DeadLock Ransomware Uses New “BYOVD” Method to Disable EDR 

Posted in Commentary on December 10, 2025 by itnerd

Researchers have revealed that a financially motivated threat actor deploying DeadLock ransomware has adopted a sophisticated Bring Your Own Vulnerable Driver (BYOVD) tactic to bypass and disable endpoint detection and response (EDR) mechanisms.

Talos observed a threat actor leveraging a BYOVD technique to disable endpoint detection and escalate privileges in an attack that eventually delivered DeadLock ransomware as the payload. 

The attack relied on “BdApiUtil.sys”, a legitimate Baidu Antivirus driver containing an Improper Privilege Management vulnerability with CVE-2024-51324  which the actor disguised using the file name “DriverGay.sys”. This Improper Privilege Management vulnerability exposes a critical function in the driver program that allows unprivileged users to terminate any process on the system at the kernel level. 

Commenting on this is Borja Rodriguez, Manager of Threat Intelligence Operations at Outpost24:

“This technique is not new. It follows a pattern we have seen for many years. The concept of abusing signed drivers is old.  Drivers have long been a privileged entry point to the kernel (and thus attractive for attackers). But such abuses often occurred under vague names (“rootkits,” “driver exploitation,” “kernel-mode malware”), that weren’t necessarily documented under a unified label like “BYOVD.”

Campaigns like InvisiMole and Slingshot APT (both reported in 2018) already used similar methods, taking advantage of vulnerable or malicious drivers to gain high privileges, hide activity, and bypass security tools. These cases showed early examples of what we now call BYOVD attacks.

In the ransomware world, this isn’t new either. Groups such as Cuba Ransomware have already used BYOVD techniques to disable security products by loading vulnerable drivers and terminating protection processes. The technique itself hasn’t changed much. What has really changed is that attackers have learned how profitable ransomware can be, so they are reusing methods that previously appeared mainly in espionage operations.

Overall, this reflects a simple trend: if a technique works for one threat actor, others will copy it. Just like trends in other industries, proven tactics tend to come back again and again.”

This is one of those cases where everything old is new again. That’s something for defenders to keep in mind as they work to keep their organizations secure.

UPDATE: Ensar Seker, CISO at SOCRadar adds this: 

“The use of BYOVD by the DeadLock ransomware group is a stark reminder that ransomware actors are no longer just encrypting files, they’re now going after the very defenses meant to stop them. By leveraging signed but vulnerable drivers to disable EDR, threat actors can effectively go ‘under the radar,’ removing visibility at the precise moment an attack unfolds. This is no longer just a red team tactic, it’s now weaponized in the wild by financially motivated actors. Organizations must harden their driver policies, implement driver blocklists like Microsoft’s recommended vulnerable driver list, and monitor for suspicious driver loads in telemetry. Endpoint protection alone is no longer enough; a layered, adversary-aware defense model is required.”

Leave a comment »

Crossroads Church Transforms Campus Safety and Visibility with EnGenius AI-Powered Surveillance and Cloud-Managed Network Upgrade

Posted in Commentary with tags on December 10, 2025 by itnerd

EnGenius Technologies today announced that Crossroads Church in Rowlett, Texas has completed a comprehensive security and network modernization project using EnGenius AI cameras, multigigabit switches, and Wi-Fi 7 access points. The upgrade delivers complete visibility across the church’s 30,000-square-foot facility and 15-acre campus, providing staff, volunteers, and families with unprecedented peace of mind.

Rapid Growth Drives Need for Enhanced Safety

Serving more than 1,200 members and hosting daily activities including worship services, youth programs, daycare, and community outreach, Crossroads Church faced increasing challenges with its aging surveillance system. The church’s legacy NVR-based surveillance system left numerous blind spots and lacked the clarity, storage, and analytics needed to support a large, active campus.

A Unified EnGenius Solution

Crossroads Church partnered with Smart Technology Solutions to implement a full-scale modernization built on EnGenius cloud-managed technology. The deployment includes:

  • 57 EnGenius ECC100 AI surveillance cameras for complete indoor, outdoor, and parking-lot coverage
  • Multi-gig EnGenius ECS2552FP and ECS2528FP switches supporting high-capacity video, livestreaming, and campus-wide traffic
  • 12 EnGenius ECW536 Wi-Fi 7 access points providing fast and reliable wireless connectivity for staff, classrooms, and production teams
  • single-pane-of-glass cloud dashboard delivering centralized management, real-time monitoring, and instant event review

AI Features Unlock the Future of Campus Security

The church has begun using contextual AI analytics, including event detection, vehicle tracking, and customizable alerts. Over time, leadership plans to expand their use of EnGenius AI capabilities to detect human activity, interpret complex scenarios, analyze movement trends, and enhance after-hours oversight — further improving campus safety.

Meet the AI That Turns Video into Insight.

Ever spent hours scrubbing through video just to find one five-second moment? With EnGenius Cloud AI, those days are over. It eliminates the biggest headaches of traditional surveillance—false alerts, slow investigations, and endless manual review—by delivering real-time intelligence and natural language search. Instead of generic motion notifications, the system interprets what it sees, recognizing behaviors with context so the team receives fewer false alarms and earlier warnings when something seems off.

And when it’s time to find footage, there’s no need to dig through timelines—simply enter a description like “person in a red hoodie with a black backpack,” and the system instantly retrieves the precise clips from any camera or location. This smarter, context-aware approach helps staff work faster, respond with confidence, and stay focused on what matters most. More than a camera system, it’s a smart security assistant that makes investigations faster, simpler, and far more effective.

Key Camera Features

  • 5MP HDR Clarity: Sony Starvis sensor ensures clear day-and-night visuals. 
  • Ultra-Wide Coverage: 132° view and 20m IR distance for versatile environments. 
  • 8GB eMMC Flash Storage + 4GB DDR4 Memory: Delivers reliable onboard flash storage and efficient multitasking for smooth, stable performance.
  • Built-in Storage, No NVR Needed: ECC100 includes 256GB of reliable onboard storage, supporting continuous and event recording 24/7 for immediate footage access.
  • Durable Build: IP67 weatherproof and IK10 vandal-resistant design. 
  • Cloud Access & Mobile Monitoring: Manage cameras anytime, anywhere. 

The Next Era of Intelligent Surveillance

With the launch of its AI Cloud Surveillance Solution and ECC100 AI Camera, EnGenius once again sets a new benchmark for intelligent security—empowering businesses to stay one step ahead with smarter, faster, and more reliable protection.

Availability

The ECC100 is available from EnGenius authorized resellers and distribution partners. For additional product specifications and purchasing information, visit:
https://www.engeniustech.com/casestudies/crossroads-church-gains-peace-of-mind-and-complete-visibility-with-engenius-ai-surveillance-camera-setup/

Leave a comment »

Over 4 billion lead-generation records exposed, including LinkedIn profiles 

Posted in Commentary with tags on December 10, 2025 by itnerd

Cybernews has discovered an unprotected 16TB database leaking 4.3 billion lead-generation records. The data included professional and corporate intelligence data such as LinkedIn URLs. The leak has now been closed, but it is unclear how long the data was exposed before Cybernews discovered it.

Key findings:

  • Nine collections of data were uncovered inside the leaked dataset, containing a total of 4.3 billion records. 
  • At least three collections included personally identifiable information (PII), such as full names, emails, phone numbers, LinkedIn data, location, and social media accounts.
  • The leak most likely stemmed from a common mistake where databases are left exposed without proper authentication due to human error.
  • The data may have been collected within the last two years, spanning multiple regions worldwide.

The dataset likely belongs to a specific lead-generation company that helps 700 million professionals connect with each other. After researchers notified the company about the potential data leak, the exposed instance was closed the next day. However, there is a chance another party is at fault, which is why we have refrained from naming the company.

For more information on this, here’s the full report: https://cybernews.com/security/database-exposes-billions-records-linkedin-data/ 

UPDATE: I have some commentary on this news:

Noelle Murata, Sr. Security Engineer, Xcape, Inc.:

   “This data leak is shocking, not just because of its sheer size, over 4 billion records and 16 terabytes, but because it’s meticulously organized. It’s LinkedIn-sourced information, mapping individuals, their employers, and company connections, which is exactly what attackers need for sophisticated phishing and business email compromise (BEC) attacks. The unique data collections and intent suggest a curated enrichment process, transforming scraped data into a ready-to-use targeting tool.

   “Leaving a MongoDB instance unprotected is a basic error, yet the ramifications are significant: years of employment histories, contact networks, and social connections, all difficult to change or mitigate. With the owner still unidentified, victims can’t even hold anyone accountable or demand fixes, a concerning trend in large-scale data breaches.

   “This isn’t a hack, but a blatant oversight: a simple misconfiguration exposed a huge amount of sensitive corporate relationship data for an unknown period. The unknown owner now faces immense liability, essentially providing bad actors with an unauthorized, pre-built resource.”

   “When security posture management is ignored, a single misconfigured database becomes a multi-billion-dollar master key for global corporate espionage.”  

Aaron Colclough, VP of Operations, Suzu Labs:

   “This isn’t the first time we’ve seen MongoDB misconfigurations expose millions of data points, and it likely won’t be the last. The ‘secure by default’ principle still isn’t being followed leaving these databases often deployed with authentication disabled for convenience during development, then pushed to production without remediation.

   “4.3 billion records with 16 terabytes of enriched professional data represents one of the largest exposures of business intelligence data we’ve seen. It’s complete professional dossiers including employment history, education, certifications, and behavioral intent data. This is a social engineering goldmine. The ‘intent’ collection with over 2 billion documents is particularly concerning. Combined with the profile data, this enables highly targeted spear-phishing campaigns that reference specific professional interests or recent activities.

   “Most professionals don’t realize that their LinkedIn profile, employment history, and even behavioral patterns are being aggregated, enriched, and sold by platforms they’ve never heard of. When these data brokers fail to secure their databases, the professionals whose data they’ve collected suffer the consequences, but have no contractual relationship to seek damages.”

Hom Bahmanyar, Global Enablement Officer, Ridge Security Technology Inc.:

   “The widespread misconception that detection of weak credentials across an organization’s assets requires specialized GPUs and scheduled downtime has unfortunately led to inaction on the part of many organizations.

   “Brute-force detection of weak credentials is an easy win that’s often ignored. It can serve as a practical interim measure and later be expanded into more sophisticated solutions.

   “Security Validation platforms generally provide credential dictionaries for various applications, databases, and protocols to support brute-force weak credential detection. Incidents like the unsecured MongoDB breach could have been easily avoided with such measures.”

Leave a comment »

TELUS partners with Qohash to bring advanced data security to Fuel iX

Posted in Commentary with tags on December 10, 2025 by itnerd

TELUS and Qohash, Canada’s leader in data security posture management, today announced a strategic partnership that will embed enhanced data protection into TELUS’ generative AI platform, 

Fuel iX™, and enable users to leverage its AI capabilities with real-time visibility into how sensitive data is continuously protected.

Qohash’s patented edge data security technology, Qostodian, will be integrated into Fuel iX™ and TELUS Digital’s AI-powered 

customer service solutions to deliver unmatched visibility and control, providing users with real-time identification of sensitive data, classification and continuous monitoring capabilities across their AI workflows. A pan-Canadian solution and the only Canadian data security company with intellectual property entirely researched, designed, and owned domestically, Qohash provides end-to-end control over the entire technology stack and value chain — a critical requirement for organizations in defence and other high-assurance sectors.

TELUS Sovereign AI Factory while having complete confidence that their sensitive data is protected and monitored with Canadian resilience at its core. This is about enabling secure-by-design AI for the enterprise, with the sovereignty and performance that Canadian organizations demand.”

This alliance sets a new standard for digital trust in Canada and strengthens TELUS’ position as Canada’s premier AI provider. Fuel iX™ customers will also be able to access models running on the TELUS Sovereign AI Factory, internationally recognized as Canada’s fastest and most powerful supercomputer on the global 

TOP500 list, enabling organizations to harness cutting-edge AI capabilities while upholding rigorous data protection standards with an unwavering commitment to sovereignty.

Qohash’s Qostodian platform employs patented edge data security technology that detects, classifies and protects sensitive data, – including personal, health, corporate and financial information – where it resides, whether on-premises, in private clouds or within enterprise AI workflows. Unlike traditional security tools that move data to third-party environments for processing, Qostodian secures data directly at the source, providing continuous oversight, automated compliance monitoring and reduced risk of data exposure. This protection strengthens operational sovereignty, optimizes storage environments, and enables Canadian organizations in highly regulated sectors to meet stringent data residency and security requirements – a core capability for businesses as data control becomes a decisive competitive advantage.

The partnership addresses a critical gap in Canada’s AI ecosystem: organizations need both high-performance AI infrastructure and advanced data protection to confidently deploy AI for their most sensitive workloads. By combining TELUS’ Sovereign-by-Design infrastructure to maximize Canadian operational control across every layer, from chips to software to networks, with Qohash’s patented edge security technology, Canadian organizations gain unprecedented capability to innovate while maintaining sovereignty. This is particularly critical for sovereignty-sensitive sectors already leveraging TELUS’ infrastructure, including healthcare, government and financial services sectors.

Leave a comment »

2026 Security Predictions From HP

Posted in Commentary with tags on December 10, 2025 by itnerd

Attackers will accelerate their investments in cookie theft

Ian Pratt, HP Global Head of Personal Systems Security

Generalized MFA deployment will accelerate threat actors’ switch to stealing cookies and tokens instead of passwords. This means threat actors will need to act swiftly from time of theft, utilizing the stolen cookie before it expires to insert backdoors that then grant them persistent access. Online marketplaces will expand to enable this with rapid trading and exploitation.

Defenses against cookie and token theft are not mature and are inconvenient for users. This means that we will see attacks involving such theft becoming increasingly commonplace. This is particularly serious for privileged users such as sysadmins, who frequently use web browsers to access high value administrative web sites, such as EntraID, InTune, or AWS web portals, where cookie theft creates an easy path to a catastrophic enterprise breach.

Issuing sysadmins with a second PC, a Privileged Access Workstation (PAW), is today’s recommended best practice, but is far from universally implemented, and there are plenty of examples where PAWs themselves have become compromised.

For critical applications, enterprises are going to need to look toward additional layers of defense, such as strong isolation and application security posture attestation.

Cybercriminal Groups Will Rely on AI Agents to Automate Reconnaissance and Target
Organizations

Alex Holland, Principal Threat Researcher in the HP Security Lab

“In 2026, we expect to see organized crime groups automate workflows and outsource more tasks using AI agents in their attacks, especially preparatory tasks like researching victims to target. Beyond this, rapid improvements in large language models and agentic AI systems are expanding their role in the attack lifecycle. Threat actors will no longer limit their AI use to basic automation or phishing content creation. They will also start using AI to assist with complex tasks like vulnerability discovery.

“AI assistance will help threat actors to scale their operations, making campaigns more efficient by reducing the resources and skills attackers need to breach targets.

“Against a barrage of AI-assisted attacks, even the best detection tools will miss some threats. Instead, organizations need to ensure threats can be contained, isolated and remediated, safeguarding their fleets, maximizing uptime and ultimately securing the future of work.”

Physical Attacks on Devices Will Become Cheaper and Easier for Cybercriminals

Boris Balacheff, Chief Technologist for Security Research and Head of the HP Security Lab

“Hybrid work is accelerating the commoditization of attacks enabled by physical access to devices. This is because devices are more exposed as employees are more mobile and distributed, and the tools needed for device tampering become increasingly accessible and affordable. Next year, IT leaders should anticipate this will continue, with easy-to-use exploitation kits and investment by threat actors into new physical attack techniques. In response, security auditors will increasingly focus on how organizations deploy best practices to protect data and device integrity across their fleets of devices.

“Employees today work in cafés, bars, hotels, and conference centers across the globe, using shared infrastructure and peripherals, and giving threat actors ample opportunity to tamper with a device when its owner steps away. With physical tampering, threat actors can seek to exfiltrate data, grasp control of compromised devices to gain broader access to enterprise networks, and even mount destructive attacks to brick devices that are not designed with self-healing built in from the ground up.

“To ensure the Future of Work is secure, organizations will need to prioritize hardware with security and resilience built in at every level. They will need to look for device security capabilities to help protect hardware and firmware integrity, as well as data security, from physical attacks, and learn to integrate hardware-level authentication and attestation into their zero-trust architecture strategies.”

Organizations will Finally Take Notice of IoT, Edge, and Print Security After a String of Attacks

Steve Inch, Global Senior Print Security Strategist at HP Inc.

“After a year of high-profile attacks against connected devices, organizations will finally prioritize security for devices at the network edge. For example, security vulnerabilities allowed for remote takeovers of printers, highlighting the risks of leaving printers unprotected.

“For too long, printers have been the lowest priority on every security team’s list. Many organizations lack basic visibility and control over print infrastructure. This creates security blind spots – from exploitation attempts to insider threats, outdated firmware, malicious updates and misconfigurations, such as open ports or unchanged default credentials.

“These security gaps give threat actors a potential launchpad to not only compromise a printer and the data it holds but also other devices on the network. In the year ahead, organizations and governments will demand that endpoint devices like printers come with continuous and active system monitoring throughout their lifecycle.

“To defend the Future of Work, organizations need to secure their complete device ecosystem, including their printers. They should prioritize the ability to automate print fleet security compliance and automatically assess fleet firmware vulnerability status, minimizing IT overhead in 2026.”

Quantum Resistance will Become a Vendor Requirement

Thalia Laing, Principal Cryptographer at HP Security Lab

“A year on from the introduction of new NIST standards for quantum-resistant asymmetric cryptography, public sector and critical infrastructure companies are going to accelerate planning and vendor engagements to chart a path towards migration. This process will reveal the scale of the challenge: with NIST intending to deprecate RSA-2048 by 2030 and all RSA and Elliptic Curve Cryptography by 2035, many vendors are likely to seize the opportunity to move directly from RSA 2048 to quantum resistant algorithms, particularly in critical industries and long-life systems, such as hardware.

With ongoing advances in quantum computing, the prospect of a quantum computer capable of breaking asymmetric cryptography within a decade is becoming increasingly plausible. The US government’s decision to set a quantum-resistance deadline of 2027 for new National Security System devices signals this urgency.

“To become quantum resilient, organizations must start by preparing their long-lived hardware, including their printers and PCs. With a typical commercial PC refresh averaging at just over 4 years and an even longer lifespan for office-class commercial printers – devices procured in 2026 have the potential to be in use within the timeframe of a cryptographically relevant quantum computer.

“From 2026 onwards, quantum resilience will increasingly influence hardware procurement decisions. This will increase pressure on device manufacturers to future-proof their devices by embedding quantum resistant cryptography into their products, while pushing for the protection of long-life data. By embedding quantum resilience now, organizations can maintain trust in the
technologies shaping the Future of Work.”

The Spotlight draws over Identity, Provenance, and Persistent Control

Peter Blanchard, Document Workflow Security Strategy Principal at HP Inc.

“In 2026, we’ll see efforts within enterprise security shift from fragmented identity frameworks and perimeter-based controls to a unified, data-centric model. Today’s zero-trust implementations often create complexity and fatigue, with identity scattered across users, apps, and devices. This fragmentation leads to blind spots, inconsistent enforcement, and poor user experience. The next phase will prioritize consolidation: centralized identity orchestration that simplifies access, strengthens governance, and reduces operational risk.

At the same time, we’ll see security move from focusing on point of entry, to managing the custody of data throughout its lifecycle. Organizations will need visibility into where data originates, how it is used, and who has access – even after it leaves their boundaries. Identity and policy will travel with the data, embedded through persistent controls, telemetry, and rich metadata. Dynamic permissions such as ‘can I share this?’ will evolve into continuous oversight, ensuring compliance online and offline.

Provenance and lifecycle control will become critical in the age of AI, where transparency and trust are non-negotiable. By embedding identity, custody, and governance controls into the core of digital ecosystems, organizations will achieve stronger, adaptive security that protects without adding friction, safeguarding the Future of Work.”

Leave a comment »

Here We Go Again With Another Critical Ivanti Endpoint Manager Bug

Posted in Commentary with tags on December 9, 2025 by itnerd

I feel like this is groundhog day as we have yet another critical Ivanti Endpoint Manager bug to deal with.

This time around versions 2024 SU4 and below are vulnerable to stored cross-site scripting enabling attackers to remotely execute JavaScript code. Tracked as CVE-2025-10573 with a CVSS score of 9.6 out of 10. The vulnerability was patched on December 9, 2025 so you should patch all the things now.

Details can be found here: https://www.rapid7.com/blog/post/cve-2025-10573-ivanti-epm-unauthenticated-stored-cross-site-scripting-fixed/

Ensar Seker, CISO at threat intel company SOCRadar, commented:

“This latest Ivanti Endpoint Manager flaw underscores a persistent reality in enterprise environments: even widely trusted endpoint solutions can become high-value targets. While CVE-2025-10573 is ‘just’ a stored XSS vulnerability, its exploitation potential, especially when combined with social engineering, can be significant. Remote code execution via JavaScript injection is no longer theoretical in supply chain attacks; it’s become operationally viable. The fact that this requires user interaction doesn’t reduce its threat level when attackers are targeting IT admins or helpdesk interfaces. Organizations must act swiftly to patch, and more importantly, implement rigorous user interface sanitization and privilege segmentation.”

Ivanti users really need to be concerned given the rather bad track record of Ivanti products being anything but secure. That unfortunate fact makes you less secure. Which of course is a problem. One that you may not be able to rely on Ivanti to do anything about.

Leave a comment »

New Dark Web Findings: Credit Cards & Weapon Bot Malware 

Posted in Commentary with tags on December 9, 2025 by itnerd

In a fresh dark web sweep, SOCRadar researchers have discovered three new issues worth immediate attention:

First, there’s a major auction of roughly 413,000 stolen credit cards, mainly from the U.S. and Canada. The seller is bundling cards from multiple leaks and offering a validity-checking service, indicating an organized marketplace rather than a simple dump.

Second, analysts identified a new malware framework called Weapon Bot. It’s delivered via MSI installers, built on Node.js/Rust/PowerShell, and designed to evade detection. It steals browser data, wallet seeds and session tokens, while also functioning as a botnet platform.

Lastly, threat actors are actively seeking a working exploit for CVE-2024-38077 (“MadLicense”), a critical remote code execution vulnerability in Windows Remote Desktop Licensing Service. The demand suggests potential weaponization and real-world attacks.

For full details, the analysis can be found here: https://socradar.io/blog/weapon-bot-toolkit-madlicense-413k-credit-cards/

Leave a comment »

December Patch Tuesday Commentary From Fortra

Posted in Commentary with tags on December 9, 2025 by itnerd

Tyler Reguly, Associate Director, Security R&D, Fortra

Let’s end the year with a statistic that I find somewhat interesting. In 2025, Microsoft patched 1275 vulnerabilities. Which should mean roughly 106 vulnerabilities each month, yet December only saw 70 vulnerabilities when you include the third-party CNA vulnerabilities. If all things were equal, December should account for 8.3% of all CVEs fixed by Microsoft, instead December only contains 5.5% of this year’s total CVEs. I suppose we can thank Microsoft for an early Christmas gift.

We’re ending the year with a vulnerability that is seeing active exploitation, the use-after-free vulnerability in the Windows Cloud Files Mini Filter (CVE-2025-62221). Given that this vulnerability is seeing active exploitation and could lead to SYSTEM level access, this should be the priority for patching this month.

There are two vulnerabilities that Microsoft has rated as Critical this month and it is probably more important that we discuss these than the two publicly disclosed vulnerabilities. For that reason, I would prioritize CVE-2025-62557 and CVE-2025-62554, a pair of use-after-free vulnerabilities in Office, over CVE-2025-54100 and CVE-2025-64671, command injection vulnerabilities in PowerShell and GitHub CoPilot for JetBrains. All 4 vulnerabilities are listed as exploitation less likely, but the Office vulnerabilities list the Preview Pane as an attack vector, and I always find that one of the scariest attack vectors that can be listed. Vulnerabilities that don’t rely on user interaction, are vulnerabilities that we want to pay attention to.

CISO’s this month should remember that their admins have remediated (or at least reviewed) 1275 vulnerabilities from just Microsoft alone this year. It’s been a long, vulnerability filled year for our security teams and I’d imagine they’re tired. Thankfully, Microsoft provided this gift of a smaller Patch Tuesday without too many high-profile items… let your teams relax a little as we wrap up the year, there’s enough other items to keep them busy without stressing over this Patch Tuesday release.

If I were in charge of all aspects of security for an enterprise as we wrap up the year and think about 2026 budgets, I’d probably be thinking about the two critical Office vulnerabilities that impact the Preview Pane and consider the email protections that I have in place and where I can make investments in 2026 to further improve the email security of my organization. Between “silent attacks” that utilize the preview pane, phishing, and all the other risks that come to us via email, it is one of the places where organizations can still do more to shore up their security posture and put themselves in a good place.

Leave a comment »

Introducing HyperDrive NEXT USB4 V2 M.2 PCIe Enclosure

Posted in Commentary with tags on December 9, 2025 by itnerd

 Hyper® today announced the launch of the HyperDrive® Next USB4 V2 M.2 PCIe Enclosure. A CES® Innovation Awards 2026 Honoree, this next-generation expansion solution delivers 80Gbps USB4 V2 connection for high-speed storage and modular PCIe expansion. 

Designed for creators, engineers, and professionals who require fast and reliable data transfer, the enclosure enables full PCIe Gen4 NVMe performance, supports AI-focused PCIe M.2 modules, and features tool-free installation with IP55 dust and water resistance for demanding field or travel environments. 

Engineered for Speed, Expansion, and Durability 

The HyperDrive Next USB4 V2 M.2 PCIe Enclosure delivers true PCIe Gen4 x4 performance via an 80Gbps USB4 V2 connection, enabling faster workflows for content creation, data science, AI development, and high-volume file transfers. 

Its modular design supports PCIe M.2 components such as AI accelerators, allowing users to augment system performance without upgrading their entire laptop or workstation. 

A precision-machined aluminum body provides passive thermal cooling, while the included silicone sleeve delivers IP55-rated dust and water protection—ideal for studio, office, or field applications. And with its tool-free snap-in installation, users can swap SSDs or PCIe modules in seconds. 

Features 

  • 80Gbps USB4 V2 Performance: Experience next-generation bandwidth with true PCIe Gen4/3 NVMe speed for demanding workflows including 4K/8K editing, AI model inference, and rapid data transfer. 
  • Full PCIe Gen4/3 NVMe Compatibility: Unlock the full potential of PCIe Gen4 and Gen3 NVMe SSDs for maximum throughput and workstation-level responsiveness. 
  • Modular PCIe Expansion: Supports PCIe M.2 cards such as AI accelerators for enhanced local computer performance without upgrading your laptop or desktop system. 
  • External Power Support: Provides up to 18W of optional external USB-C power-in to support high-performance NVMe SSDs. When combined with up to 7.5W supplied by the host USB-C port, the enclosure delivers a total of up to 25W of power, suitable for high-draw NVMe devices as recommended by our supplier. 
  • Tool-Free Installation: Open, insert, and close—no screws required, this enclosure is ideal for dynamic workflows with multiple SSDs or PCIe modules. 
  • Premium Thermal Design: Aluminum body with an integrated thermal pad keeps drives running at peak speed under heavy load. 
  • IP55 Protection: The included silicone sleeve shields the enclosure from dust and water spray—built for use in studios, labs, and field environments. 

Availability and Pricing 

The HyperDrive Next USB4 V2 M.2 PCIe Enclosure (HD2500GL) is available starting today for $199.99 SRP throughout the United States, Europe, and other key global regions. 

Leave a comment »

New National Industry Coalition Forms to Propel Canada’s Digital Infrastructure and Drive Global Competitiveness

Posted in Commentary on December 9, 2025 by itnerd

Today marks the official launch of the Canadian Coalition for Digital Infrastructure (CCDI), a national industry-led initiative aimed at promoting the growth and sustainability of Canada’s digital infrastructure. The CCDI brings together cloud providers, data centre developers, co-location operators, equipment suppliers and key partners across the digital ecosystem to create a unified voice for Canada’s rapidly expanding digital infrastructure sector.

With billions planned in private-sector investments over the next five years, Canada stands at an inflection point. The data centre industry already supports tens of thousands of Canadian jobs, a number poised to grow substantially as organizations across every sector accelerate their cloud, AI, and digital transformation strategies.

The Coalition’s mission is to foster a thriving, sustainable, and innovative digital infrastructure industry in Canada while addressing critical challenges that will shape our digital economy. These include ensuring digital sovereignty, advancing environmental sustainability, securing energy capacity for future growth, and developing a skilled workforce capable of powering Canada’s increasingly digital future. As new players enter the Canadian market and federal and provincial governments implement strategic frameworks to attract investment, the CCDI will play a crucial role in coordinating industry-wide efforts to maximize these opportunities.

The CCDI members collectively emphasize that Canada’s future hinges on establishing world-class digital infrastructure as we enter a new era of AI-driven technology. Data centres are as fundamental today to national prosperity as railways and ports have been to Canada’s development. They power the cloud services, AI applications, financial systems, and many more digital tools that Canadians rely on every day. From hospitals and research institutions to small businesses and public agencies, the reliability and resilience of digital infrastructure directly impacts Canada’s economic strength and quality of life.

Through united efforts, coalition members are committed to strengthening these critical digital foundations, positioning Canada to fully leverage AI-driven economic opportunities while maintaining its competitive edge in the global digital economy.

Through comprehensive education and awareness initiatives, the coalition will work to inform the public, policy makers, and stakeholders about the importance of digital infrastructure and its impact on the daily lives of Canadians. By advocating for forward-thinking policies, the CCDI aims to create an environment that nurtures digital infrastructure, including data centre growth across the country.

The coalition is committed to positioning Canada as a prime destination for global data centre investments, leveraging our nation’s unique advantages. Moreover, it aims to bridge gaps between private industry, governments, utilities, academia, and the broader innovation ecosystem, accelerating Canada’s ability to scale digital capacity while ensuring alignment with national priorities.

The launch has been welcomed by stakeholders nationwide.

For more information about the Canadian Coalition for Digital Infrastructure, please visit digitalinfrastructure.ca

Leave a comment »

« Older Entries
Newer Entries »