February Patch Tuesday Commentary From Fortra

Posted in Commentary with tags on February 10, 2026 by itnerd

By Tyler Reguly, Associate Director, Security R&D, Fortra

On first pass, this month looks pretty reasonable – 60 CVEs, including one assigned by the Chrome CNA. When you look a little more closely, you start to realize that there is a lot going on here. February can be a bit of a cold, dull month, but Microsoft has decided to heat things up a bit. The good news, there’s not a lot of CVEs to deal with, the bad news, there’s actually a lot to unpack here.

We can’t ignore the fact that there are 6 actively exploited vulnerabilities included in this month’s patch drop. 10% of this month’s vulnerabilities are listed by Microsoft as exploit detected. That’s a significant portion of them.

There’s some common language in there too, with vulnerabilities impacting Windows Shell (CVE-2026-21510), MSHTML Framework (CVE-2026-21513), and Microsoft Word (CVE-2026-21514) all including the words ‘security feature bypass.’ Similarly, two of these vulnerabilities – CVE-2026-21519 in Desktop Windows Manager and CVE-2026-21533 in Windows Remote Desktop Services – both allowing elevation of privilege to SYSTEM. The odd vulnerability out in this list is the Windows Remote Access Connection Manager vulnerability (CVE-2026-21525) because it is a local denial of service, something that Microsoft often rejects – refusing to assign CVEs and issue patches for these types of vulnerabilities on a regular basis.

The upside to this many actively exploited vulnerabilities? They are easy to resolve with regular Microsoft patches for Windows and Office and none of them require any post patch configuration steps.

If I’m a CSO this month, I’m less concerned about what my desktop and server security teams are patching and more concerned with my cloud ops teams. Sure, there are a lot of actively exploited vulnerabilities, but the normal patching process will resolve those. The 10 Azure CVEs representing 16.6% of the CVEs released this month are what I would be concerned about. While 3 of these (CVE-2026-21532, CVE-2026-24300, and CVE-2026-24302) are all marked as ‘No Customer Action Required,’ I’d still want to ensure that there was no evidence of issues in my cloud (or cloud adjacent) environments. For the other 7 CVEs, however, I’d hope that my team is looking closely at the variety of fixes that need to be performed to upgrade my environment.

It’s rather amusing to me to watch as we migrate everything to the cloud. With on-prem deployments, the vulnerability resolution process is mature – we know what patches look like, how to find unpatched software, and how to roll out the standard patch to multiple systems. With the cloud, we rely on scripts, full app replacements, and manual configuration to resolve a lot of the vulnerabilities. This puts a lot more pressure on the cloud ops team to fix these as well as the development teams that may be utilizing the related SDKs. This shifts the responsibility for maintaining systems away from traditional vulnerability management programs and may present headaches to CSOs trying to inventory and track the usage of these components in their environments.

Leave a comment »

Social network for doctors Sermo breached by ransomware attack

Posted in Commentary with tags on February 10, 2026 by itnerd

Comparitech is reporting that Sermo, a social network for doctors, yesterday confirmed it notified 2,674 people of a March 2024 data breach that leaked Social Security numbers.

Rebecca Moody, Head of Data Research, commented: 

“There are two concerning elements to this breach — first, the lengthy delay in notifying those involved in the initial breach from March 2024, and second, the fact that another ransomware gang claimed an attack on the organization nearly a year later. Medusa, the gang behind the second claim, isn’t known for making false claims, so we could likely see a further notification for this attack if users’ or employees’ data was breached. 

I would highly recommend that any user or employee of Sermo, whether they’re part of the 2024 breach or not, be on high alert for any suspicious activity (checking back through historic activity and monitoring things going forward) and take up some form of identity theft protection/monitoring.”

Well this sucks because it took a real long time for this to come to light. Nothing good will happen because of that. Let that be a lesson those in a similar position.

Leave a comment »

OVHcloud unveils Bare Metal 2026 line-up powered by the latest AMD processors

Posted in Commentary with tags on February 10, 2026 by itnerd

In a context where organizations have to juggle with unprecedented volumes of data, run even more heterogeneous tasks all while keeping control of their costs and environmental impact, OVHcloud, a global cloud player and the European Cloud leader, unveils its new Bare Metal 2026 generation of dedicated servers.

The new line-is up built around the latest AMD Ryzen and AMD EPYC processors and is designed to offer cost-effective power while providing unparalleled resiliency, enabling organisations of all size to address use cases including machine learning, blockchain, large scale virtualization or hosting of online games.

Bare Metal 2026 serving digital transformation of businesses
With organisations accelerating their digital transformation, uses cases abound: databases, virtualization, containerization, etc. As a result, OVHcloud offers a robust and durable Bare Metal platform for organisations that constantly need to adapt themselves while making the most of their budgets thanks to cost predictability.

Addressing those challenges require processors with high core count to handle unprecedented amounts of tasks in parallel, high-speed DDR5 memory, a vast choice of rapid storage, and a performance per watt ratio to optimise the infrastructure sustainability footprint. 

The Bare Metal 2026 line-up also benefits from a network connection, with unlimited traffic, designed for modern architectures with an unlimited guaranteed public bandwidth ranging from 1 to 5 Gbit/s depending on the models, and a private bandwidth of up to 50 Gbit/s that prove ideal for clusters, virtualization or distributed environments. 

The complete Bare Metal 2026 line-up includes:

  • Rise 2026: These new generation versatile servers are the perfect match for intensive workloads, web environments and light virtualization business needs. They boast AMD Ryzen or EPYC x86 processors built on the Zen 5 microarchitecture. Available now in Europe and Canada.
  • Game 2026: Designed to host online video games sessions, the Game 2026 servers handle virtual machines ideal for gaming environments and offer resiliency with OVHcloud’s built-in Anti-DDoS solution. Leveraging AMD Ryzen 9000 X3D series x86 processors operating at high frequencies, this range provides Level 3 cache memory that helps keep latencies low for a smooth gaming experience. Available now in Europe, Canada and The United States.
  • Advance 2026: SSupporting validation nodes and other blockchain system components, Advance 2026 servers are equally adapted for hosting, database management or cluster deployment of high-performance containers. They are powered by AMD EPYC 4005 x86 processors with up to 16 cores/32 threads with DDR5 ECC memory. They benefit from a 99.95% SLA and are available now in Europe, Canada, The United States and APAC.
  • Scale 2026: Designed for the most demanding use cases including big data, analytics or high-performance computing, the Scale 2026 range supports AMD SEV technology for confidential computing workloads. Tailored for the most ambitious projects and available for deployment in 3-AZ configurations answering resiliency requirements, Scale 2026 servers are built around AMD EPYC 9005 series x86 processors, with up to 384 cores/768 threads (dual socket) and up to 3 TB of DDR5 ECC memory. Storage options can be configured with up to 92 TB of NVMe drives. Scale 2026 servers are available now in Europe, Canada, The United States and APAC.

Sustainability and data protection
Bare Metal 2026 dedicated servers benefit from OVHcloud’s proven infrastructure expertise, delivered from energy-efficient data centers thanks to the Group’s responsible model leveraging watercooling. Data security and protection are backed by internationally recognized standards, including ISO27001 certification, and by a strong European approach to data sovereignty, helping customers maintain control over where their data is stored and how it is accessed.

Learn more about OVHcloud Bare Metal 2026 servers

Leave a comment »

Nikon Introduces the ACTION and ACTION ZOOM Binoculars 

Posted in Commentary with tags on February 10, 2026 by itnerd

Nikon Vision Co., Ltd., (Nikon Vision), a subsidiary of Nikon Corporation (Nikon), has announced the introduction of the new ACTION and ACTION ZOOM binocular series. Whether birding, hiking or spotting the scenery, these new binoculars give users an affordable option for incredible clarity at a variety of distances.

These new ACTION series are the successor models to the popular and highly acclaimed ACULON A211 binoculars, which are the standard Porro prism type models in Nikon’s binocular lineup. The ACTION and ACTION ZOOM series consists of seven models: 8×42, 10×42, 7×50, 10×50, 12×50, 16×50 and 10-22×50. All models feature newly developed optical systems as well as new exterior designs, giving users enhanced handling and usability and improved performance for both optical quality and ergonomic handling compared to previous models.

The 10×42, 12×50, and 16×50 models provide an apparent field of view of 60 degrees or more, qualifying them as wide field of view models. Eye relief has also been extended for most of the models in the series (except the 16×50 model), offering long eye relief of 15mm or more — ensuring comfortable viewing even while wearing eyeglasses or sunglasses.

Regarding the exterior design, the new series adopts an ergonomic form that provides excellent operability and a secure, comfortable grip. The binocular body employs aluminum alloy and is encased in rubber armour that ensures a secure grip and comfortable handling, realizing high durability which users can confidently rely on.

In addition, the ACTION Series offers improved specifications in a wide-ranging lineup of models, with attractive pricing. This makes the ACTION and ACTION ZOOM series models an ideal choice for both those who are new to binoculars, as well as experienced users seeking reliable performance.

Key Features of the ACTION Series:

  • Ergonomic design for excellent handling and a secure grip
  • Multilayer-coated lenses and large objective lens diameter for delivering bright, clear images
  • Rubber armouring for shock resistance and a firm, comfortable grip
  • Aluminum alloy body employed for enhanced durability
  • Long eye relief design ensures a clear field of view, even for eyeglass wearers (except 16×50)
  • Turn-and-slide rubber eyecups with multi-click facilitate easy positioning of eyes at the correct eyepoint (except 10-22×50)
  • Wide apparent field of view (61.4° for 10×42, 60.8° for 12×50, 60.8° for 16×50)
  • Smooth zoom function via the zoom lever (10-22×50 only)
  • Compatible with a tripod using optional tripod adapter (TRA-2 and TRA-3)

Price and Availability

The new Nikon ACTION series of Binoculars will be available in early March 2026 for the following Manufacturer’s Suggested Retail (MSRP) pricing: ACTION 8×42 – $149.95, ACTION 10×42 -$159.95, ACTION 7×50 – $169.95, ACTION 10×50 – $184.95, ACTION 12×50 – $189.95, ACTION 16×50 – $214.95, ACTION ZOOM -10-22×50-$259.95.

For more information about current Nikon products, please visit www.nikon.ca

Specifications:

ACTION 8×42ACTION 10×42ACTION 7×50ACTION 10×50ACTION 12×50ACTION 16×50ACTION ZOOM 10-22×50
Magnification (×)810710121610-22
Effective diameter of objective lens (mm)42425050505050
Angular field of view (real) (˚)86.86.46.45.64.23.9*2
Angular field of view (apparent) (˚)*158.461.442.758.460.860.837.6*2
Eye relief (mm)17.316.119.617.316.11316.3*2
Length (mm/in.)149/5.9149/5.9193/7.6185/7.3185/7.3185/7.3202/8.0
Width (mm/in.)193/7.6193/7.6200/7.9200/7.9200/7.9200/7.9200/7.9
Depth (mm/in.)59/2.359/2.366/2.666/2.666/2.666/2.666/2.6
Weight (g/oz.)790/27.9790/27.9935/33.0935/33.0945/33.3940/33.2950/33.5

Leave a comment »

Guest Post: From “admin” to “admin1” — why hackers love minor tweaks in your login credentials

Posted in Commentary with tags on February 10, 2026 by itnerd

A new analysis reveals that a common habit of making small tweaks to existing passwords — such as adding a number or changing a symbol in an existing password, instead of creating a unique one — is a massive security risk that hackers easily exploit. Despite company policies and security training, this widespread practice of using near-identical passwords remains one of the biggest, most underestimated threats, cybersecurity experts warn.

This risky behaviour is indeed widespread. NordPass’ password reuse survey reveals that 62% of Americans, 60% of Brits, and 50% of Germans reuse passwords across multiple online accounts. On average, people reuse passwords for about five accounts, with one-fifth admitting to reusing them for 10 or more accounts. 

“This risky habit, affecting nearly three in five users, creates a domino effect of vulnerability, where a single compromised password can unlock an entire digital life,” says Karolis Arbaciauskas, head of product at NordPass

Adding a letter, a number, or a symbol

According to the survey data, 68% of Americans who reuse passwords make at least some changes before reusing them. The same is true for 62% of Brits and 61% of Germans. The most common change is adding or changing a number, symbol, or letter.

“Such a lax approach to security can result in stolen data or an emptied bank account, and a lot of anxiety,” says Arbaciauskas. “However, I must agree that, in terms of sheer damage that a threat actor could do, this practice is an especially dangerous phenomenon in the corporate environment. Because it technically does not violate most password policies, and it often stays unnoticed by administrators. This way, it can become an entry point for threat actors, who would gladly extort or blackmail the company.”

Most common variations 

In the “Top 200 most common passwords 2025” list, researchers found 119 nearly identical passwords, which were divided into seven approximate groups:

  • Sequential number variations. Examples: 12345, 123456, 1234567,987654321.
  • “Admin” variations. Examples: admin, Admin, adminadmin, admin123.
  • “Password” variations. Example: password, Password1, p@ssw0rd, Passw0rd.
  • Keyboard pattern variations. Examples: qwerty, qwerty123, abcd1234, Abcd@1234.
  • Repetitive pattern variations. Examples: 11111111, 111111111, aa112233, aabb1122.
  • Common word variations. Examples: welcome, Welcome1, test123, Test@123.
  • Prefix/suffix variations. Examples: a123456, Aa123456, Aa@123456, 12345678a.

The most numerous groups are sequential number variations, keyboard pattern variations, and repetitive pattern variations.

“This is just a rough breakdown, based on variations of the same passwords. However, in principle, all 200 passwords can be placed into certain predictable categories. For example, when compiling the list itself, we noticed that popular names and surnames, place names, swear words, brand names and equivalents of the word ‘password’ in various languages, are often used as passwords. Often with added numbers or special characters. Those passwords feel unique, but are all predictable patterns. Threat actors know this, and the automated hacking tools they use, most certainly can apply common transformations, such as adding or changing characters, and incrementing numbers,” says Arbaciauskas.

Why do people reuse passwords?

A third of internet users who reuse passwords say they do it because they have too many accounts to manage different passwords for each one. About 25% say that they find it inconvenient to create and manage unique passwords. 

“People reuse passwords because it’s easier that way. Between work tools, financial apps, subscriptions, social networks, online shopping, and gaming, the number of accounts adds up quickly. The average person has around 170 passwords. Remembering unique passwords for all of them isn’t realistic. But it is worrying that, despite repeated warnings, about 10% of respondents still don’t think there’s a significant risk in reusing passwords. This mindset is a disaster waiting to happen. Threat actors could gain access to all your accounts, your identity could be stolen, and your credit card — maxed out, or a loan could be taken out in your name. In a corporate setting, this behaviour could cost millions, if you let ransomware in,” says Arbaciauskas.

Password safety tips

According to Arbaciauskas, a few general rules can greatly improve digital hygiene and help avoid falling victim to cyberattacks due to ineffective password management:

  • Security training. Many companies are already doing this. Although this doesn’t always work — sometimes even cybersecurity professionals get fooled — training bears fruit. Companies that run regular security workshops experience fewer cases of reused credentials, and employees often use this knowledge in personal life.
  • Password policies and technologies. Companies should have robust password policies. Ideally, the company’s system would automatically compare newly created passwords with those already leaked on the dark web and prevent the creation of one that is the same or very similar to the one already leaked. It’s best to use password generators for both personal and work accounts.
  • Multi‑factor authentication (MFA). So far, this is the most reliable and convenient way to provide additional protection for business and personal accounts. MFA, which requires you to provide a one-time code when logging in, can stop account takeover even when the threat actors have your password.
  • Password manager. It can help you generate, store, manage, and safely share passwords. A password manager removes the need to rely on memory altogether. Instead of trying to come up with something clever or easy to remember it creates long, random passwords that don’t follow patterns. And you don’t need to remember them — just autofill or copy paste.
  • Consider passkeys. A passkey pairs public‑key cryptography with device biometrics, so there’s nothing to type, nothing to forget, and nothing to reuse. Although adoption is somewhat slower than expected, many major platforms already support them. Where passkeys are unavailable, turn on MFA.

Leave a comment »

ZeroDrift Emerges From Stealth With a16z speedrun Backing to Make Every Enterprise Communication Compliant in the AI Era

Posted in Commentary with tags on February 10, 2026 by itnerd

In regulated industries, speed has become a competitive advantage, but compliance remains a structural brake. Teams want to launch campaigns, communicate with clients, and deploy AI-driven tools, yet every message must pass through manual review. The result is weeks of delay, lost momentum, and teams avoiding written communication altogether. ZeroDrift was built to change that. Today, the company announced its launch from stealth alongside a $2 million pre-seed round to automate compliance in real time, unlocking business velocity while giving compliance teams infrastructure to scale oversight.

The pre-seed round was led by a16z speedrun and brings ZeroDrift’s total funding to $2 million. The capital will support the company’s go-to-market launch, product expansion across communication channels, and continued development of its AI-driven compliance engine.

The timing reflects a growing tension across financial services and other regulated industries. Firms are under pressure to move faster, scale digital outreach, and adopt AI, while regulatory requirements continue to demand strict oversight of every external communication. Traditional compliance models rely on manual redlines, approval queues, and post-hoc sampling. These processes were built for a different era and cannot scale with today’s communication volume, leaving compliance teams stretched thin and business teams waiting. ZeroDrift takes a fundamentally different approach by shifting compliance from a gate at the end of the process into an automated guardrail that operates in real time.

ZeroDrift is an AI-native communication firewall that validates and fixes content before it is sent, giving compliance teams control at scale and business teams the speed to execute. The platform encodes SEC, FINRA, and firm-specific policies into machine-readable rulepacks, then enforces them at the point of creation. ZeroDrift integrates directly into tools teams already use, including email, browsers, CRMs, websites, social platforms, and AI systems. Content is checked instantly, issues are flagged with suggested fixes, and compliant messages move forward without delay. Compliance teams retain full visibility through centralized dashboards, audit trails, and exam-ready evidence generated automatically.

The idea for ZeroDrift came from founder Kumesh Aroomoogan’s experience building Accern (one of the first no-code AI platforms for financial services), which he exited by acquisition in 2025. He repeatedly saw legal and compliance reviews stall launches and drain momentum. He also noticed a more subtle shift, where people preferred phone calls over emails because they were unsure whether what they were writing was compliant. Compliance was not only slow, it was changing how people communicated. 

ZeroDrift was created to solve that problem by giving teams certainty in real time.

ZeroDrift is launching initially in financial services, serving registered investment advisors, asset managers, broker-dealers, and wealth platforms. The market includes more than 15,000 RIAs, 3,500 asset managers, and hundreds of thousands of registered representatives in the United States alone. Early use cases include faster campaign launches, higher sales velocity, safe deployment of client-facing AI, and instant exam readiness without last-minute scrambles.

The broader shift toward AI and multi-channel communication is intensifying the problem ZeroDrift addresses. Firms now communicate across email, websites, social platforms, client portals, and AI assistants, each with its own compliance requirements. Manual review does not scale across this landscape, and hiring more compliance staff is neither economical nor effective. As communication volume increases, the firms that succeed will be those that automate governance rather than rely on human bottlenecks.

Looking ahead, ZeroDrift plans to deepen its coverage across financial services before expanding its rule-based compliance engine into other regulated sectors, including insurance, healthcare, ESG disclosures, and AI governance. The long-term vision is to become the universal trust layer for any system that communicates, ensuring that as AI and automation scale, trust, safety, and compliance scale with them.

Leave a comment »

Marquis Who’s Who Honors Andrea L. Gwynn for Excellence in Information Technology Leadership and Military Service

Posted in Commentary with tags on February 9, 2026 by itnerd

Andrea Gwynn has been selected for inclusion in Marquis Who’s Who. As in all Marquis Who’s Who biographical volumes, individuals profiled are selected on the basis of current reference value. Factors such as position, noteworthy accomplishments, visibility, and prominence in a field are all taken into account during the selection process.

Ms. Gwynn’s distinguished career in information technology (IT) and federal service spans three decades, marked by progressive leadership roles and a commitment to innovation. In October 2025, she assumed the position of chief information officer at Forward Edge-AI Inc., where she manages end-user services for all employees and ensures that information technology requirements are met by providing access to essential systems, applications and collaboration tools supporting engineering, manufacturing and product production.

Delivering robust artificial intelligence solutions to its clients, Forward Edge-AI Inc. specializes in post-quantum cryptography, data modernization, integration, and engineering to strengthen secure data workflows and enable advanced insights. Ms. Gwynn’s expertise in information technology strategy and innovation has been instrumental in advancing the organization’s secure, scalable technological capabilities.

Before her role as the chief information officer of Forward Edge-AI Inc., Ms. Gwynn had spent 25 years in federal service. In 2025, she dedicated her efforts as a veteran, writer and advocate for veteran empowerment and transition in Killeen, Texas. Her advocacy work focused on supporting veterans as they navigated the complexities of post-military life.

Ms. Gwynn’s federal service is underscored by a series of significant appointments within the U.S. Army. From 2023 to 2025, she served as a deputy chief information officer at the U.S. Army Futures Command in Austin, Texas, where she played a pivotal role in shaping the command’s digital transformation initiatives. Between 2020 and 2023, Ms. Gwynn was the director of information technology services (G6) at the same command, overseeing critical infrastructure projects and ensuring operational readiness.

Among her earlier assignments, Ms. Gwynn served as an IT integrator with the 106th Signal Brigade in Austin from 2019 to 2020 and as the business operations branch chief at the Joint Base San Antonio Network Enterprise Center between 2018 and 2019. Among other roles, she began her civilian federal career as an IT specialist at Fort Hood Network Enterprise Center from 2010 to 2011.

Ms. Gwynn’s military service is particularly notable for her tenure as a chief warrant officer two (251A) in the U.S. Army from 2001 to 2009. As a combat veteran with two deployments to Iraq, she played a key role during her first deployment, establishing IT communications for the First Armored Division Command. Ms. Gwynn was integral to building out servers, networks and services that supported combat operations in Iraq, a contribution that remains a source of immense pride.

Ms. Gwynn’s academic foundation includes a Bachelor of Science in marketing with a concentration in marketing management from Northwood University in 1996. She further enhanced her professional credentials by completing coursework in information technology project management through a certification program at Villanova University.

Beyond her professional achievements, Ms. Gwynn is actively involved with civic organizations, including Disabled American Veterans, where she volunteers and supports fellow veterans.

Ms. Gwynn’s exemplary service has been recognized through numerous awards, including the Women of Color Rising Star in Technology Award in 2024. Honoring her service, she was decorated with a Superior Civilian Service Award, Civilian Service Achievement Medal from the U.S. Army, six Army Achievement Medals, three Army Commendation Medals, the Army Good Conduct Medal, the Defense Meritorious Service Medal and, among others, a Global War on Terrorism Expeditionary Medal. Ms. Gwynn credits her success to hard work, dedication, and a passion for her field, along with the enduring guidance and encouragement of her parents.

Constantly inspired by her family, Ms. Gwynn’s husband is a retired disabled veteran who served for over 20 years in the U.S. Army. Their daughter currently serves in the U.S. Army in Germany alongside their grandson, and their son serves in the U.S. Air Force in Washington. Eager for the future, she plans to continue her education toward a higher degree and seeks opportunities for public speaking and mentorship, particularly for women in technology, veterans and active service members, reflecting her enduring commitment to empowering others within her community and profession. Ms. Gwynn has also begun writing a memoir following her retirement and is actively pursuing publication.

Leave a comment »

Agentic AI and the Coming “Blast Radius” Problem

Posted in Commentary with tags on February 9, 2026 by itnerd

Everyone knows about the risks of GenAI, but the wave is already here, and it’s far riskier: agentic AI. These are AI systems that don’t just generate text or insights — they take actions, execute workflows, change system states, and make decisions autonomously.

Think of it as AI with the ability to “press buttons,” not just give advice.

A new analysis from Keepit, the world’s only vendor‑independent, immutable SaaS data‑protection platform, argues that agentic AI represents a fundamental shift in enterprise risk — one that most organizations are not prepared for.

Why this matters now

Agentic AI is already being embedded into SaaS platforms, IT operations, and enterprise workflows. As these systems gain autonomy, the risk profile changes dramatically:

  • AI can now act — not just advise. It can archive, delete, grant access, move data, schedule jobs, and initiate restores.
  • Mistakes scale instantly. A single hallucinated parameter or mis‑scoped command can impact an entire tenant, not just a file.
  • Rollback becomes the new cybersecurity perimeter. Without immutable, independent backup and point‑in‑time recovery, agentic AI errors become permanent.
  • New attack vectors are emerging. Including memory injection (MINJA), prompt‑based escalation, and automation loops between agents.
  • The winners won’t be those with the smartest AI — but those with the strongest control model.

This is a fresh angle in a saturated AI news cycle: speed vs. safety, and how enterprises can adopt agentic AI without surrendering control.

Please find a full blog post, published today, on Keepit’s blog here

Leave a comment »

0APT – Scam Ransomware Group – No Evidence Victims Impacted By Threat Actors

Posted in Commentary with tags on February 9, 2026 by itnerd

GuidePoint Security today released new research which assesses with high confidence that the victims claimed by “0APT” are a blend of wholly fabricated generic company names and recognizable organizations that threat actors have not breached. 

At a high level, the report focuses on a new “scam” ransomware group, 0APT, which emerged as a Data Leak Site in late January 2026 and quickly claimed 200+ victims within a week – but GuidePoint Research and Intelligence Team (GRIT) finds these claims are largely fabricated. 

GRIT has observed no evidence that these victims were impacted by a threat actor associated with “0APT”, including through first-hand reporting.

0APT is likely operating in this deceptive manner to extort uninformed victims, re-extort historical victims from other groups, defraud potential affiliates, or garner interest in a nascent RaaS group. GRIT cannot rule out the possibility that 0APT or associated actors may conduct real attacks in the future.

After security reporting emerged highlighting the number of victim organizations and implausible or fabricated organization names, the Data Leak Site went offline on Feb 8, before returning on Feb 9, with a much narrower slate of 15+ very large multinational organizations.

Alleged victims of 0APT should consider activating internal investigative procedures, but are advised that in the absence of a ransom note, encrypted files, or any form of communication from the group, their post on 0APT is almost certainly entirely fabricated rather than representative of an undetected intrusion.

You can read the new research here: https://www.guidepointsecurity.com/blog/gritrep-0apt-and-the-victims-who-werent/

Leave a comment »

GenAI boosts productivity by nearly 4 hours a week but gains are highly uneven: Nexthink

Posted in Commentary with tags on February 9, 2026 by itnerd

New research from Nexthink, the global leader in Digital Employee Experience (DEX) management, reveals that users[1] of Generative AI (GenAI) tools save a net average of 3 hours and 47 minutes per week.[2] However, the analysis finds that there are huge discrepancies between the four market-leading tools, with ChatGPT boosting productivity by more than double that of Copilot.

Tool[3]Average engagement time per user per weekEstimated net time saved per user per week
ChatGPT2hr 47mins5hr 46mins
Claude2hr 30mins3hr 23mins
Copilot2hr 40mins2hr 45mins
Gemini2hr 13mins4hr 46mins

The analysis, based on 4.9m sessions per day across 3.4m employees, also finds users tend to engage with GenAI 10 times per day, for a total of three hours and fourteen minutes per week on average.[4] However, there are significant numbers of users who are yet to engage with any of the Big Four tools.

While businesses have been quick to embrace GenAI, a lack of visibility around which tools are being used, by whom, and for what purposes, has been a significant problem in understanding the value they are getting from these investments. Nexthink AI Drive solves this problem by consolidating visibility, usage, guidance, and measurement data into a single vantage point. Combining this robust DEX data with user sentiment analysis, it uncovers employee pain points and adoption barriers, enabling organizations to provide better adoption support and employees to gain confidence faster.

To find out more about GenAI adoption or to discover how such tools are being used in your organization, please visit Nexthink’s AI Activation Playbook.

[1] Employees who log in at least once a week to any GenAI tool

2 Based on self-reporting from 5,000 end users between 30th October – January 29th of estimated time saved when using GenAI tools.

3 Overall averages reflect usage across all GenAI tools observed and are weighted by real-world usage levels (the four tools shown are the most used, but not used equally)

4 Data collected between 30th October 2025 – 29th January 2026 from Nexthink products AI Drive and AppEx. Data has been collected as a benchmark of tools across organizations. As such, in-house tools use has not been included in the analysis. All other product names, logos, brands, and other trademarks included in this release are the property of their respective trademark holders, and use of them does not imply any affiliation with or endorsement by them.

Leave a comment »

« Older Entries
Newer Entries »