Black Kite’s 2026 Third-Party Breach Report Identifies Risk Concentration as the Primary Catalyst for Global Cascading Failures

Posted in Commentary with tags on March 3, 2026 by itnerd

Black Kite today announced the release of its seventh annual Third-Party Breach Report, which analyzes third-party data breaches in 2025, including how they occurred, organizational impact, and structural conditions shaping third-party cyber risk at scale. The report found 136 unique major incidents, affecting 719 companies, plus an estimated 26,000 additional impacted companies that were not officially named.

Black Kite’s report examines the supply chain’s interconnectedness and vulnerabilities by evaluating last year’s key third-party breach events and dominant trends, the cyber posture of approximately 200,000 monitored companies on the Black Kite platform, and the concentration risk among the top 50 most relied upon third parties within the Forbes Global 2000 ecosystem.

2025 Incidents and Impact

2025 saw a surge in verified incidents with 136 major events. However, what stood out is not that companies were breached, but rather, a significant “shadow layer” emerged behind aggregate disclosures. In fact, while 719 companies were publicly named as victims, approximately 26,000 additional impacted companies were affected but never officially named.  At the individual level, publicly disclosed figures point to 433 million impacted people.

In 2025, we saw an average of 5.28 downstream victims per third-party breach, the highest level observed to date (2.56 in 2024, 3.09 in 2023, 4.73 in 2022, and 2.46 victims per incident in 2021). This uptick reflects a sharp increase in the scale and coordination of attacks, driven by threat actors targeting shared platforms, centralized services, and high-dependency vendors. As attackers move upstream, single compromises increasingly translate into multi-company impact.

The visibility gap is further exacerbated by a persistent “Silent Window”: while the median time to detect an intrusion was 10 days, the median delay to disclose that breach to the public was 73 days. This delay represents a massive transfer of risk from the vendor to the unsuspecting downstream customer.

Key findings include:

  • Verified incidents surged to 136 events, with 719 named victim companies, and a much larger hidden layer behind aggregate disclosures
  • Publicly disclosed impact reached 433 million people, while vendors reported approximately 26,000 additional affected companies without naming them
  • Detection is slow, disclosure is slower, with median detection at 10 days (79 events with timeline data) and median disclosure lag of 73 days (average 117)

What the Third-Party Ecosystem Looks Like

Across a baseline of approximately 200,000 monitored organizations, randomly selected to understand the current state of the industry, the ecosystem appears healthy on paper with an average Cyber Grade of 90.27 (A). While a high average grade indicates that many organizations meet standard control expectations and compliance checklists, it does not guarantee that the ecosystem is resilient under real-world pressure. Third-party risk scales through common failure modes and dependency structures, so ecosystems can look strong in aggregate while remaining fragile in the specific places attackers repeatedly exploit.

For instance, the reality of the terrain is defined by repeatable weaknesses. Over 53% of organizations have at least one critical vulnerability, and 23% have corporate credentials circulating on the dark web. This creates “Pressure Zones,” particularly in manufacturing and professional services, where high susceptibility and weak discipline overlap. Notably, these sectors have been the top two hit by ransomware for four consecutive years. Education is another high-pressure sector. This is not driven by attack sophistication, but by chronic exposure. High credential leakage, inconsistent patch discipline, and operational constraints combine to create environments where compromise is easier to initiate and harder to contain.

On the other hand, finance presents a different pattern. Ransomware Susceptibility Index® (RSI™) scores remain materially lower because sustained governance pressure forces tighter control over identity, patching, and exposure management. Regulatory frameworks and continuous audit expectations raise the cost of negligence and shorten tolerance for unresolved weaknesses.

Key findings include:

  • Across nearly 200,000 monitored organizations, the ecosystem appears healthy on paper, with an average Cyber Grade 90.27 (A), yet failure signals are widespread – 53.77% have at least one critical vulnerability, and 23.34% have corporate credentials circulating on the dark web.
  • The ecosystem is not uniformly risky, with manufacturing and professional services sitting in the pressure zone with high Ransomware Susceptibility and weak patch discipline, while finance trends toward a more controlled profile.

The Concentration Risk Crisis: Top 50 Shared Vendors

The top 50 vendors shared by the Forbes Global 2000 represent not only a concentrated point of failure, but also, threat actors know they are the “master keys” to some of the world’s largest organizations, so they are hunting them aggressively.

Of utmost concern is that these vendors maintain a lower average Cyber Grade (83.9, B) than the ecosystem at large, and a staggering 70% of them have at least one vulnerability currently listed in the CISA KEV catalog. With 62% of them showing corporate credentials in stealer logs, this sensitive information is already circulating on the dark web.

Key findings include:

  • 70% have at least one CISA KEV exposure, and 84% have critical vulnerabilities(CVSS ≥ 8)
  • 80% show phishing URL exposure, and 40% show active targeting signals
  • 62% have corporate credentials exposed in stealer logs, and 30% have breached credentials in the last 90 days
  • 52% have a breach history, with 18% in the last year

To read the report, visit https://content.blackkite.com/ebook/2026-third-party-breach-report/.

Methodology

The findings in this report are the result of a multi-source, intelligence-led investigation conducted by the Black Kite Research Group. Black Kite combined verified public breach disclosures with the company’s external cyber risk telemetry and supply chain intelligence to analyze how third-party data breaches emerged, propagated, and concentrated across the ecosystem throughout 2025. The report covers third-party data breach events disclosed between January 1, 2025, and December 31, 2025. The breach dataset is limited to verified, publicly disclosed incidents and is designed to reflect what can be substantiated from reliable reporting and primary disclosures.

Leave a comment »

Over 676 Million U.S. Identity Records Including SSNs Exposed by Public Elasticsearch Instance 

Posted in Commentary with tags on March 3, 2026 by itnerd

he SOCRadar threat intelligence team over the weekend identified a publicly accessible Elasticsearch instance containing over 676 million indexed U.S. identity records, including full SSNs, and complete identity profiles. 

The dataset was exposed to the internet without authentication, enabling unrestricted access to full identity attributes, including SSNs, dates of birth, historical address records, and phone numbers.

The exposed instance contained highly sensitive personal data at a scale exceeding the current U.S. population. This finding represents an extreme-scale identity risk.

Even if duplicate or historical entries exist, the presence of searchable government-issued identifiers in an unauthenticated database places this case in the Critical severity category.

More details can be found here: https://socradar.io/blog/us-elasticsearch-leak-676m-identity-records-ssn-exposure

Leave a comment »

Palo Alto Networks Unit 42 Says That A Chrome CVE Can Allow Hijacking Of The In-Browser AI Assistant 

Posted in Commentary with tags on March 2, 2026 by itnerd

The new wave of agentic browsers brings the promise of transforming the way we use our computers and experience the internet, with AI-driven tools that interact with websites, fill out forms and manage workflows on our behalf. But with these experiential benefits, also come profound new cybersecurity challenges. 

Unit 42 researchers at Palo Alto Networks released new research on a high-severity vulnerability (CVE-2026-0628) they discovered in Google’s new Gemini Live in Chrome feature that could allow malicious extensions with basic permissions to ‘hijack’ the new in-browser AI assistant, granting attackers access to webcams, microphones, and private files

Palo Alto Networks researchers shared the issue with Google in October via coordinated vulnerability disclosure and Google issued a fix in early January. But, this discovery underscores a growing security paradox: as tech giants rush to turn browsers into powerful AI agents, they are inadvertently opening new backdoors to sensitive personal data.

The research is live here: http://unit42.paloaltonetworks.com/gemini-live-in-chrome-hijacking 

Leave a comment »

AirSnitch: What It Is And Why You Should Care

Posted in Commentary with tags on March 2, 2026 by itnerd

Late last week a report surfaced about a new style of WiFi attack called AirSnitch. In short, this attack allows an attacker to bypass Wi-Fi encryption on most networks in order to access all of the traffic passing through the router. And worst yet, almost all routers are vulnerable to this attack.

Now there’s good news and bad news.

Here’s the bad news. If you are a victim of this attack, and now that this is out there there will be attacks, the attacker can create a full bidirectional man-in-the-middle attack. Meaning that they can view all traffic passing through the router. That even creates vulnerabilities when accessing websites secured with HTTPS which is used by online banking websites for example to secure your data from those who want to get access to it for evil reasons. That of course is very bad. And if you’re using public WiFi, this risk becomes worse. Thus my recommendation for that is to use a VPN when you use public WiFi.

The good news is that an attacker would first have to crack the password on the target WiFi network to pull this attack off. Which means that if you have a suitably complex password, you’ve made it a lot more difficult to be affected by this. So my first piece of advice is to change your password to be complex ASAP. Yes that can be a pain in the you know what, but it’s better to be safe than sorry.

Top tip: Don’t ever use AI to choose a complex password. Trust me on this and read this to understand why.

It will be interesting to see if the vendors named in this report address this new attack. Because if they don’t, my recommendation will be to move your infrastructure to vendors that do address this. Now fixes won’t happen overnight. But it will happen eventually. Thus you will get a very good idea as to who you can trust with this, and who you can’t.

Leave a comment »

Flashpoint update on Middle East conflict

Posted in Commentary with tags , on March 2, 2026 by itnerd

Flashpoint analysts continue to monitor the conflict, which transitioned between March 1-2 from a phase of initial mass exchange to a more complex, globally-attuned escalation involving a significant widening of kinetic and non-kinetic attack domains. New strikes directly targeted economic and logistical critical infrastructure in Gulf States, notably a major Saudi oil facility and an AWS data center in the UAE. A major escalation occurred on the Israel-Lebanon border as Hezbollah launched missile strikes, leading to an immediate and widespread Israeli response across Lebanon. The cyber domain witnessed new, alarming claims of intrusion into industrial control systems (ICS) and national grain supply logistics. The international community, specifically the UK, France, and Germany, signaled a willingness to join military action to destroy Iran’s missile capabilities, indicating a high probability of further conflict expansion.

Key Takeaways 

  1. Critical Economic Infrastructure is Now a Primary Target: Iran’s retaliatory strikes escalated to include direct hits on Saudi Arabia’s Aramco facility at Ras Tanura and a significant AWS data center in the UAE, signaling a shift to severe economic warfare and a higher risk for global energy supply.
  2. Conflict Has Expanded to a New Front: Hezbollah’s launch of missiles from Lebanon has resulted in Israeli strikes across all of Lebanon, including Beirut’s southern suburbs, effectively opening a second major kinetic front that increases the potential for a regional ground war.
  3. Cyberattacks Target Essential Civilian Logistics: Pro-Iranian hacktivist groups claimed successful, highly disruptive intrusions into a major Jordanian grain silo company’s control systems, including alleged manipulation of temperature controls and weighing systems, moving beyond simple defacements and signaling a direct threat to food security.
  4. NATO-Aligned Assets Now at Risk: An unmanned Iranian drone reportedly struck the runway of the RAF Akrotiri base in Cyprus, and Iran has allegedly targeted military assets in 15 countries on March 1. This new level of aggression brings NATO-aligned entities in the Eastern Mediterranean into the immediate crossfire.
  5. International Coalition Formation: The UK, France, and Germany are now actively considering military action to destroy Iran’s missile and drone capabilities, creating a defined coalition ready to intervene militarily and further isolating the Iranian regime.

Key Events

  • Saudi Oil Strike: Iranian Shahed-136 drones reportedly strike the Saudi Aramco facility at Ras Tanura, one of the world’s largest oil refining and export facilities.
  • UAE Infrastructure Strike: Amazon Web Services (AWS) confirmed its data center in the UAE (mec1-az2) was temporarily impacted by physical objects striking the facility, creating sparks and fire, forcing a service disruption.
  • UK Base Strike: An unmanned drone strikes the runway of the UK’s RAF Akrotiri base in Cyprus (later confirmed by the UK Foreign Secretary).
  • Lebanese Front Opens: The Israel Defense Force (IDF) confirmed that Hezbollah fired missiles from Lebanon, prompting immediate and extensive Israeli retaliatory strikes across all of Lebanon.
  • US Readiness for Suicide Attacks: US officials prepare for potential suicide attacks and further retaliatory missile strikes targeting American facilities and personnel, with primary concerns centered around Tel Aviv, Jerusalem, and Qatar.
  • US Strike Volume: US Central Command (CENTCOM) reports that over 1,000 targets were struck across Iran in the first 24 hours of Operation Epic Fury.
  • Interim Leader Targeted (Unconfirmed): Israeli media report the possible killing of Iran’s newly appointed interim supreme leader, Ayatollah Alireza Arafi, in fresh strikes on Tehran.
  • European Response: The UK, France, and Germany issue a statement indicating they are prepared to carry out military action to destroy Iran’s missile and drone launch capabilities.
  • Advanced Weaponry Deployment: Israel reportedly deploys the high-powered “Iron Beam” laser system for the first time in combat to intercept incoming rockets.
  • Cyber Resurgence: Mr Soul, a persona linked to the sanctioned Iran state-linked group CyberAv3ngers, announces their return to operations, although some reports suggest a lull in broader Iranian cyber activity.

Cyber Threats & Attacks

The focus shifted from mass-propaganda operations to high-impact, disruptive attacks on critical infrastructure and defense systems:

  • Industrial Control System (ICS) Targeting: The “Cyber Islamic Resistance Axis” claimed penetration of over 130 remote control systems belonging to Control Applications LTD in Israel and other countries.
  • Logistics Sabotage: Pro-Iranian actors detailed a successful intrusion into the Jordan Silos and Supply General Company, claiming they gained access via phishing.
  • Government/Commercial Disruption: Attacks continued against government and commercial entities in Gulf states, including DDoS and data breach claims against the Bahrain Communications Regulatory Authority, Dubai Medical City, and the Zayed Charitable & Humanitarian Foundation.
  • Threat Actor Status: Mr Soul (CyberAv3ngers-linked) announced a return to operations, while general cyber operations from Iranian groups saw a temporary, noticeable lull.

Physical Threats to Western Entities

The risk profile for Western assets in the region has significantly escalated beyond military installations:

  • Oil Infrastructure: The strike on the Saudi Aramco facility at Ras Tanura demonstrates that key Western-partnered economic infrastructure is now a legitimate, high-value kinetic target.
  • Cloud Infrastructure: The physical strike on the AWS data center in the UAE signifies that commercial technology and data assets are no longer safe from kinetic damage.
  • Contagion Risk: The escalation on the Israel-Lebanon front and the confirmed strike on the RAF Akrotiri base in Cyprus indicates a broadening geographical threat, placing personnel at bases like Souda Naval Base (Crete) and other NATO assets on high alert.
  • Personnel Security: US officials are preparing for the threat of suicide attacks targeting American facilities and personnel abroad, particularly in Tel Aviv, Jerusalem, and Qatar, necessitating a maximum threat posture.

Security Recommendations

  • Elevate Security Posture for Critical Infrastructure (Gulf): Businesses operating energy, logistics, or technology infrastructure in the Persian Gulf (especially Saudi Arabia, UAE, Qatar, and Bahrain) must immediately activate maximum security and contingency protocols and review physical security for assets like oil facilities, data centers, and major ports.
  • Review ICS Security: Organizations with Industrial Control Systems (ICS) and SCADA systems in the region must conduct a priority-one audit of remote access and phishing vulnerabilities, given the demonstrated capability of adversaries to target and claim control over such systems (e.g., Jordanian silos).
  • Implement Anti-Drone/C-UAS Measures: Deploy experienced counter-UAS operators (or partner with the UK to access the promised Ukrainian assistance) to address the persistent and expanding threat from Iranian drones (e.g., Ras Tanura strike, RAF Akrotiri strike).
  • Personnel Threat Assessment: All personnel in the Gulf region, especially in major transit/security hubs (Riyadh, Qatar, UAE), should be advised of the heightened risk of asymmetric attacks (e.g., suicide attacks) and instructed to strictly follow all government security alerts, avoiding public uniform display and high-profile locations.
  • Supply Chain Contingency: Implement Tier 1 contingency planning for global supply chains, assuming an extended closure of the Strait of Hormuz and continuous disruption of major Gulf air and sea hubs.

Strategic Outlook

The strategic outlook is one of maximum instability, marked by a critical escalation where the conflict is spiraling outward both geographically and functionally. Iran’s shift in strategy from purely military retaliation to economic decapitation is evident in the strikes on Saudi Arabia’s Ras Tanura oil facility and an AWS data center in the UAE, signaling a profound threat to global energy and technology supply chains. Furthermore, the conflict has opened a second kinetic front in Lebanon due to Hezbollah’s missile strikes, and is becoming dangerously internationalized as key European powers (UK, France, Germany) signal a readiness for military action to destroy Iran’s missile capabilities. This complex and widening hybrid war now includes high-impact, asymmetric threats like the potential for terror attacks and cyber intrusions against essential civilian logistics, making the de-escalation path extremely challenging.

Though this is slightly late, there is a Flashpoint Community Call Planned for Monday, March 2, 2026 at 11 AM EST: U.S.–Israel Military Strikes on Iran and Tehran’s Regional Retaliation | Flashpoin

Leave a comment »

Iranian Cyber Actions, Threats, Mitigation Recommendations 

Posted in Commentary with tags on March 2, 2026 by itnerd

Given the fact that Iran was attacked by the US and Israel over the weekend, and Iran is a known bad cyber actor, it’s time to have a discussion about what threats that Iran can pose. Thus I have four experts to share their thoughts on this important topic.

Ted Miracco, CEO, Approov:

    “A silent prelude to attacks has been conducted via API probing. While much of the public focus is on the military strikes, the digital battlefield has been simmering for weeks. In the fortnight leading up to this weekend’s events, Approov observed a significant surge in highly sophisticated probing attacks against APIs and mobile applications that provide critical communication links for regional governments. These sophisticated maneuvers were specifically designed to evade initial defenses. We have analytical indications that the presumed Iranian actors were scouting and gauging regional infrastructure vulnerabilities. Fortunately, by deploying over-the-air (OTA) software updates to the apps and new policies to the cloud, we were able to harden these apps before the probes could turn into full-scale service interruptions or data breaches.

   “Groups like the CyberAvengers have already proven that our water and power systems are vulnerable through the hardware and mobile interfaces that control them. Depending on who is in power, we could expect a ‘scorched earth’ approach next. Currently, Iran’s domestic cyber infrastructure is in a defensive crouch following the massive digital blackout. As they regain control, they will likely move from probing or persistence to destruction. This means moving beyond standard DDoS attacks to wiper malware and API-based disruptions that could cripple the mobile apps global users rely on for everything from banking to emergency alerts. The sophistication we saw in the Gulf suggests they are capable of striking once they recover their footing. It will only matter who gives the orders, as whatever penetrations they could pull off were completed before the first strike occurred.”

Jacob Warner, Director of IT, Xcape, Inc.

    “During open conflict, Iran has historically favored asymmetric cyber tactics. These tactics are deniable, disruptive, and psychologically impactful rather than those that are overtly destructive. U.S. critical infrastructure – especially water utilities, energy operators, healthcare systems, telecommunications, the media, and regional government networks – could experience increased attacks.

    “These include DDoS campaigns, ransomware attacks, spear phishing, and disruptive intrusion attempts aimed at undermining public confidence. Groups like CyberAv3ngers have previously targeted poorly secured industrial control systems (ICS). This indicates a continued interest in operational technology (OT) environments with low cybersecurity maturity. We might also observe website defacements, data leaks, or influence operations intended to heighten domestic political and social tensions.

    “The Iranian regime has a history of suppressing pro-democracy communications. They do this by throttling Internet bandwidth, blocking major platforms, and shutting down mobile data networks during unrest. For private sector organizations, resilience should be the priority: patch vulnerable systems, enforce multi-factor authentication, segment operational technology (OT) from information technology (IT) networks, and practice incident response playbooks.

   “Lastly, users everywhere need to be reminded to be aware of unsolicited emails so that they can avoid compromising their organizations through susceptibility to phishing.”

Denis Calderone, Principal and CTO, Suzu Labs 

   “Recent trends have most analysts keeping focus on DDoS and ransomware right now, and those are real concerns. But what’s been concerning us more is the stuff we can’t see. Iran’s most capable espionage group, APT34, has gone completely quiet during the most significant crisis in their country’s modern history. We worry that it might just mean they’re getting ready.

   “Since it appears that conventional military options are looking increasingly to be off the table, cyber is what Iran has left. And even with their own internet down, pre-positioned implants and operators based outside Iran can still execute. If you’re in energy, water, financial services, or defense, assume you’re a target. Start hunting for anomalous access in your environment now. Don’t wait for something to break.

   “European organizations need to pay attention here too. Iran’s cyber operations don’t stop at US borders, and the proxy groups operating on Iran’s behalf are even less predictable in their targeting. When the motivation is retaliation and the conventional military is gone, cyber operators cast a wide net.

   “The immediate concern for European critical infrastructure is wiper malware. We’re already seeing reports of wiper deployments against Western financial and energy firms from Iranian proxy groups, and although many of these have been traditionally against Israeli targets, there’s no reason to suggest that targeting won’t expand with recent developments. If you’re in energy or critical infrastructure, treat this as a heightened threat period. Review your incident response plans, make sure your backups are isolated and tested, and pay close attention to any unusual activity in your OT environments. This is not a drill.”

Hom Bahmanyar, Global Enablement Officer, Ridge Security, Inc.

    “There is a significant possibility that Iran’s Islamic regime would respond to US and Israeli military strikes with large-scale cyberattacks, particularly given its inability to match the conventional military capabilities of the US and Israel. Cyber operations may be viewed by the regime as a more attainable and potentially effective means of retaliation compared to military confrontation.

    “Based on the regime’s past practice of imposing internet shutdown to restrict the flow of information during internal crises or domestic unrest, such as the January crackdown on protesters, the current nationwide internet blackout and reduction in connectivity to 4% as reported by NetBlocks is likely a deliberate government response to make it more difficult for pro-democracy forces to communicate with the outside world, rather than the direct result of Israel’s cyberattacks on their infrastructure.”

Leave a comment »

Incode First to Achieve iBeta’s Highest Level of Independent Identity Security Testing on Both iOS and Android With 0% Error Rate

Posted in Commentary with tags on March 2, 2026 by itnerd

Incode Technologies, Inc., the global leader in identity security and fraud prevention, today announced that iBeta PAD testing confirmed Incode’s face liveness technology achieves Level 3 Presentation Attack Detection (PAD) conformance under ISO/IEC 30107-3.

Face liveness technology is used in digital onboarding and authentication to confirm a real, live person is present during a selfie capture – not a printed photo, video replay, mask, or other spoofing attempt. It enables organizations to defend remote identity verification flows against account takeovers, synthetic identity fraud, and impersonation scams.

Incode’s solution is passive and completes verification with a single selfie, reducing friction compared to challenge-based experiences while maintaining strong resistance to sophisticated presentation attacks.

This level of assurance matters most at scale – where identity decisions impact conversions, fraud losses, and customer trust across millions of users. Incode operates at that scale, powering trusted experiences for 8 of the top 10 U.S. banks, 8 of the top 9 telecom companies, the top 3 global neobanks, and 4 of the top 5 marketplaces worldwide. To date, Incode has processed more than 7.1 billion trust checks.

From Level 1 to Level 3. A clear progression

In 2019, Incode launched a passive liveness model designed to detect common 2D presentation attacks including printed photos and replay attacks. That release led to Incode becoming the first vendor to pass iBeta Level 1 using a passive liveness approach.

By 2022, Incode expanded its defenses to address advanced 3D mask attacks while continuing to strengthen 2D detection. These improvements enabled Incode to pass iBeta PAD Level 2 testing in early 2023.

In 2026, Incode achieved iBeta PAD Level 3 conformance on both iOS and Android, with a perfect score.

Independent validation at the highest PAD level

APCER (Attack Presentation Classification Error Rate) captures whether spoofing attempts are incorrectly accepted, while BPCER (Bona Fide Presentation Classification Error Rate) captures whether legitimate users are incorrectly rejected. Incode reported 0% on both metrics – no presentation attacks were accepted, and no legitimate users were rejected during the evaluation.

Incode’s verification is completed from a single selfie capture, with no challenge prompts (such as turning head, or smiling), helping reduce friction while maintaining strong resistance to sophisticated presentation attacks.

Why this matters now

Digital onboarding has become the primary gateway to financial services, marketplaces, and government platforms – making identity assurance a critical control point for both security and growth.

Organizations face mounting pressure to reduce fraud losses while minimizing false rejections that disrupt user experience and impact revenue. But as attackers become more sophisticated, it’s increasingly difficult for teams to evaluate liveness vendors under the most demanding real-world conditions, especially across devices, environments, and advanced presentation attacks. Independent testing at the highest available PAD level helps buyers cut through claims and identify the solutions that hold up when stakes are highest.

This milestone reflects Incode’s continued commitment to proprietary innovation and world-class engineering talent globally.

Leave a comment »

This Attempt By A Scammer To Steal Your Identity Is Simply Laughable

Posted in Commentary with tags on March 2, 2026 by itnerd

A reader of this blog sent me an email over the weekend that made me burst out laughing because of how laughably bad it was. Let me show you the email so that you can see for yourself:

First of all, the email that is sent from is clearly not from the FBI:

That alone should make you delete it the second that it hits your inbox. But the rest of the email should make you delete it instantly as there is no way that Kash Patel who runs the FBI is going to email you directly asking for your details to them. If this were from the FBI, they would already have your details. Which likely explains why the recipient of this email isn’t named explicitly.

What this email is attempting to do is to get people to hand over their details for use in some sort of identity theft scam. I am also guessing that it attempting to try and get someone who has fallen for a scam in the past as those people tend to be re-victimized about 40% of the time from what I’ve read. Regardless, this is pretty lame and laughable. Not as lame and laughable as this scam involving former Canadian Prime Minister Stephen Harper from many years ago. But still lame and laughable.

Anyway, this is a bit of a laugh to start your Monday morning.

Leave a comment »

Ericsson and Intel collaborate to accelerate the path to commercial AI-native 6G

Posted in Commentary with tags on March 2, 2026 by itnerd

Ericsson and Intel are pooling their next-generation technology leadership to help accelerate ecosystem readiness for seamless transition to AI-native 6G deployments and use cases.

The collaboration – an extension of a decades’ long relationship – was announced at Mobile World Congress Barcelona 2026. It will span mobile connectivity, cloud technologies, and compute capabilities across AI-driven RAN and packet core use cases, and platform level-security and network capabilities to help enhance ecosystem enablement and time-to-market for cloud-native solutions.

A shared commitment

As 6G transitions from the research phase to commercial reality, the industry needs a collaborative, well-prepared ecosystem-aligned with global standards bodies and industry organizations to help turn innovation into deployable infrastructure.

The collaboration will advance future high-performance, and energy-efficient compute architectures designed for both AI for networks and Networks for AI.

AI-native 6G will combine intelligent and programmable networks with advanced compute and real-time sensing, creating a stronger foundation for more responsive, efficient and capable services. Over time, that evolution could bring sensing and compute closer together across the network.

Collaboration results on show

Ericsson and Intel have collectively achieved important milestones across cloud RAN, 5G Core and open network infrastructure. That momentum continues at MWC 2026, where multiple demonstrations – across Ericsson (Ericsson Pavilion, Hall 2), Intel (Hall 3, Stand 3E31) and various ecosystem partner event spaces – showcase innovative collaboration.

Related links:
6G – Follow the journey to the next generation networks – Ericsson

Ericsson pioneers Cloud RAN call with HPE server and Intel

Ericsson’s first Cloud RAN call on Intel Xeon 6 with Dell

Ericsson and Intel hit milestones in Tech Hub collaboration

Ericsson, Intel advance optimized 5G

Leave a comment »

Börje Ekholm opens Ericsson’s MWC 2026

Posted in Commentary with tags on March 2, 2026 by itnerd

Hyperconnectivity driven by huge numbers of sensors, the expansion of AI into applications and devices, and the role of telecoms in national security was center stage in Barcelona today as Ericsson President and CEO, Börje Ekholm, got the company’s Mobile World Congress (MWC) 2026 program underway.

Ekholm said these three “fundamental forces” shaped this year’s Ericsson MWC event theme – Enter New Horizons – and are central to company demos, seminars, panel and round-table discussions, and customer meetings at the Fira Gran Via venue this week.

He said the AI surge and growth in the number of connected devices will drive high-performance connectivity demand as “everything will be connected.”

Ekholm said he was excited about the new era, which he said will also put demands on Ericsson.

Momentum in differentiated connectivity use cases – such as premium fixed wireless access, network slicing, and Network APIs – will also be in focus in Ericsson’s pavilion.

Ericsson’s event space will feature collaborations with more than 120 partners across the industry – comprising more than half of what Ericsson is showing in Barcelona this year.

Ekholm said this was evidence of how the new ecosystem is scaling.

Ekholm referenced the Network APIs-focused joint venture Aduna as an important example of bringing the industry together to form ecosystems to utilize the digital stack.

Ekholm said 5G Standalone would also influence the third ‘fundamental force.’

Ekholm was joined by special guests during the webcast: AT&T CEO, John Stankey, and Singtel CEO, Yuen Kuan Moon.

Stankey and Ekholm discussed the companies’ December 2023 deal aimed at helping the U.S. communications service provider to move to cloud-based architecture and pursue new revenue streams.

Stankey highlighted momentum in fixed wireless access and network slice uptake as being notable and agreed with Ekholm that 5G Standalone is central to the cloud-based and service-based architecture needed for new physical AI services and applications.

Stankey and Ekholm also addressed the importance of collaborating on network security, before discussing the fact that both AT&T and Ericsson celebrate 150-year anniversaries in 2026. While celebrating the landmark they also stressed the need to constantly innovate and think about what is coming next.

Ekholm and Yuen Kuan Moon also discussed the advantages of having 5G Standalone connectivity.

He also highlighted dedicated network slices as new revenue generation opportunities across security, factories, airports and seaports, saying offering applications and gaming network slices was also in focus.

Mobile World Congress Barcelona 2026 runs until March 5. Find out ore about Ericsson’s MWC activities vis this link.

Leave a comment »

« Older Entries
Newer Entries »