offering is designed to proactively reduce risk across a suite of cloud applications, including Gmail, Google Drive, Google Meet and Calendar.

Key benefits of ConnectSecure’s Google Workspace Assessments include:

  • Immediate Deployment: Simple setup with fast results — run assessments in just minutes.
  • Client-Friendly Reports: Translate technical findings into clear, actionable insights for end users.
  • Risk Detection & Prioritization: Uncover and address risks across Gmail, Drive, Calendar and Meet.
  • Revenue Growth Opportunity: Equip MSPs to enhance service offerings and expand client trust through value-added cybersecurity services.

This new offering complements ConnectSecure’s broader mission: to deliver a single, unified platform for risk assessments across networks, endpoints, vulnerabilities, Microsoft 365 and now Google Workspace.

Leave a comment »

Review: TP-Link Archer GE800 BE19000

Posted in Products with tags on April 15, 2025 by itnerd

WiFi 7 is quickly becoming mainstream. I say that because all sorts of new WiFi 7 hardware options are coming onto the market every time I look around. Today’s example of this is the TP-Link Archer GE800 BE19000:

The first thing that came to mind when I saw this was that it looked like an Imperial Shuttle from Star Wars: Return Of The Jedi. But this shape does give it some party tricks for your enjoyment. Before I get to those, you get buttons on the front that do the following easily:

  • WPS button
  • Wi-Fi on/off
  • Game Acceleration. This accelerates game applications, game devices, mobile games, and the like with WTFast GPN.
  • Turning on/off the LED lights

I am going to assume that the antennas are in each “wing.” But that’s not all that’s in them.

There’s RGB lighting on the sides which you can tweak with via the TP-Link Tether app.

Not to mention that there’s RGB lighting on the bottom as well. Now I had to turn these off during my testing as my wife thought that it was beyond over the top and ordered me to disable all of it the second she saw it. So for those of you who have significant others, you might want to keep that in mind and proactively turn the RGB effects off.

Here’s the business end of the router. Besides a USB 3.0 port for a storage device like a hard drive, you get two 10 Gbps ports. One of them is a LAN port, the other is a combo WAN port which gives you the option of running an SFP+ module. So if you have fibre Internet and you don’t need to use an optical networking terminal like I do, you can plug the fibre cable straight into the router for maximum speed. Nice! There’s also four 2.5 Gbps LAN ports but one is a dedicated gaming port. Meaning that any device connected to this port will be automatically prioritized. Which in turn means that it will give you that extra millisecond or two to pwn n00bz.

With the looks and connectivity out of the way, let’s get to the WiFi part of this. This is what you get out of the box:

  • 4×4 2.4GHz BE: Up to 1376Mbps 
    (20/40MHz)
  • 4×4 5GHz BE: Up to 5760Mbps (20/40/80/160MHz)
  • 4×4 6GHz BE: Up to 11520Mbps (20/40/80/160/320MHz)

That’s not all. You can create an SSID (network name) for each of the three bands which allows you to support special use cases such as mine where I want all the bands separate to make sure that devices, especially IoT devices have no issues connecting. And on top of that you can create an MLO (multi link operation) SSID for your WiFi devices that support MLO. That was easily done through the TP-Link Tether app. But it also has a web interface that also gives you way more customization if you want to tinker with your router’s setup. I should also mention that this router supports TP-Link’s EasyMesh which allows you to add a compatible TP-Link router to create a mesh network should the need arise.

Set up is going to be easy for most using theTether app. By that I mean that if you have a straight forward Internet connection, you can be set up in under five minutes. But it took me about 20 due to the fact that my Internet connection isn’t straight forward as it uses PPPoE and a VLAN on top of that. Thus I had to spend some time figuring out how to set that up. But once it was set up, and I did a firmware update, I was ready to go with my testing.

Let’s start with 5 Ghz testing. Frankly I wasn’t impressed when I tested this router with my iPhone 14 Pro:

I’ve gotten much faster 5 Ghz speeds with other routers in the past. But my lack of enthusiasm quickly changed when I tested the 6 Ghz band via my M2 Pro Mac mini. When I did that, here’s what I got:

My Internet connection is a symmetrical 1 Gbps fibre connection. So over WiFi it not only came close to maxing out my Internet connection, but it also recorded the fastest speeds from a router that I have ever tested. Or put another way, if I had a faster Internet connection, This TP-Link router has the headroom to support it. Impressive. And range wasn’t an issue as I was getting insanely fast speeds through walls and even outside my condo in the hallway.

Gripes? Well for starters, this router has a fan to keep things cool. Which it needs as I could feel the heat coming out the various vents that the router has. Now I had to really make things quiet to come close to hearing the hum it made. And to be clear that hum wasn’t objectionable. But I have to wonder if that fan will survive the test of time as any moving part in any device will eventually fail at some point. My advice is to make sure it’s in an open space so that heat and the potential of a fan failure less of a potential issue.

My other gripe is that features like Security+ which makes your router more secure by implementing features like intrusion detection and prevention as well as scanning your web traffic for harmful content such as malware, as well as parental controls are paid subscription services. That’s a bit of a #fail and I say that because ASUS for example just tosses these features into the cost of the router. While that does make ASUS routers more expensive than the TP-Link equivalent, at least you those features out of the gate and don’t have to sign up for yet another subscription to get those features. Plus it makes users more secure in the process as users will simply turn on those features rather than think about taking out their credit cards in order to be as secure as possible.

The TP-Link Archer GE800 BE19000 is currently $900 on Amazon.ca which is a good price for a router that performs this well. If TP-Link added the security and parental control features as part of the price, or increased the price of the router to include those features by a reasonable amount, it in my mind would go from a great router, to an almost perfect router as I really didn’t find any flaws with it. That makes this router worth a look if you are a gamer, or you have an Internet connection that can fully leverage it.

Leave a comment »

Help your mom level up her health tracking this Mother’s Day with Samsung AI-powered smartphones and wearables

Posted in Commentary with tags on April 14, 2025 by itnerd

Tracking your health is no easy feat, especially for the busy mom who’s always on the go. This Mother’s Day, help your mom take their health tracking to the next level with Samsung AI-powered smartphones and wearables that support their routines, passions, and overall wellbeing. Whether she’s tracking her wellness goals, capturing precious family moments, or just needs a device that can keep up, Samsung has a smart gift to match. 

Here are four standout picks to consider for your Mother’s Day coverage: 

  • Wellness That Fits Her Life – The Samsung Galaxy Ring (Starting at $549.99 CAD): 

Minimal, powerful, and designed for 24/7 wear, the Samsung Galaxy Ring is the newest way to stay connected to health. Paired with the Samsung Health app, it delivers deep insights through features like Sleep Tracking and Cycle Tracking such as sleep quality, heart rate, and stress. It’s wellness support that moves with her. 

  • Built for Multi-Tasking Moms – Galaxy Tab S10 FE (Starting at $699.99 CAD): 

Whether she’s streaming her favorite series, managing the family calendar, or sketching out ideas with the included S Pen, the Galaxy Tab S10 FE makes it all seamless. A vibrant display, long battery life, and smooth app performance help her do more—comfortably, from anywhere. 

  • Celebrate Her with the Best – Galaxy S25 Series (Starting at $1,198.99 CAD): 

The Galaxy S25 is more than a smartphone—it’s a daily companion that supports balance, connection, and self-care. With innovative Galaxy AI and intuitive tools like the Now Bar and Now Brief, everyday tasks feel effortless. Built-in Samsung Health features like Energy Score and Sleep Tracking make it easy to track sleep, stress, and steps, while the pro-grade camera captures every mindful moment in stunning detail. It’s AI-powered wellness, seamless connectivity, and elevated style—all in one device. 

  • Personalized Health, powered by AI – Galaxy Watch7 (Starting at $519.99 CAD): 

Whether she’s training for a 10K or just wants better sleep, the Galaxy Watch7 gives her tailored, real-time insights through the Samsung Health app. With advanced sensor tech and AI-powered health tracking, it’s the ultimate sidekick for movement, mindfulness, and motivation—right on her wrist. 

Leave a comment »

Kidney Dialysis Provider DaVita Reports Ransomware Attack

Posted in Commentary with tags on April 14, 2025 by itnerd

Today, kidney dialysis provider DaVita disclosed that it was hit with a ransomware attack that encrypted certain elements of its network.

Erich Kron, security awareness advocate at KnowBe4, commented:

“Ransomware attacks such as this against healthcare facilities can cause significant issues for current and past patients. While the release does not currently mention a theft of data, it is extremely common for that to occur alongside the encryption component. This means patients should keep an eye open for future notifications from DaVita related to their data being breached or for unusual credit transactions being attempted. Ransomware groups often plan these attacks to fall over weekends or during holiday times with the hope that response times by the victim organization will be slower than during the week. Since many people are less easily contacted over the weekends, or may be unavailable, this slowdown in response can allow the attackers to steal and encrypt more data, which gives them more leverage in ransom negotiations than they might be able to take advantage of during the work week.

“When these attacks occur in medical facilities, it can lead to significant issues for patients of the organization. Not only can services be canceled or delayed, with the usual computerized systems offline, there is an increased chance of human error being introduced into the processes, especially if the employees are not used to working with the manual methods that organizations often must fall back to during a ransomware event. 

“Organizations that might be subject to ransomware events such as this should ensure they have a robust human risk management program in place, good backups that have been tested, and data loss prevention controls deployed to limit the amount of, or completely stop, the exfiltration of data. In addition, organizations should have a plan in place to deal with emergencies that happen after hours or during holidays and weekends, and the plan should be tested on a regular basis.

This might sound familiar, but healthcare is one of those sectors that really requires a cash infusion to stop this sort of thing from happening. And I will keep saying that until this is addressed because this is getting out of hand.

Leave a comment »

Tax Day and the Seasonal Urgency that Cybercriminals Love to Exploit

Posted in Commentary with tags on April 14, 2025 by itnerd

With Tax Day just one day away and people rushing to file their tax returns, cybersecurity experts are warning of the increased risk that comes with this time. 

Cybercriminals are quick to exploit seasonal events — and tax season is no exception. It’s a yearly honeypot for cybercriminals, who take advantage of heightened stress, tight deadlines, and sensitive financial data.

The KnowBe4 Threat Labs has published a threat alert finding a spike in tax-related phishing scams this spring. 

The full alert can be read here: https://blog.knowbe4.com/beware-tax-trap-seasonal-urgency-drives-spike-in-tax-related-phishing

According to the alert, the researchers observed a 27.9% increased in phishing attacks in March 2025 compared with the previous month. Across both the US and the EU, many of these phishing attacks contained financially-themed payloads. 

In particular, they identified a sharp spike in tax-related phishing activity on March 14, 2025, with 16% of all phishing emails processed that day containing the word “tax” in the subject line. Interestingly, only 4.3% of these tax-themed phishing emails were sent from free email services.

Nearly half of all identified attacks (48.8%) originated from compromised business email accounts, while 7.8% leveraged the legitimate QuickBooks service, as observed in previous incidents. 

In this alert, the KnowBe4 Threat Labs dives into several different tactics that cybercriminals are employing including embedded QR codes, polymorphic subject lines, and lookalike email domains, as well as what organizations can do to respond to this heightened threat. 

Additionally, Chris Hauk, Consumer Privacy Champion at Pixel Privacy has provided the following commentary on the subject of tax season/tax day. 

“U.S. taxpayers need to stay alert for scammers that tell you to “pay now or else.” IRS agents do want to make you pay, but they will usually work with taxpayers and work out a reasonable payment schedule to pay their tax debt. Tax scammers posing as IRS agents may also threaten victims with arrest or deportation if they don’t immediately receive a “tax payment.””

“Make sure you use a reputable tax accountant to do your taxes. Don’t take “tax advice” from anyone on social media. In many cases, videos on social media try to convince viewers that they know of loopholes that can be used to avoid paying taxes, or misinform viewers about the number of exemptions they can claim.”

Stay safe out there.

Leave a comment »

Organizations Fix Less Than Half of All Exploitable Vulnerabilities, with Just 21% of GenAI App Flaws Resolved

Posted in Commentary with tags on April 14, 2025 by itnerd

Cobalt today announced its seventh annual State of Pentesting Report 2025, revealing that organizations are fixing less than half of all exploitable vulnerabilities, with just 21% of genAI app flaws being resolved. 

The Cobalt State of Pentesting Report aims to explore the landscape of vulnerabilities organizations battle today and identifies how security leaders’ understanding of their security posture can be contradicted by the number of unremediated threats in their organization. Based on an analysis of pentests carried out by Cobalt, combined with the results of surveyed security leaders, Cobalt found crucial discrepancies exist between how “safe” security leaders believe their organizations are versus the reality. 

Key findings include:

  • Over-confidence: 81% of security leaders are “confident” in their firm’s security posture, despite 31% of the serious findings discovered having not been resolved.
  • Too many findings left unresolved: Overall, firms are remediating just 48% of all pentest results, however, this number significantly improves (69%) for findings labeled serious (vulnerabilities rated high and critical severity). 
  • GenAI vulnerabilities are most vulnerable: Organizations are particularly struggling with vulnerabilities within their genAI Large Language Model (LLM) web apps. Most (95%) firms have performed pentesting on these apps in the last year with a third (32%) of tests finding vulnerabilities warranting a serious rating.
    • Of those findings, a mere 21% of vulnerabilities were fixed, with risks including prompt injection, model manipulation, and data leakage.
    • 72% ranked AI attacks as their number one concern–ahead of risks associated with third-party software, exploited vulnerabilities, insider threats, and nation state actors. 
    • Only 64% say they are “well equipped to address all security implications of genAI.”
  • Speed over security: More than half of security leaders (52%) say they are getting pressure to support speed at the cost of security.
  • Lack in software security assurance: Just half (50%) fully trust that they can identify and prevent a vulnerability from their software suppliers–a particular concern given that 82% are required by customers/regulators to provide software security assurance.

Methodology

The report analyzes two different datasets. The majority of analysis is based on data collected during Cobalt pentests. This is supplemented by insights collected via a survey by a third-party research firm, Emerald Research. All penetration testing data analyzed in this report was collected through Cobalt pentests. This spans more than 2,700 organizations. Metadata from these pentests was exported from the Cobalt Offensive Security Platform, sanitized to remove client-identifying and other sensitive details, and provided to Cyentia Institute for independent analysis. 

Leave a comment »

Millions of UK Healthcare Workers’ Records Exposed in Data Breach

Posted in Commentary with tags on April 14, 2025 by itnerd

vpnMentor just published a report about a major data breach discovered by cybersecurity researcher, Jeremiah Fowler, exposing nearly 8 million records contained in over 1TB of data and including UK healthcare workers’ passports, driver’s licenses, background checks, national insurance numbers, employment documents and some more.

You can find the full report here: https://www.vpnmentor.com/news/report-logezy-breach/

Leave a comment »

Guest Post – Windows 10 EOL: A danger for enterprises, the golden ticket for infostealers

Posted in Commentary with tags on April 14, 2025 by itnerd

Enterprises are dragging their feet with migrating to Windows 11, leaving millions of devices exposed to more effective infostealer attacks

Windows 10 will reach end of life on October 14, 2025, creating a critical security inflection point for businesses delaying migration to Windows 11. Findings from NordStellar, a threat exposure management platform, reveal that 59% of systems affected by infostealers in December 2024 still run Windows 10 — putting a large pool of machines at greater risk of effective attacks as the operating system eventually ceases to receive technical support.

“The number of systems affected by infostealers closely mirror the overall operational system market share — Windows 10 has been heavily targeted for years due to its popularity. However,  it will have an even bigger target on its back in the wake of its end of life, which will eventually create new vulnerabilities,” says Vakaris Noreika, a cybersecurity expert at NordStellar. “Once an operational system reaches this deadline, it no longer receives any security updates, vulnerability patches, or support from the software creator. These vulnerabilities are widely known and often exploited — infostealers can be coded to target these weaknesses more efficiently, resulting in more effective attacks against outdated systems.”

Businesses aren’t migrating fast enough

Market share data and NordStellar findings on systems affected by infostealers reveal that the Windows 11 adoption rate has been increasing since November 2024. Noreika points out that despite the growing numbers, the adoption rate is still too low at this point, meaning many enterprises are still at risk.

“Migrating to a new operational system takes time — based on the current adoption rate, we estimate that approximately 30-40% of systems may still be running Windows 10 when it reaches end of life in October, creating a substantial attack surface for cybercriminals,” says Noreika. “We saw a similar pattern of delayed migration with Windows 7. Six months until the operational system’s end of life, it held a 23% market share. When the deadline finally arrived in July 2020, its market share dropped by just 3%, lowering its dominance to 20%.”

Noreika says that almost five years later, Windows 7 holds a 2% market share and is still being targeted by infostealers, which successfully exploit the operational system’s vulnerabilities to compromise user devices and steal data.

The hefty hidden price of delayed migration 

According to Noreika, infostealers are just the tip of the iceberg regarding threats emerging from outdated operational systems vulnerabilities. Malware and new data exfiltration and exploitation techniques are some of the concerns enterprises should bear in mind if they’re still dragging their feet to migrate to Windows 11. 

“Considering just how many enterprises might still be running Windows 10 after its end of life, there’s a high possibility that we’ll see a growth in various cybersecurity incidents if businesses continue to delay migration. Outdated operational system vulnerabilities will act as a helping hand in increasing the effectiveness of cyberattacks that can result in data leaks. Taking into account the financial and reputational losses that come with a data breach, delaying migration can be a decision that eventually costs the company millions of dollars and their client’s trust, which will take years to regain,” Noreika says. 

Aside from accelerating migration efforts, Noreika highlights investing into cybersecurity awareness training for employees, building a comprehensive cybersecurity strategy, and keeping a close eye on the company’s attack surface and the dark web for potential data leaks as the key components in safeguarding the enterprise from cyberattacks. 

ABOUT NORDSTELLAR

NordStellar is a next-generation threat exposure management platform that enables companies to detect and respond to cyber threats before they escalate. NordStellar offers visibility into how threat actors work and what they do with compromised data. NordStellar was created by Nord Security, a globally recognized company behind one of the world’s most popular digital privacy tools, NordVPN. For more information, visit nordstellar.com.

Leave a comment »

Review: Samsung Galaxy S25 Ultra

Posted in Products with tags on April 14, 2025 by itnerd

I’ll get right to the point. The Samsung Galaxy S25 Ultra is the best phone money can buy right now. And you’ll need less money to score one as of last week when Samsung cut the price. Let’s start with the design of the phone itself.

It’s a flat sided phone just like every phone seems to be these days. The thing is, that it felt really comfortable to hold in my hand, and didn’t have any sharp edges that I could feel. And despite being a big phone, it didn’t feel big. The screen also has really thin bezels as well as being bright, clear and fluid. So far I have zero complaints.

The back is where things get interesting. The Galaxy S25 Ultra features a 200MP main camera, a 50MP ultra-wide lens, and two telephoto lenses (50MP with 5x optical zoom and 10MP with 3x optical zoom), along with a 12MP front camera. And these cameras are top shelf. Let me show you three photos. Starting with a 12 MP photo:

Followed by a 200 MP photo:

Both of these photos really look good and detailed. Let’s try something different. As in a photo where I did a semi – macro shot to get this picture:

There is some blur, but it’s pretty decent. How about zoomed in photos?

It’s a weird place to see a pair football cleats, but this photo is pretty clear. Here’s a lower light shot.

Again, there’s nothing to complain about when it comes to this photo. Let’s move over to video. Here’s a 4K HDR video for you to look at:

Followed by an 8K video:

Both videos look good. But I have to say that the 4K video looks sharper than the 8K video. Likely because the 8K video is shot at 30 fps which is what the max that this phone will do at this resolution. But I seriously don’t think you’ll complain.

I usually don’t do speed tests because they are kind of meaningless at this point. Phones in general are pretty fast these days with iPhones tending to be at the top of the food chain. But the S25 Ultra isn’t too shabby putting in a Geekbench single-core score of 2,099 and a multi-core score of 8,103 from the Snapdragon 8 Elite processor. As for all the AI stuff that the phone comes with, let me boil it down to this:

  • The now brief that gives you an overview of your day wasn’t useful to me.
  • Gemini was pretty good as it allowed for conversational AI that was useful to me. Plus I can use the camera to identify objects. That’s something that I did use a few times with good results. It also goes without saying that this destroys Apple Intelligence without trying too hard.

Let’s move over to some complaints if you want to call them that. I’ll start with battery life. This phone can make it through the day. But just barely. I suspect that it has to do with the fact that it has a 5000 mAh battery and the Snapdragon 8 Elite processor isn’t exactly power friendly. A bigger battery to take you late into the night would have been welcome. Then there’s the S Pen. Some have complained that because Bluetooth support in the S Pen is gone, that hobbles the S Pen. I disagree because in my week and a bit that I used the S25 Ultra, I never used the S Pen once. So I have to wonder should it even be there in the first place as I didn’t really encounter a situation where I needed to use it. Comment below and share your thoughts on that if you are an S Pen fan.

Finally, there’s the price. The starting price of the S25 Ultra is normally $1,918 with 256GB of storage. That is pretty pricey, but after last week’s price cut, I am guessing that this will spur sales. Which means that if you want an S25 Ultra, now would be a good time to get one. It has a great set of cameras, it has decent battery life, AI features that are useful, and a build that is top shelf. You honestly can’t go wrong with this phone.

Leave a comment »

Price Drop Alert: Galaxy S25 Ultra Now Available at a Reduced Price

Posted in Commentary with tags on April 11, 2025 by itnerd

Samsung has just announced a limited-time price drop on its flagship Galaxy S25 Ultra, known for its 200MP industry-leading camera system, all-day battery life, and sleek design. For a limited time, the device will be available for 35% offmaking it more accessible than ever for users looking to upgrade. 

With consumer interest in affordable premium devices on the rise, this move is part of Samsung’s broader push to make cutting-edge technology more accessible. 

The Galaxy S25 Ultra also pairs nicely with the Galaxy Tab S10 FE and Galaxy Book5 Pro in case someone wants to be “matchy matchy.”

1 Comment »

« Older Entries
Newer Entries »