China’s Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days

Posted in Commentary with tags on March 12, 2025 by itnerd

A case study published yesterday has detailed the intrusion attributed to the notorious Chinese threat actor Volt Typhoon into the US electric grid. The threat actors had been in the Littleton Electric Light and Water Departments (LELWD) — a small public power utility in MA — network for over 300 days. 

Ensar Seker, Chief Security Officer at SOCRadar had this comment:

“This latest Volt Typhoon intrusion into the US electric grid is a serious escalation in cyber-enabled espionage, highlighting the vulnerabilities of critical infrastructure (CI) in the face of persistent threats from nation-state actors. The fact that Chinese hackers remained undetected for over 300 days inside a small public utility’s network is concerning, not only because of the extended dwell time but also because it reinforces the broader risks posed to larger, more complex CI networks.”

“This group is known for pre-positioning within US CI—not necessarily for immediate sabotage, but for future disruption scenarios. By embedding themselves in water and power utilities, they gain persistent access to industrial control systems (ICS) and operational technology (OT), which could be leveraged in a geopolitical crisis.”

“The 300-day undetected presence underscores the need for better visibility in ICS/OT networks. Traditional IT-centric security approaches often fail to detect threats in air-gapped or segmented OT environments until adversaries attempt lateral movement or trigger suspicious activities.”

“LELWD is a small public utility, but this attack demonstrates that threat actors don’t always go for high-profile targets first. Small, underfunded utilities can serve as low-hanging fruit, allowing adversaries to test tactics, develop footholds, and pivot toward larger targets.”

“With China’s continued focus on US CI, the long-term concern is that such intrusions could eventually transition from intelligence gathering to active disruption—potentially affecting power grids, water systems, or transportation networks in times of geopolitical tension.”

“Threat actors will increasingly compromise ICS security providers or managed service firms to gain access to multiple critical infrastructure targets at scale. This incident will likely lead to tighter US government scrutiny over critical infrastructure cybersecurity, pushing for mandatory threat hunting and network monitoring in OT environments.”

“Since traditional security tools struggle in air-gapped OT environments, the adoption of AI-driven anomaly detection will become a priority for utilities to identify stealthy intrusions earlier.”

Volt Typhoon is a today problem that needs immediate action at multiple levels. Sadly that doesn’t seem to be happening which means that this threat actor, and ones like them are just going to cause trouble for the foreseeable future.

UPDATE: James McQuiggan, Security Awareness Advocate at KnowBe4 adds this comment:

“Nation-state cyber actors continue to breach and gain access to critical U.S. infrastructure facilities and embed themselves, monitoring operations and preparing for future leverage or disruption.”

“The Volt Typhoon operation and other similar operating groups are evidence that the U.S. could enter into a cyber Cold War, with the enemy on the other side of the world going undetected for months while they exploit IT-OT gaps in an organization’s cybersecurity technology or users.”

“Organizations must move beyond passive monitoring to proactive threat hunting and network segmentation, and they must leverage the various intelligence sharing groups to work towards disrupting these persistent threats.”

“Cybersecurity is a continuous risk reduction effort with updated defense-in-depth cybersecurity initiatives to force adversaries to adjust constantly. Additionally, critical infrastructure must improve its resiliency to guard the nation’s infrastructure.”

UPDATE #2: Ted Miracco, CEO, Approov had this comment:

  “Volt Typhoon’s 300-day foothold in the U.S. electric grid was a blueprint for future sabotage. Against nation-state actors this sophisticated, only a Zero Trust, intelligence-driven defense can outmatch their persistence. Assume compromise, segment ruthlessly, and hunt threats before they strike.”

Evan Dornbush, former NSA cybersecurity expert follows with this:

  “Attackers have an unfair and perpetual advantage because they monopolize output from the vulnerability research community. Until defenders can effectively engage the audience that produces the zero day exploits attackers rely on, defenders will always be reacting post-attack rather than taking proactive measures.

  “The re-emergence of network threat detection is critical in adversary discovery. While overall I’m an AI skeptic, if there’s one area that continues to show promise, consider investing in AI-based NDR solutions, which Dragos’ marketing team reminds us can be very effective at picking out lateral movement and other abnormal traffic from your network, far more efficiently than log file analysis.”

Leave a comment »

Guest Post: Canadian Business Travel Bookings Increased 4% for Domestic Flights, 8% for International Flights in 2024

Posted in Commentary with tags on March 12, 2025 by itnerd

Global travel has shown a significant rebound, with volume nearing pre-pandemic levels. A development, that at SAP Concur, we’ve seen in a rebound in business travel bookings. “Overall, Canadian domestic air travel volume for business trips is up 4 per cent, year over year,” said Brian Veloso, Managing Director at SAP Concur Canada. “The return to business travel is driven by business travelers’ enthusiasm. The most recent SAP Concur Global Business Travel Survey revealed that 76 per cent of global business travelers enjoy business travel and 67 per cent feel it’s critical for career advancement.”

To get a sense of the state of business travel, SAP Concur analyzed domestic and international air travel bookings in Concur Travel between January 1, 2024, and December 31, 2024, and compared airfare and overall travel volume to the same timeframe in 2023.

It found: 

Year-Over-Year Travel Volume

MonthDomesticInternational
January+9%+15%
February+8%+15%
March-7%-3%
April+11%+14%
May-1%+5%
June-5%-2%
July+14%+14%
August+5%+3%
September+8%+8%
October+5%+10%
November-2%+2%
December+12%+14%

The above chart reflects the percent difference in total bookings year over year (comparing 2023 and 2024)

  • Overall Canadian domestic travel volume is up nearly 4% year over year. January, February, April, and July were popular months for business travel.
  • International travel saw a 7.83% increase year-over-year, with significant growth in January, February, April, and December.
  • Overall Canadian travel volume increased nearly 8% year over year. International travel volume increased most months in 2024. Like with domestic travel, January (15%), February (15%), April (14%), July (14%), and December (14%)

2024 Travel Volume

  • January marked the busiest month for domestic business travel in Canada, as travelers resumed business activities after the holiday season.
  • December had the largest year-over-year increase for both domestic and international travel, reflecting renewed confidence in business travel.
  • Summer months (June and July) saw contrasting trends, with a drop in domestic airfare demand in June, but a strong rebound in July.

Domestic Airfare

MonthAverage Fare (CAD)YoY Difference
January$574+1%
February$654+6%
March$667+10%
April$630+6%
May$620+4%
June$619-3%
July$589-8%
August$579-3%
September$605-1%
October$598-1%
November$619+1%
December$579-4%



The above chart reflects the percent difference in airfare year over year (comparing 2023 and 2024)

  • Canadian domestic airfare fluctuated throughout the year, with the highest increase in March and the lowest in July and December.
  • The cost of Canadian domestic flights decreased in mid-year months (June to August), making summer a more affordable time for business travel.

International Airfare Trends

MonthAverage Fare (CAD)YoY Difference
January$998-3%
February$1,131+1%
March$1,109+1%
April$1,088+1%
May$1,078-4%
June$1,102-6%
July$1,059-6%
August$1,015-9%
September$1,061-5%
October$1,048-2%
November$1,056+8%
December$996-2%


The above chart reflects the percent difference in airfare year over year (comparing 2023 and 2024)

  • Canadian International airfare decreased in the first half of 2024, particularly in the summer months (June to August), making it a more affordable time for global business travel.
  • Fares remained relatively stable in the second half of the year, with a notable increase in November, aligning with peak business travel periods.

The Future of Business Travel in Canada

Business travel volumes in Canada are approaching pre-pandemic levels, demonstrating the resilience of corporate travel. Domestic travel remains strong, and international travel has stabilized with increasing demand. As inflation pressures ease, we anticipate further normalization of travel costs. At SAP Concur, we are excited about the continued evolution of business travel and remain committed to supporting Canadian business travelers on their journeys.

Methodology: SAP Concur analyzed travel booking data from Canada-based travelers in Concur Travel between January 1, 2023, and December 31, 2024.

Leave a comment »

IDEMIA Public Security Secures Its Leadership in the Market with #1 Rankings on all Fingerprint Related Benchmarks

Posted in Commentary with tags on March 12, 2025 by itnerd

IDEMIA Public Security once again secures its leadership in the market with #1 rankings on all fingerprint related benchmarks, including the Evaluation of Latent Fingerprint Technologies (ELFT), in the latest National Institute of Standards and Technology’s (NIST) results. These industry-leading advancements enable law enforcement agencies, border security, and emergency response teams to enhance their operations with greater accuracy and speed.

By achieving a #1 ranking in the Evaluation of Latent Fingerprint Technologies, IDEMIA Public Security showcases their continued outstanding leadership in NIST rankings, which represent the global benchmark and emphasize the need for transparent technology solutions among the industry. IDEMIA’s technology continues to power critical safety and security applications, from forensic investigations to rapid identity verification in high-stakes scenarios.

IDEMIA ranked #1 in the following categories:

  • Evaluation of Latent Fingerprint Technologies (ELFT): Evaluations assess the accuracy of latent fingerprint identification (both fully automated or using features marked by experienced human latent fingerprint examiners) to evaluate the current state-of-the-art. Improving the accuracy of latent fingerprint identification enhances forensic investigations, enabling law enforcement to solve criminal cases more efficiently.
  • Proprietary Fingerprint Template (PFT): Evaluations assess the accuracy of end-stage fingerprint matchers to assess the core algorithmic capability of performing one-to-one fingerprint verification. This strengthens national security by ensuring seamless one-to-one fingerprint verification, which is critical for border control and secure access management.
  • Minutiae Interoperability Exchange (MINEX): Evaluations assess the performance of fingerprint matching software using interoperable minutiae-based fingerprint templates, measuring the effectiveness of various fingerprint verification algorithms. In real-life this ensures interoperability between different biometric systems, allowing agencies to collaborate more effectively across jurisdictions and intelligence networks.
  • Slap Fingerprint Segmentation (SlapSeg): Evaluations assess the accuracy of algorithms used to segment slap fingerprint images into individual fingerprint images. With accurate algorithms, law enforcement and immigration authorities can be confident in their process and verification of identities at border crossings, airports, and correctional facilities, and can do it at faster speed
  • NIST Mobile Fingerprinting Innovation Technology Challenge (mFIT): Evaluations advance mobile fingerprint capture technologies by building and demonstrating prototype applications to serve field applications. This provides law enforcement officers with critical field capability for fast field identification through the use of commercial, standard issue smartphones.

These latest rankings follow IDEMIA Public Security’s #1 ranking in fairness in Facial Recognition Technology Evaluation (FRTE) and Age Evaluation Verification (AEV) in November 2024. These achievements further underscore IDEMIA’s commitment to advancing biometric technology in ways that protect civil liberties while strengthening security measures.

IDEMIA’s solutions continue to set new industry benchmarks in accuracy, fairness, and user experience, ensuring that security agencies worldwide have the most reliable and efficient biometric tools at their disposal. For more information on IDEMIA’s public security solutions and products, click here.

Leave a comment »

Over 110,000 iOS apps expose user data research finds

Posted in Commentary with tags on March 12, 2025 by itnerd

Apple’s App Store is considered the gold standard for security, but Cybernews researchers analyzed 156,080 randomly selected iOS apps – around 8% of the apps present on the App Store – and uncovered a massive oversight: 71% of them expose sensitive data, including API keys, cloud storage credentials, and financial information.

The security of iOS apps remains under-researched, and this is the first research of this kind at scale. 

Key findings of this research:

  • Over 816,000 secrets were found, with an average of 5.23 exposed secrets per app.
  • Out of 94,240 storage bucket instances found hardcoded in iOS applications (with some apps containing multiple storage bucket endpoints), 836 of these endpoints (0.89%) were accessible without authentication, exposing 406TB of user files, personal data, and documents.
    • If you were to stream HD video, 406TB would allow you to watch for approximately 17 years of non-stop HD content.
  • 2,218 Firebase instances (4.34%) had misconfigured authentication, leaking 19.8 million records (33GB of data), including user session tokens and backend analytics, almost all of these instances hosted in the US.
    • This is the equivalent of 16 million photos from an iPhone.
  • More than 51,000 apps misuse Google’s Firebase database, making user data vulnerable to easy theft.
    • That’s more than the number of Starbucks locations worldwide – each one representing an app where sensitive data is at risk.

Potential consequences: 

  • Mass-scale exploitation: attackers can rapidly scan millions of apps, compromising multiple companies – including major multinationals with billions of users – in a short time.
  • User tracking and service manipulation – thousands of leaked security keys could allow hackers to track users, alter app functionality, or disrupt services.
  • Financial and data theft: some leaks are severe enough to let attackers make unauthorized payments, issue refunds, or access private messages.

Methodology

The researchers analyzed iOS app versions available from October 2-16, 2024 using OSINT and Reverse Engineering techniques. Without de-obfuscating or decompiling, researchers found a massive number of plaintext secrets stored in IPA archives. They also examined cloud bucket and Firebase endpoints for authentication gaps. The research was conducted between July 2024 – January 2025.

What are hardcoded secrets? 

They are sensitive pieces of information – like passwords, API keys, or encryption keys – that are embedded directly into an app’s code instead of being stored securely. This makes them easy for hackers to find and exploit, potentially leading to data breaches, unauthorized access, and financial fraud.

Why this matters:

  • Consumer impact – this affects everyday iPhone users who trust Apple to keep their data safe.
  • Corporate accountability – Apple’s reputation is built on security – how did this massive oversight happen?
  • National security risks – with a lot of the exposed data hosted in the US, the implications go beyond individual users to businesses and even government entities.

Please find the full Cybernews research article here

1 Comment »

Lazarus Strikes npm Again With New Wave of Malicious Packages

Posted in Commentary with tags on March 12, 2025 by itnerd

Researchers have discovered North Korea’s Lazarus Group once again infiltrating the npm ecosystem. This time Lazarus is deploying six new malicious packages, which have been downloaded 330 times. The packages are designed to compromise developer environments, steal credentials, extract cryptocurrency data, and deploy a backdoor.

You can go into the weeds by reading this: https://socket.dev/blog/lazarus-strikes-npm-again-with-a-new-wave-of-malicious-packages

Ensar Seker, CSO at cybersecurity company SOCRadar had this comment:

“This attack follows their well-documented pattern of targeting developers and software supply chains to infiltrate organizations. Lazarus has previously compromised trading platforms, financial institutions, and software repositories to distribute backdoors and credential stealers. Malicious npm packages are a particularly effective attack vector because developers often trust open-source repositories without thorough scrutiny. Attackers are embedding malicious code in dependencies, ensuring the malware spreads every time an unsuspecting developer installs or updates the package.

The fact that these packages are designed to steal cryptocurrency-related data aligns with North Korea’s state-backed cybercrime objectives, which involve financial theft to fund regime activities. Lazarus has a long history of targeting crypto wallets, exchanges, and fintech companies. Once installed, these backdoored packages could give Lazarus access to developer credentials, SSH keys, and cloud access tokens, allowing lateral movement across entire organizations, not just individual victims.

Attackers will shift further upstream, embedding malware in popular CI/CD tools, container images, and code repositories, making it harder to detect. They use AI to automate malicious package creation, obfuscate payloads, and dynamically evade detection in package repositories.

They may also poison internal package registries or execute dependency confusion attacks, where private company packages are mimicked in public repositories. Security teams will be forced to adopt stricter SBOM (Software Bill of Materials) practices, conduct routine package audits, and limit dependencies to trusted sources.”

Security teams need to work with developers to cut off this method of entry for groups like Lazarus. Otherwise, you’ll start to see that it will be difficult if not impossible to stop threat actors from going wild so to speak.

UPDATE: Jim Routh, Chief Trust Officer at cybersecurity company Saviynt, commented:

“Sophisticated threat actors are pivoting from 0-day vulnerability exploitation to the harvest of log-in credentials monetized in various ways through various criminal organizations as a method for increasing persistence.

The discovery of the six malicious packages uncovered by the Socket Research team confirms this shift in tactics. The discovery of similar evidence found on GitHub and PyPi reinforces the business case for enterprises to increase their commitment to:

  1. Improve authentication, moving away from OTP and toward passwordless options readily available today
  2. Recognize that Identity Security is a great deal more today than provisioning and deprovisioning. It is an opportunity to use account activity data to both establish risk profiles for all users (internal and external) and to enable triggers from pattern deviation applied directly to automated workflow representing risk management and remediation without depending on humans
  3. Increase investment in privilege user management (PAM) adding behavioral data to continuously verify privilege users by their patterns and revoking privilege based on pattern deviation that meets a threshold
  4. Revoke all user entitlements not used within 90 days to shrink the attack surface and lower operating costs
  5. Harvest identity security intelligence to recognize bad actor behaviors (internal and external) and initiate automated risk management workflow
  6. Give your cloud service providers your enterprise requirements for authentication rather than accepting what they determine to be the norm”

Leave a comment »

ServiceNow Yokohama release empowers businesses to navigate complexity withenhanced automation, stronger governance, and seamless workflow intelligence

Posted in Commentary with tags on March 12, 2025 by itnerd

ServiceNow today unveiled the Yokohama platform release, advancing automation, governance, and workflow intelligence to help businesses navigate operational complexity.

With this release, organizations can accelerate application development, improve workflow performance, and enhance customer experiences—all while maintaining the highest standards of governance and security. From ServiceNow Studio, which provides a unified workspace for rapid application development and governance, to enhanced self service portals which enable customers to conveniently configure and place orders, these innovations simplify complexity and drive efficiency. Service Observability also ensures business resilience through AI-driven insights so organizations can meet the growing demand for enterprise-wide visibility—all within a single, secure platform.

The 2024 Gartner® Digital Worker Survey found that over 60% of digital workers are streamlining work with basic automation and using analytics to build customized dashboards to support business decisions. With the Yokohama release, ServiceNow is reducing complexity and inefficiencies so businesses can strengthen decision making, improve experiences, and accelerate productivity.

From no-code to AI agents, ServiceNow Studio simplifies enterprise automation

Speed and scale define modern business—but fragmented tools slow innovation, and siloed solutions lead to governance issues and workflow inconsistencies. The opportunity comes from building AI-powered, enterprise-grade solutions that connect teams, automate workflows, and
ensure security by design.

ServiceNow Studio is a unified, AI-powered environment that revolutionizes development on the ServiceNow Platform for no-code, low-code, and pro-code developers. With built-in support from Now Assist, ServiceNow Studio accelerates application development with intuitive, easy-to use tools that enhance collaboration and streamline automation. Developers can work seamlessly across projects by managing all metadata in one place with cross-scope editing and confidently deploy changes with developer-friendly update set management.

Expanding on ServiceNow’s AI Agent innovations, it integrates with AI Agent Studio, enabling developers to design both apps and AI agents in one experience. Together, these capabilities automate reviews, approvals, and application changes all enabled by the seamless data integration of ServiceNow Workflow Data Fabric for fully governed, enterprise-wide data connectivity. By centralizing tools, best practices, and AI-driven workflows, ServiceNow Studio empowers businesses to scale automation, collaborate more effectively, and turn innovation into real
impact.

Additionally, new GenAI-powered skills further help developers automate work to accelerate testing, optimization, and deployment. RPA bot generation allows companies to use natural language to create bots, democratizing development; app summarization adds AI-generated summaries to app descriptions to check for duplicate apps and evaluate for deployment; and Automated Test Framework (ATF) generation simplifies application testing with automated testing scenarios that improve quality, reliability, and performance. By continuing to release new skills that deeply embed AI directly into the development process, ServiceNow enables teams to build, test, and optimize applications with speed and intelligence.

Make sales cycles seamless with smarter ordering solutions

Traditional CRM systems have failed to deliver the flexibility and efficiency businesses need to drive real-time, seamless end-to-end experiences that meet modern customer expectations. Sales and support teams spend excessive time manually processing orders, responding to repetitive inquiries, and tracking customer issues—often leading to delays and dissatisfied customers.

ServiceNow Sales and Order Management (SOM) is addressing this challenge. Built on ServiceNow’s AI Platform, SOM unifies the ability to configure, price, and quote with order management and fulfillment to accelerate sales cycles, streamline operations, and deliver seamless, proactive service.

Self service commerce portals make it even easier for companies to drive revenue by allowing customers to configure products, place orders, and track status instantly and at any time— without the need to engage sales or support teams at every step. By reducing friction in the purchasing process, businesses can decrease order abandonment, increase transaction volume, and capture revenue faster. With sales, fulfillment, and support functionality on a single platform, businesses can deliver exceptional, connected experiences while freeing up teams to focus on customer relationships.

Enhancing service operations with intelligent observability

Service Observability, part of ServiceNow IT Operation Management (ITOM), gives organizations a single solution to manage and act on insights across their entire observability ecosystem. Many enterprises rely on dozens of monitoring and observability tools, creating complexity and blind spots. Service Observability brings together information from any source, using AI-driven insights to pinpoint root causes faster, quantify business impact, and resolve issues before they escalate.

With Service Observability, IT teams get a unified, AI-powered hub that integrates seamlessly with their existing solutions. AI-driven automated workflows allow organizations to reduce downtime, eliminate guesswork, and align service operations with business outcomes. Service Observability delivers real-time intelligence that helps organizations move from reactive troubleshooting to proactive problem-solving.

A platform that redefines work

With the Yokohama release, ServiceNow reinforces its leadership as the AI platform for business transformation—delivering scalable and intelligent automation and workflows that drive real business impact. By equipping businesses with tools to accelerate development, enhance observability, and streamline sales and order management, ServiceNow continues to lead in helping enterprises boost productivity and drive operational efficiency.

These innovations—along with ServiceNow’s additional advancements in agentic AI announced today as part of the Yokohama release—help organizations achieve greater resilience in an increasingly dynamic world.

All features announced today are generally available and can be found in the
ServiceNow Store.

Leave a comment »

ServiceNow’s latest platform release adds to thousands of AI agents across CRM, HR, IT, and more for faster, smarter workflows and maximum business impact

Posted in Commentary with tags on March 12, 2025 by itnerd

ServiceNow today announced the Yokohama platform release, unleashing new AI agents across CRM, HR, IT, and more, for faster, smarter workflows and maximum, end-to-end business impact. These latest innovations include teams of preconfigured AI agents that deliver productivity and predictable outcomes from day one, on a single platform, as well as capabilities to build, onboard, and manage the entire AI agent lifecycle. Because data fuels AI, the company also announced expansion of its Knowledge Graph with advancements to its Common Service Data Model (CSDM) to break down barriers among data sources for more connected AI agents.

According to Gartner®, “By 2028, 40% of CIOs will demand “Guardian Agents” be available to autonomously track, oversee, or contain the results of AI agent actions,” underscoring the growing need for a coordinated, enterprise-wide approach to AI deployment and management. As businesses race to unlock the full potential of agentic AI, ServiceNow serves as the AI agent control tower for enterprises, with solutions that eliminate common roadblocks like data fragmentation, governance gaps, and real-time performance challenges. Unlike other AI providers that operate in silos or require complex integrations, ServiceNow AI Agents are built on a single, enterprise-wide platform, helping ensure seamless data connectivity with Workflow Data Fabric. By providing a single view of all workflows, AI, and automation needs, ServiceNow enables companies to seamlessly coordinate thousands of AI agents across CRM, IT, HR, finance, and more, enabling total enterprise-wide visibility and control.

ServiceNow AI Agents are now available to radically accelerate productivity at scale

Enterprise leaders are moving beyond experimentation, demanding AI solutions that drive real outcomes. ServiceNow’s AI capabilities generate insights that power AI agent reasoning, planning, learning, and orchestration, equipping businesses to more rapidly achieve impactful goals.

New ServiceNow AI Agents are available today and ready to help businesses accelerate productivity, streamline operations, and drive real outcomes for enterprise-wide use cases. For example:

  • Security Operations (SecOps) expert AI agents transform security operations by streamlining the entire incident lifecycle, eliminating repetitive tasks and empowering SecOps teams to focus on quickly stopping real threats.
  • Autonomous change management AI agents act like a seasoned change manager, instantly generating custom implementation, test, and backout plans by analyzing impact, historical data, and similar changes—ensuring seamless execution with minimal risk.
  • Proactive network test & repair AI agents operate as AI-powered troubleshooters that automatically detect, diagnose, and resolve network issues before they impact performance.

Simplify AI agent management for a more streamlined lifecycle

ServiceNow AI Agent Orchestrator and AI Agent Studio are also now generally available with expanded capabilities to govern the complete AI agent lifecycle—from building AI agents, to onboarding and monitoring their performance, to ensuring enterprises realize the value they need. This includes:

  • Enhanced onboarding capabilities through AI Agent Studio to streamline the setup process with guided instructions, making it easier than ever to design and configure new AI agents using natural language descriptions.
  • Expanded performance management capabilities within ServiceNow’s overall agentic AI framework include an analytics dashboard for visualizing AI agent usage, quality, and value. Agentic AI workflows are seamlessly tied to business KPIs so administrators can more easily track AI agent performance and ROI.

Connect, understand, and take action with data solution advancements

At the foundation of the ServiceNow Platform is Workflow Data Fabric, enabling AI-powered workflows that integrate seamlessly with an organization’s data, regardless of the system or source. Workflow Data Fabric enables businesses to gain deeper insights through AI-driven contextualization and decision intelligence while automating manual work and creating process efficiencies.

New in the Yokohama release, ServiceNow continues to expand its Knowledge Graph data capabilities with enhancements to its Common Service Data Model (CSDM). CSDM provides a standardized framework for managing IT and business services that accelerates quick, safe, and compliant technology deployments. By unifying hundreds of technology categories, systems, and processes under one clear model, CSDM empowers organizations to implement and scale technology with confidence. With this latest update, customers gain a unique advantage: the ability to orchestrate seamless hand-offs between both AI and live agents, ensuring work flows effortlessly across teams. Built-in governance and audit-ready data provide transparency and trust, so businesses can continue at the pace of innovation while maintaining compliance.

All features announced today are generally available and can be found in the ServiceNow Store.

Leave a comment »

Apple Drops Software Updates Today… And Forcibly Turns On Apple Intelligence AGAIN…. WTF?

Posted in Commentary with tags on March 11, 2025 by itnerd

When iOS 18.3 dropped, users who had turned off Apple Intelligence found out very quickly that the software update turned it back on without their permission. At the time I said this:

This is the single dumbest thing that Apple has done in a very long time. I say that because you should be able to opt into things rather than be forced to opt out. And with something like Apple Intelligence which is AI by another name, users shouldn’t be forced into running it if they are not comfortable with the implications of running AI on their devices.

Well, Apple has now done it twice because the company has dropped software updates that fix a security issue that is in the wild, which is good. But at the same time they have once again turned on Apple Intelligence on devices that didn’t have it on.

Like WTF Apple? Can you not respect users and the choices that they make? I guess not because you’ve now done this twice. Are you so desperate to get any sort of adoption of your half baked AI that you’re willing to emulate Microsoft to achieve that goal? How about putting out an AI that people find value in and maybe then people will turn it on. Until you do that, stop trying to turn it on every time you push a software update and prove that you’re better than the behaviour that you’re displaying right now.

1 Comment »

KnowBe4 Research Reveals a Confidence Gap in Cybersecurity, Leaving Organizations at Risk

Posted in Commentary with tags on March 11, 2025 by itnerd

KnowBe4 today released new research indicating that while 86% of employees believe they can confidently identify phishing emails, nearly half have fallen for scams. The study, which surveyed professionals across the UK, USA, Germany, France, Netherlands, and South Africa, reveals a growing gap between confidence and competence in identifying cyber threats.

Notably, South Africa leads with both the highest confidence levels and the highest scam victimization rate, suggesting that misplaced confidence can create a false sense of security, leaving employees more susceptible to advanced cyber threats. Beyond training, the report highlights the importance of fostering a transparent security culture. While 56% of employees feel “very comfortable” reporting security concerns, 1 in 10 still hesitate due to fear or uncertainty.

Key findings from the survey include:

●      86% of employees believe they can confidently identify phishing emails.

●      24% have fallen for phishing attacks.

●      12% have been tricked by deepfake scams.

●      68% of South African employees reported falling for scams—the highest victimization rate.

The survey findings emphasize the critical need for personalized, relevant, and adaptive training that caters to employees’ individual needs while considering regional influences and evolving cyber tactics. Organizations that prioritize this approach will not only reduce risk but also cultivate a genuine security-first culture. In the battle against digital deception, the most dangerous mistake employees can make is assuming they are immune.

The survey findings, “Security Approaches Around the Globe: The Confidence Gap,” is available for download here.

Leave a comment »

Thousands of Health Tech Company Records Exposed Online

Posted in Commentary with tags on March 11, 2025 by itnerd

A significant data exposure involving ESHYFT, a New Jersey-based health tech company, was recently uncovered by cybersecurity researcher Jeremiah Fowler and reported to Website Planet.

What happened:
non-password-protected database containing over 86,000 records totaling 108.8 GB in size was exposed. The records include personally identifiable information (PII) such as scans of identification documents like driver’s licenses and social security cards, salary details, work history and more.

Why it matters:
This exposure presents serious risks, such as identity theft, employment fraud, financial fraud, or targeted phishing campaigns. These risks could impact healthcare professionals as well as the facilities that employ them.

You can find a report on this here: https://www.websiteplanet.com/news/eshyft-report-breach/

1 Comment »

« Older Entries
Newer Entries »