Apple’s Siri Delay Has The Feel Of An AirPower Repeat… But The Stakes Are Higher This Time

Posted in Commentary with tags on March 9, 2025 by itnerd

On Friday, Apple put out a rare statement saying that the new Siri features including a more conversational Siri were being delayed. But perhaps it’s not a rare statement as they did something similar a few months ago with next generation CarPlay. Regardless it highlighted that Apple is in full catch up mode when it comes to their AI related ambitions with their competition is clearly far out in front of them.

This honestly feels like AirPower all over again where Apple announced it. Apple missed their 2018 ship date. Apple stopped talking about it. Then Apple killed it. Except that with their AI ambitions, they cannot quietly make this go away like they did with AirPower. They have to deliver something more than what they’ve delivered. Which to be frank has been underwhelming to date. And if that doesn’t change, Apple is done. That does sound over the top, but it’s not. Apple was late to the party when it comes with AI. But that was fine as Apple is often late to the party. And typically when they show up, whatever they ship is great. So they have maybe 6 – 12 months at most to show up to the party with something meaningful in the AI space that will start to claw back the ground that they have lost to companies like Google, Amazon and Samsung. And given their recent track record with next generation CarPlay and now AI, I question if Apple is capable of delivering something that will make this delay worth it for users. Though as always I am free to be proven wrong by Apple.

What are your thoughts? Is Apple done like dinner? Or are they going to deliver something spectacular in 6 – 12 months time? Leave a comment and let us know.

2 Comments »

Guest Post: She Leads, We Succeed

Posted in Commentary with tags on March 8, 2025 by itnerd

Ever noticed how communities thrive when women step up to lead? This International Women’s Day, we’re celebrating how female leadership can elevate not only individuals but entire societies.

Take Maria from São Paulo, who started a local tech initiative from her living room. Initially, resources were scarce, and support limited. Everything changed when Maria discovered how to leverage unused internet resources, turning idle bandwidth into a thriving revenue stream. Her success didn’t stop there—she reinvested earnings back into her community, funding education programs and digital literacy workshops.

“When women lead, we create lasting change for everyone,” Maria emphasizes. Her story highlights how empowering women with simple tools can create powerful results.

Emily Carter, an engineer at Repocket, agrees wholeheartedly: “Women’s leadership in technology is transformative. By harnessing overlooked resources like idle internet bandwidth, they can generate opportunities that uplift entire communities.”

Studies repeatedly show communities led or significantly influenced by women experience accelerated economic growth, stronger educational systems, and more equitable outcomes 1.

Want to support women leaders this International Women’s Day? Here’s how:

  • Support Women-Owned Ventures: Choose to engage with and support businesses founded or managed by women.
  • Promote Female Leadership: Advocate for equal representation in leadership roles across sectors.
  • Leverage Tech for Good: Explore ways you can use accessible technology to drive positive community change.

Because when she leads, everyone succeeds.

Leave a comment »

ESET Celebrates Tenth Anniversary of Women in Cybersecurity Scholarship, Expands 2025 Canadian Awards

Posted in Commentary with tags on March 8, 2025 by itnerd

ESET, a global leader in cybersecurity, today announced the anniversary of its Women in Cybersecurity North American Scholarship, launched in 2016 to support and empower women pursuing careers in cybersecurity. As part of its ongoing commitment to fostering diverse talent, ESET is expanding the program in Canada, increasing both the number and value of scholarships available to Canadian applicants.

For a decade, ESET North America has encouraged and uplifted women to pursue careers in cybersecurity, offering financial assistance to help achieve their aspirations. In solidarity with the 2025 International Women’s Day’s #AccelerateAction theme, the Women in Cybersecurity North American Scholarship program is expanding its scope this year with additional awards, enhanced evaluation criteria and a renewed focus on recognizing both technical excellence and emerging potential.

As a long-time advocate for cybersecurity and talent development in Canada, ESET has built strong relationships with key technology hubs, including the city of Markham. Over the years, ESET has received a wealth of strong candidates from Markham and the Greater Toronto Area, reinforcing the region’s reputation as a growing center for cybersecurity innovation. By investing in opportunities for aspiring cybersecurity professionals, ESET aims to support both local talent and the broader cybersecurity workforce.

Pioneering one of the first scholarships of its kind, Celeste Blodgett, Vice President of Human Resources at ESET North America, originated the program at the North American headquarters in San Diego to support women who want to go into technology fields. Bolstered by Celeste’s passion, the program has since awarded scholarships to more than 25 recipients in the U.S. and Canada, and has expanded globally to Australia, the United Kingdom and Singapore.

According to the 2024 Cybersecurity Workforce Study conducted by (ISC), women account for only 14.4% of the cybersecurity workforce, while men make up 79.6%. This stark imbalance underscores the critical need to bring more women into the profession, particularly as emerging technologies like generative AI continue to evolve. ESET is committed to fostering opportunities for women to lead in cybersecurity and AI, helping to bridge this gap and build a more balanced, innovative and equitable future. Diversity in AI development is essential to ensure these tools are ethical, secure and inclusive.

In 2025, ESET North America will award $45,000 in scholarships to support the next generation of cybersecurity professionals. Canadian students will have access to new and expanded awards, including two $5,000 Cybersecurity Trailblazer awards for applicants who demonstrate exceptional technical proficiency and a strong focus on cybersecurity. To mark the tenth anniversary, five new $1,000 Future Leader Awards will be introduced in Canada to recognize emerging talent with great potential in cybersecurity. In the U.S., three $10,000 scholarships will be awarded in the Cybersecurity Trailblazer Award Tier, including one dedicated to a recipient in San Diego, honouring the program’s origins.

The scholarship has already helped many women pursue careers in cybersecurity.

DETAILS AND HOW TO APPLY
Applications are now being accepted for the 2025 round, and submissions must be received by 11:59 p.m. PT on April 8, 2025. Applicants can learn more about the scholarships and submit their application by visiting our dedicated web pages. If you’re a Canadian student, apply here; if you’re a US student, you can apply here.

Questions? Email us at CA-scholarship@eset.com [Canada-only inquiries] or US-scholarship@eset.com [US-only inquiries] with any questions.

Leave a comment »

Today Is International Women’s Day

Posted in Commentary on March 8, 2025 by itnerd

Saturday, March 8, is the global celebration of International Women’s Day (IWD), and a reminder that many issues still impact women’s equality and progress. 

It is important to take action and acknowledge the incredible contributions of women across industries while pushing for real change. This year’s theme, Accelerate Action for Women’s Equality, emphasizes the need to do more than just include women’s voices—it’s about making sure they’re heard loud and clear, especially in tech and AI, where equal representation still has a long way to go. 

I’ve assembled some commentary from a variety of women who work in tech in order to get their perspectives on International Women’s Day:

Phyllis Rhodes, Director of Sales and Business Development at Parallel Works:

“International Women’s Day is more than just a celebration—it’s a call to action and a day to recognize the achievements of women across industries while also addressing the systemic barriers that still stand in the way of true equality. This year’s theme, Accelerate Action for Women’s Equality, highlights the urgency of ensuring that women’s voices are not just included but actively amplified in spaces where decisions are made, particularly in technology and artificial intelligence (AI). 

AI is shaping the future at an unprecedented pace, and it is crucial and beneficial that the voices that train these models are representative of the diverse world we live in. When AI systems are developed predominantly using content or voices that are homogenous or largely representative of the most dominant figures in a room, they risk reinforcing existing biases rather than breaking them down. Without a diversity of perspectives, these biases become amplified within AI models, perpetuating inequality instead of fostering inclusivity. To truly harness the power of AI for good, we must prioritize a broad range of voices, ensuring that women, along with other underrepresented groups, are actively involved in the training and development of these systems. 

A diversity of perspectives is not just a checkbox—it’s the foundation of innovation. The more viewpoints we bring to the table, the more dynamic and effective our solutions become. A team rich in varied experiences and views can generate more creative ideas, challenge ingrained biases, and ultimately lead to better, more informed, and more equitable technology. When we cultivate an environment that values different lived experiences, we open the door to progress that benefits everyone, not just a select few. 

Beyond AI, accelerating women’s equality means creating space for more women to be heard, valued, and respected in every industry. Lifting up younger women—amplifying their ideas, crediting their contributions, and mentoring them—ensures a stronger, more inclusive future. Too often, valuable insights go unnoticed simply because the voices behind them are quieter or less assertive in male-dominated spaces. Recognizing when someone may feel intimidated and making an effort to draw them into discussions is a simple but powerful way to promote equality. 

True progress requires active listening, intentional amplification, and a commitment to inclusivity at every level. By ensuring that AI, workplaces, and leadership structures reflect the diversity of the world we live in, we take tangible steps toward gender equality. The future of innovation depends on it.” 

Molly Presley, SVP Global Marketing at Hammerspace:

On Saturday, March 8th, the world celebrates International Women’s Day 2025. This day recognizes the accomplishments of women in different industries, particularly in tech, while acknowledging the continuing inequalities and injustices that exist.  

Molly Presley, a highly respected leader in the tech industry, shares her insights on navigating challenges and promoting advancement for women in the field. As someone who has broken through barriers and opened doors for future female tech leaders, she offers valuable perspectives on balancing progress and overcoming obstacles.  

“My tech career trajectory has been greatly influenced by exceptional leaders who have pushed me to achieve beyond my expectations. Although I had a solid technical background upon entering the industry, ascending to a senior executive role in tech marketing was not something I had anticipated. The key to my success has been the mentorship of others and my commitment to the job. This mentorship has refined my ability to pinpoint distinctive product attributes and effectively communicate with a varied audience.

Because a significant aspect of my journey has been mentoring women in technology and giving back to those who have mentored me, as my career advanced, I became actively involved with the ‘Women in High-Performance Computing‘ organization (WHPC). I currently serve as the Director of Communications and Outreach, where I have the opportunity to promote mentoring programs, curated resources, and job access that help women in HPC, and technical computing achieve their professional goals. 

“I strongly urge aspiring young women in the tech field to seek guidance from experienced professionals and engage in activities such as joining professional associations like WHPC. These communities provide essential support, educational resources, networking opportunities, and motivation necessary for achieving success in their chosen career path.

This year’s IWD theme is ‘Accelerate Action’ for gender equality. It is a worldwide call for strategies, resources, and activities that positively impact women’s advancement, support, and elevation of their implementation. It’s also a call for all of us, especially those in leadership positions, to step forward in solidarity and accelerate the rate of progress worldwide.

I strongly believe the path to accelerating action toward gender equality lies with visionary leaders who recognize that a diverse team that empowers female members is the key to success. Together, we can achieve remarkable accomplishments by fostering an environment that promotes empowerment and encouragement.”

Hope Wang, Senior Technical Marketing Manager, Alluxio:

“As an Asian woman in tech, I’ve witnessed firsthand the barriers women face in STEM fields, both in education and work. The journey toward equality continues, but I’m optimistic about how the AI revolution, which GenAI accelerates, is democratizing access to technical education by lowering entry barriers that have historically kept diverse voices out. AI tools are becoming great equalizers, opening doors for women to learn, create, and innovate on their own terms. 

This International Women’s Day, I celebrate how technology can amplify our voices and accelerate inclusion, creating pathways for more women like me to thrive in spaces where we’ve been underrepresented for too long. When we create inclusion through accessible technology, we forge a more equitable future for all women in STEM.”

Julia Astashkina, Senior Director of Growth, StarTree:

“On International Women’s Day 2025, the call to Accelerate Action resonates deeply with me, not just as a leader in tech, but as a mother raising the next generation. My daughter is growing up in a world where women continue to push boundaries in science, technology, and leadership, yet true equality remains just out of reach. I want her to see a future where opportunities aren’t delayed, biases don’t dictate outcomes, and progress happens in real time.

We can’t afford to wait for change to happen gradually. Progress requires action, not just words or promises, but tangible steps that create opportunities for women at every level. This means actively tracking representation, fostering mentorship, and ensuring women have well-defined, well-supported pathways to leadership. Change doesn’t happen in the background; it requires visibility, urgency, and commitment.

I want my daughter to grow up knowing she belongs in every room she enters. That requires all of us to take action now. Let’s stop waiting for progress and start accelerating it, ensuring that future generations inherit a world where inclusion isn’t an initiative, but a given.”

 Margaret Hoagland, VP, Global Sales & Marketing, SIOS Technology

“On this International Women’s Day, we celebrate the groundbreaking achievements of women who have shaped history. But let’s also honor the quiet victories—the moments of courage that paved the way for progress.

Let’s remember the women who refused to be silenced, who spoke up even when it was easier to stay quiet. The women who were the first in their companies to hold leadership positions. The only women in the room, who not only reached their professional goals but lifted others along the way with compassion and empathy. The women who taught us that the quietest voices are often the most powerful. Let’s remember the unsung women who have shaped the world we live in today in a thousand small ways. And because of them, we rise.”

Leave a comment »

Ransomware gang says it hacked a Virginia school district and stole data

Posted in Commentary with tags on March 7, 2025 by itnerd

Ransomware gang Fog yesterday claimed responsibility for a February 2025 data breach at Williamsburg-James City County Schools in Virginia. The group is demanding an undisclosed amount be paid in ransom in exchange for stolen data.

WJCC announced it was hit by a cyber attack on February 9 and that systems were restored by February 14. An investigation of the attack and what data was compromised is still ongoing, and WJCC has not publicly disclosed a data breach.

In a post on its website, Fog says it stole 27.7 GB of data from WJCC. The school district has not verified Fog’s claim.

We do not yet know what data was compromised, if WJCC did or will pay a ransom, how much Fog demanded, or how attackers breached WJCC’s network. Comparitech contacted WJCC for comment and will update this article if it replies.

Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote in a blog post:

“Fog is a ransomware gang that first started claiming attacks on its website in July 2024. It has a history of targeting US schools but is not limited to them. In addition to encrypting files, Fog also steals data and targets development environments, such as repositories stored on GitLab.”

“Fog has claimed 16 confirmed ransomware attacks since it began, plus another 155 unconfirmed claimed that have not been acknowledged by the targeted organizations. Of Fog’s six confirmed attacks in 2025, five were against schools.”

“So far in 2025, Comparitech researchers logged eight confirmed ransomware attacks against US schools, colleges, and other educational institutions. Ransomware attacks on schools and other education facilities can disrupt day-to-day operations such as taking attendance, submitting grades, phone and email communications, billing, payroll, and assignments. Ransomware attacks are often two-pronged: they lock down systems and steal data. Schools that refuse to pay can face extended downtime, lose data, and put students and faculty at increased risk of fraud.”

This is the second story today that involved a ransomware gang pwning an organization. This should highlight that this is a today problem and organizations need to immediately take action to not get pwned.

Leave a comment »

At least 36 US schools involved in data breach following ransomware attack

Posted in Commentary with tags on March 7, 2025 by itnerd

The ransomware gang known as Skira yesterday claimed responsibility for a December 2024 data breach at Carruth Compliance Consulting, a company which administers retirement savings plans. 

Comparitech reported that this breach led to at least three dozen school districts and colleges across the US–Carruth’s clients–reporting data breaches that compromised the personal data of more than 110,000 school employees.

Rebecca Moody, Head of Data Research at Comparitech commented: 

“Attacks like this highlight how far-reaching the impact of these data breaches via ransomware can be. A breach on one provider can affect multiple educational institutions, as we saw only too well with Blackbaud in 2020. Schools and colleges may have the best cybersecurity measures in place, but they’re only as good as the third parties they use.”

“It remains to be seen just how many schools have been affected by this attack, but we’ve found over 30 that have reported breaches so far. And with sensitive data involved, such as Social Security Numbers, schools need to act fast to ensure those affected are aware as soon as possible. We’d highly recommend people take up the offer of free credit monitoring and that they also remain vigilant for any phishing emails, calls, or text, and suspicious activities on their accounts.”

Paul Bischoff, Consumer Privacy Advocate at Comparitech adds:

“Ransomware attacks on US finance companies can lock down computer systems and steal data. Companies must then either pay a ransom or face extended downtime, data loss, and putting data subjects at increased risk of fraud. Ransomware can disrupt a wide range of operations including communication, financial transactions, access to stored files, and more.”

“Comparitech researchers logged 58 confirmed ransomware attacks on US finance companies in 2024, compromising 34.6 million records. The average ransom for a finance company is $1 million.”

“In addition to confirmed attacks, Comparitech tracked 151 unconfirmed claims against US finance companies in 2024, and 43 so far in 2025. These are claims made by ransomware groups but not acknowledged by the targeted organizations.”

While this isn’t the worst attack that I have seen, I would not be shocked if this does get worse. Because these sorts of attacks have a habit of starting out being not that bad. Then they get worse as more facts come to light. So be sure to bookmark this for updates as they become available.

Leave a comment »

Malvertising Campaign Leads to GitHub-Hosted Info Stealers

Posted in Commentary with tags on March 7, 2025 by itnerd

Microsoft has removed some undisclosed GitHub repositories leveraged in a massive malvertising campaign that affected nearly 1 million devices worldwide. The company had this to say:

In early December 2024, Microsoft Threat Intelligence detected a large-scale malvertising campaign that impacted nearly one million devices globally in an opportunistic attack to steal information. The attack originated from illegal streaming websites embedded with malvertising redirectors, leading to an intermediary website where the user was then redirected to GitHub and two other platforms. The campaign impacted a wide range of organizations and industries, including both consumer and enterprise devices, highlighting the indiscriminate nature of the attack.

GitHub was the primary platform used in the delivery of the initial access payloads and is referenced throughout this blog post; however, Microsoft Threat Intelligence also observed one payload hosted on Discord and another hosted on Dropbox.

The GitHub repositories, which were taken down, stored malware used to deploy additional malicious files and scripts. Once the initial malware from GitHub gained a foothold on the device, the additional files deployed had a modular and multi-stage approach to payload delivery, execution, and persistence. The files were used to collect system information and to set up further malware and scripts to exfiltrate documents and data from the compromised host. This activity is tracked under the umbrella name Storm-0408 that we use to track numerous threat actors associated with remote access or information-stealing malware and who use phishing, search engine optimization (SEO), or malvertising campaigns to distribute malicious payloads.

I have a number of comments on this. Starting with Ensar Seker, CSO at SOCRadar:

“The attackers used geofencing, device fingerprinting, and cloaking techniques to evade detection, which means the malicious payload is only delivered to targeted users, making it harder for security solutions to track and mitigate the campaign.

This campaign is likely part of a broader MaaS (Malware as a Service) ecosystem, where attackers use pre-built malvertising kits to distribute payloads like stealers, ransomware, and banking trojans. Malvertising has traditionally targeted Windows users, but with more professionals using macOS and Linux, we’ll see cross-platform payloads becoming more common.”

Roger Grimes, data-driven defense evangelist at KnowBe4 follows with this:

“It’s important to remember that despite the ingenuity and complexity of this malware dropper campaign, the victims still had to be socially engineered into executing the content on their system for their system to be compromised. They didn’t just see a (malicious) advertisement, click on it, and get compromised. No, they had been socially engineered into not only clicking on the ad, but then into approving the resultant prompts that then ran the malicious content (as long as they were fully patched). Seventy to ninety percent (70% – 90%) of all successful data breaches involve social engineering. A common type of social engineering is malicious advertising. Make sure your users are aware of how not every ad or internet search will lead them to a good place. In fact, these ads and Internet search returns often lead people to bad places. It’s something they need to be aware of.”

It’s good that Microsoft has taken action to take these repositories down. Hopefully they can maintain their vigilance to make sure that this doesn’t become a common occurrence.

Leave a comment »

KnowBe4 Researchers Uncover 36.5% Spike in Phishing Attacks Leveraging QuickBooks’ Legitimate Domain in 2025

Posted in Commentary with tags on March 7, 2025 by itnerd

KnowBe4’s Threat Research team has observed a growing proportion of phishing emails sent using the popular accounting software Intuit QuickBooks. The team has observed a 36.5% increase in the use of this platform since January 1, 2025.

To facilitate these attacks, cybercriminals are creating free accounts on the platform, which makes these attacks challenging for people to distinguish from genuine communications.

These attacks are part of a global trend of phishing emails being sent using legitimate platforms. These platforms are not compromised; cybercriminals create (usually free) authorized accounts, which are provisioned with email-sending privileges. From there, they simply create their attacks within the platform and hit ‘send’. This is much the same as creating free webmail email accounts (like Gmail or Hotmail), with the added benefit of leveraging the platform’s trusted brand and sender domain. 

Between January 1, 2022, and February 28, 2025, KnowBe4’s Threat Research team has seen a 376.6% increase in these types of attack, with a 43.6% increase in 2025 so far versus 2024.

You can read the research here.

Leave a comment »

Guest Post: Apple’s Encryption Rollback in the UK Puts International Users at Risk – Here’s Why 

Posted in Commentary with tags on March 7, 2025 by itnerd

By Vincentas Baubonis

Apple swore it would never build a backdoor. But by killing end-to-end encryption (E2EE) for UK users, it just left the door open. Under pressure from the British government, Apple quietly pulled Advanced Data Protection (ADP) – stripping UK users of their strongest defense against mass surveillance. Now, authorities can demand access to iCloud backups, something even Apple couldn’t touch before.

But here’s where it gets even messier: Apple didn’t just roll over – it fought back. Instead of complying with the UK’s sweeping demand for a built-in “back door,” Apple appealed. US officials are now investigating whether the UK violated the CLOUD Act.

Bad news for UK users? Absolutely. But here’s the real kicker: this isn’t just a UK problem. If people think their iCloud data is safe just because they don’t live in the UK, they might want to rethink that.

1. The UK just became the weakest link in Apple’s security model.

Encryption’s strength depends on its weakest point. By stripping UK users of ADP, Apple has created a jurisdiction where iCloud data is less protected by default. End-to-end encryption requires all participants to have ADP enabled to maintain the highest level of security. This means that any iCloud file, photo, or backup shared with a UK user is now more exposed than it would be elsewhere. 

By stripping UK users of ADP, Apple has created a high-value target for attackers. If UK iCloud data is no longer encrypted end-to-end, it’s more vulnerable to hacking, government surveillance, and legal demands. If that data is shared with a non-UK user, their data is also at risk – even if they still have ADP enabled.

Cybercriminals and state-backed hackers actively exploit low-security regions to gain footholds into global systems. Look no further than Russia’s 2020 SolarWinds attack, where attackers targeted less-secure systems to pivot into US federal networks. Creating an intentionally weaker iCloud environment in the UK gives adversaries an entry point that could be exploited to compromise data beyond British borders.

2. This creates a precedent for more governments to demand the same.

Governments worldwide are watching Apple’s move closely. If the UK can pressure Apple into rolling back encryption, other countries may demand similar concessions.

The FBI has long pushed for encryption backdoors, arguing that law enforcement needs access to private communications. In 2020, then-Attorney General William Barr pressured Apple to weaken encryption in the name of national security. The UK’s success gives US agencies leverage to try again.

The EU is currently debating legislation that could mandate message scanning in encrypted apps, including Apple’s iMessage. The UK’s demand will encourage lawmakers pushing for surveillance-based security policies.

Authoritarian regimes like China and Russia have previously sought access to Apple user data. If a democratic country like the UK can force Apple to roll back encryption, regimes with less regard for privacy will use this as justification for even harsher demands. Simply put: if Apple caves once, expect more governments to have similar requests.

3. Weak encryption could fuel the growing wave of cyberattacks. 

Encryption is a core cybersecurity defense. When end-to-end encryption is removed, data can become a bigger target for cybercriminals and state actors.

Last year’s numbers show how active cyber criminals are:

  • Mobile malware continued to rise – 6.7 million attacks involving malware, adware or potentially unwanted mobile apps were blocked in Q3 2024 by the Kaspersky Lab alone.
  • The average cost of a data breach reached 4.88 million USD.
  • Ransomware attacks surged, and nearly all the key numbers – ransomware gangs, targets and payouts – went up; for instance, the medium ransom payment skyrocketed from less than 199,000 USD in early 2023 to 1.5 million USD in June 2024.

4. Apple’s credibility on privacy is crumbling. 

Apple has long marketed itself as a privacy-first company. It famously fought the FBI’s demand to unlock an iPhone in the 2016 San Bernardino case, refusing to build a backdoor. But its decision to proactively disable ADP under UK pressure suggests that its commitment to encryption is negotiable when governments apply enough force.

Apple’s statement claimed it was “deeply disappointed” by the UK’s move, but disappointment doesn’t undo the damage. It appears that Apple doesn’t control its own encryption policies anymore – governments do.

What can users do?

If you’re a non-UK user, your data might still be protected – for now. You should approach Apple services with caution:

  • Avoid iCloud for sensitive backups – consider using encrypted alternatives like Proton Drive, Tresorit, or self-hosted storage.
  • Encrypt locally before uploading – use tools like Cryptomator to encrypt files before storing them in the cloud.
  • Follow legislative debates on encryption – policies like the UK’s could soon come to other countries.
  • Pressure Apple to resist further rollbacks – public outcry influences corporate decision-making. If users accept this, more encryption rollbacks will follow. In other words, the power to strengthen data security is also in users’ hands.

ABOUT THE EXPERT

Vincentas Baubonis is an expert in Full-Stack Software Development and Web App Security, with a specialized focus on identifying and mitigating critical vulnerabilities in IoT, hardware hacking, and organizational penetration testing. As Head of Security Research at Cybernews, he leads a team that has uncovered significant privacy and security issues affecting high-profile organizations and platforms such as NASA, Google Play, and PayPal. Under his leadership, the Cybernews team conducts over 7,000 pieces of research annually, publishing more than 600 studies each year that provide consumers and businesses with actionable insights on data security risks. 

Leave a comment »

Major Drop in Cobalt Strike Misuse Says Fortra

Posted in Commentary with tags on March 7, 2025 by itnerd

Two years ago, Microsoft, Fortra, and Health ISAC launched an aggressive takedown campaign to stop cybercriminals from weaponizing unauthorized versions of Cobalt Strike. Many questioned if the effort would work – and it has!

Today this is what they are seeing:

  • 80% reduction in unauthorized Cobalt Strike copies circulating in the wild
  • 200+ malicious domains seized to cut off cybercriminal access
  • Dwell time reduced to under a week in the U.S. (down from months)
  • Operation MORPHEUS: A global law enforcement collaboration shutting down 593 criminal infrastructure points across 27 countries

This initiative is now entering a new phase, with automated takedowns and tighter security controls, making it even harder for cybercriminals to exploit red team tools.

You can find out more details here.

Leave a comment »

« Older Entries
Newer Entries »