SIOS Technology Corp today announced the availability of LifeKeeper v10, featuring the new LifeKeeper Web Management Console (LKWMC) management console. LKWMC provides a unified, intuitive user interface across both Linux and Windows environments, giving system administrators unprecedented visibility and control while dramatically simplifying the management of complex, mission-critical high availability and disaster recovery configurations.
New in SIOS LifeKeeper v10:
LifeKeeper/Windows Management Console (LKWMC): Delivers simplified HA management with a consistent interface across Windows and Linux operating systems, enabling cost-saving ease-of-use for MSPs and organizations managing applications across multiple operating systems. New design includes built-in tips and tools for further streamlined integration.
Enhanced Disaster Recovery in Red Hat Environments: The DRBD Application Recovery Kit (ARK) for LifeKeeper now offers seamless integration with RHEL 9.6 and RHEL 10, extending 3- and 4-node disaster recovery capabilities to a wider user base.
DataKeeper Replication Support for RHEL 10: DataKeeper Linux delivers straightforward, cost-effective data replication and high availability on RHEL 10, along with other supported operating systems.
Native PowerShell support. PowerShell is now supported as a scripting language for building Generic Application Recovery Kits, offering greater flexibility and ease of automation.
Improved Installer Interface: A redesigned installer provides a streamlined experience, allowing users to select all required components from a single, intuitive screen.
Pricing and Availability
SIOS LifeKeeper v10 is currently generally available. SIOS software is priced by the server node and offers perpetual, subscription and consumption (cloud marketplace) options.
Posted in Commentary with tags Recast on December 8, 2025 by itnerd
Recast, a leader in modern application and endpoint management, today announced it has been awarded 12 badges in G2’s Winter 2026 Reports. The recognition from G2, the world’s largest and most trusted software marketplace, underscores the exceptional value that Recast delivers to its global customer base through its popular Right Click Tools product.
These accolades reflect Recast’s outstanding performance in customer satisfaction and product usability, driven by solutions that deliver strong ROI, streamline daily operations, and enhance security. Recast’s G2 badges span categories including enterprise configuration management, patch management, endpoint management, and more. Consistently positive reviews in these key areas emphasize Recast’s unwavering commitment to providing reliable, high-value solutions that empower IT teams to simplify systems management and reduce security vulnerabilities.
Addictive scrolling, which develops faster than you think, is not the only thing you should watch out for this holiday season.A Surfshark expert highlights the main online risks you can encounter while scrolling.
Unsupervised AI shopping agents
AI shopping agents are a booming trend, with Big Tech announcing AI updates that can buy the exact sweater you are searching for and even call the shop to ask if they have it in stock. The trend of using chatbots like ChatGPT or Gemini AI to assist you with shopping is also at its peak.
Tomas Stamulis, Chief Security Officer at Surfshark, says the risk arises when you trust AI shopping assistants entirely and without double-checking. “I sometimes use a chatbot to help me with shopping. However, I evaluate what online shops it offers because sometimes they can be scams, taking me to malicious websites. So, always review what AI suggests before purchasing, and never grant unlimited access to your financial details.”
Phone snatching in Christmas markets
Phone snatching, when street criminals take your mobile phone from your hands, usually unlocked, is a particularly common crime in crowded Christmas markets. A moment of your distraction can result in far-reaching consequences. According to Surfshark expert Tomas Stamulis, taking simple steps can help protect you from the damage caused by phone snatching. “Stay vigilant in public, especially in crowded or high-risk areas. Keep your phone out of sight when not in use. Use an anti-spying screen so people around you can’t easily see what you’re doing. Also, ensure “Stolen Device Protection” is active on iOS or “Theft Protection” on Android (depends on device) and your home and work addresses are correct.”
Sneaky links in Christmas greetings
People’s interest in creating Christmas greetings online and sharing them with loved ones does not go unnoticed by scammers. You probably receive those snappy interactive greetings via social media, email, and SMS. Thank the sender for goodwill, yet never click the links included in those greetings. If you did and were led to a strange site, we hope you didn’t provide any of your private information, such as your real name, surname, email address, telephone number, or home address.
Sorry, it’s too good to be true
Have you ever encountered a Christmas deal that seemed too good to be true? It probably was. Scammers create fake gift deals for popular and hard-to-find items to trick shoppers into falling for them. Mr. Stamulis advises being skeptical of Christmas deals that seem unrealistically good. “Always verify the offer by checking the retailer’s official website. If you spot something that seems like a ‘hot deal’, look closely at URLs and other text for typos or unusual characters, which are red flags.”
Gifting your personal data via public Wi-Fi
Free Wi-Fi is available at cafes, restaurants, train stations, hotels, and other public spaces for your convenience. It’s just that the number one rule for a privacy-conscious person is never to use free public Wi-Fi. Public networks are frequently exploited by hackers, who can intercept sensitive data, including account credentials, email addresses, passwords, and financial information. “Without an active VPN, using public Wi-Fi is insecure; it’s like gifting your personal data to total strangers,” points out Tomas Stamulis.
Christmas cleaning your private data will thank you for
Most people want to tie up loose ends before the New Year. Paying back debts, making peace with those you’ve argued with, and just finishing unfinished business. Review the apps you’ve accumulated over the year and get rid of those that just take up space. Surfshark conducted at least a few studies that revealed mobile apps to be extremely data-hungry and privacy-intrusive. Your private data will thank you for this Christmas cleaning.
ABOUT SURFSHARK
Surfshark is a cybersecurity company offering products includingan audited VPN, certified antivirus, data leak warning system, private search engine, and a tool for generating an online identity. Recognized as a leading VPN by CNET and TechRadar, Surfshark has also been featured on the FT1000: Europe’s Fastest Growing Companies ranking. Headquartered in the Netherlands, Surfshark has offices in Lithuania and Poland. For information on Surfshark’s operations and highlights, read our Annual Wrap-up. For more research projects, visit our research hub.
Posted in Commentary with tags DH2i on December 7, 2025 by itnerd
Today I have Don Boxley, CEO and Co-Founder of DH2i speaking about his three top 2026 Predictions. They are as follows:
Prediction 1: AI Outages Become the New “Ransomware Moment”
“In 2026, the biggest wake-up call for enterprises will be unexpected AI outages. As more organizations rely on AI systems for customer service, fraud detection, claims processing, supply chain routing, and decision automation, even a few minutes of downtime will create real-world business disruption. We’re moving into an era where AI is fully embedded into workflows, which means the databases, pipelines, and connections behind those AI systems must be architected for continuous availability. The companies that treat AI like a traditional app are going to run into the same wall we saw with ransomware years ago: you don’t realize how fragile the architecture is until it breaks.
What I’m seeing going into 2026 is a shift from ‘How do we deploy AI?’ to ‘How do we keep AI running, resilient, and trustworthy every second?’ The winners will be the companies that build durable foundations – resilient failover, airtight DR strategies, and secure, persistent connections between every environment where the data and compute live. AI will only be as reliable as the infrastructure supporting it. Businesses have to treat availability and security as non-negotiable if they want AI to successfully transform outcomes.”
Prediction 2: Multi-Cloud Fragmentation Becomes a Crisis
“Whether they planned it or not… by 2026, nearly every enterprise will be operating in a patchwork of public cloud, private cloud, containers, and edge environments. When apps need to talk to each other securely, or when data must move quickly and reliably to support analytics and AI, that fragmentation will become a real liability. Teams are already discovering that traditional networking and legacy failover approaches simply don’t work at multi-cloud scale. The complexity isn’t slowing down – so the resiliency architecture and network connectivity has to evolve to match the world we’re deploying into.
What I expect to see in 2026 is a massive shift toward secure, lightweight, point-to-point connectivity models built on zero-trust principles. Companies need a way to ensure constant uptime, fast recovery, and secure movement of data across clouds without wrestling with brittle tunnels or static network overlays. High availability isn’t just about servers anymore – it’s about the entire distributed fabric staying resilient. Businesses will choose solutions that let them seamlessly failover across clouds, maintain jurisdictional control, and securely reach any resource from anywhere. That’s the only way to operate confidently in a multi-cloud world.”
Prediction 3: Disaster Recovery Moves From “Backup Plan” to “Active Architecture”
“For years, disaster recovery has been the fire extinguisher in the hallway – something everyone pays for but hopes they’ll never have to touch. That thinking won’t make it through 2026. Regulators are tightening the screws in finance, healthcare, and government. Cloud regions are going dark without warning. Geopolitical tensions and climate disasters are taking entire data centers offline. The idea that a single cloud or region can keep you safe is becoming a dangerous illusion. Disruption isn’t the exception anymore. It’s the operating environment.
The companies that don’t get caught flat-footed will treat resilience as a living, breathing part of their architecture – not an afterthought. Cross-region and cross-cloud failover will shift from “nice to have” to the only sane way to run a business. And whether critical apps come back online fast enough will depend on secure, low-latency connections that don’t crumble under pressure. In 2026, resilience becomes a board-level concern. The organizations that invest in it now will be the ones still delivering uninterrupted services when everyone else is scrambling to recover.”
With 2026 around the corner, I’m able to share predictions from Lee Sult, Chief Investigator at Binalyze, who has shared his thoughts on the cybersecurity trends that he thinks will dominate next year.
Security budgets will finally rebalance as leaders accept that attacks are inevitable
“For years, cybersecurity budgets have been heavily skewed towards prevention, with organizations spending on average twice as much on keeping threats out as they do on investigation and response. But recent attacks, like those on Jaguar Land Rover and M&S, have shown the real cost of delayed response and recovery – adding to an estimated $48.1bn in losses for US organizations alone.
“In 2026, we’ll see a major rebalancing in cyber budgeting. With 84% of enterprises saying successful cyberattacks are “inevitable”, they will shift to a 50/50 split in their security spend, opting for more investigation, response and recovery capabilities. When visibility is lost, insight is incomplete and recovery stalls – bringing operations to a grinding halt. The financial and reputational impact of these failings can become more of a disaster than the actual attack.”
Response time will become the defining measure of cyber resilience
“As cyber threats evolve and intensify, especially with the help of AI, organizations, regulators and stakeholders have accepted a hard truth: attacks aren’t just a possibility anymore, they are inevitable. Even organizations with the deepest pockets for cybersecurity find themselves breached. That’s because even the most rigorous controls can’t completely ensure you can keep attackers out. Prevention alone simply isn’t working.
“It’s time we reset the definition of security. Success isn’t “never getting breached” anymore – that ship sailed a long time ago. The real question is: how fast can you detect it, stop the bleeding, and get back on your feet? And can you prove what happened with enough clarity to make regulators and insurers nod instead of dig? Every hour of delay costs $100,000 or more in operational costs – and that’s before legal actions, headlines, or board meetings.
“This is the new standard: resilience over prevention. That’s what your investors care about, what regulators are starting to measure and where security teams are placing their bets.”
Organizations will stop waiting for regulations to drive better behaviour
“In 2026, CISOs will stop waiting for regulation and instead take the lead on security. Regulations move too slowly to keep pace with today’s threat landscape. This year alone we’ve seen CIRCIA delayed and CISA expire, delaying best practice in sharing intelligence.
“By the time rules are updated to meet the status quo, attackers have already forged a new weapon. Recent breaches have shown that following rules and regulations can’t protect organizations from attacks. The ability to investigate incidents, understand what happened and share intelligence is what truly strengthens defense.
“Many organizations will come to the conclusion that compliance is only a starting point and is not going to save them during a major incident. Recognising resilience against attacks depends on internal maturity rather than external rules, they will build their own operational capability for investigation and response.”
Posted in Commentary with tags Hypori on December 5, 2025 by itnerd
Hypori today announced the release of its inaugural 2025 Virtual Mobile Infrastructure Report: Trends in Secure Mobile Access & BYOD, a first-of-its-kind survey of 1,000 global security, risk, mobility, and BYOD decision-makers. The findings paint a stark picture: Organizations face massive mobile security vulnerabilities as they increasingly embrace BYOD strategies. Traditional mobile security tools are failing to mitigate these risks while also compromising employee privacy. Organizations are rapidly shifting toward VMI to deliver secure mobility.
Some key findings from the 2025 VMI Report include:
92% of security and risk leaders face challenges in Zero Trust implementation.
69% of organizations report that their invasive mobile security controls negatively impact user satisfaction or productivity.
77% of organizations with Mobile Device Management (MDM) admit to major limitations in their current solution.
47% identify employee privacy violations as one of the biggest risks in mobile security.
Shockingly, only 29% of organizations say employee privacy is a top priority in mobile security.
Only 39% of organizations consider their mobile security posture to be “very mature.”
The report highlights how VMI is rapidly gaining momentum as the secure, user-friendly alternative for government agencies, highly regulated industries, and enterprises balancing zero trust requirements with budget constraints. By removing data from devices altogether, VMI not only simplifies compliance with regulations such as Cybersecurity Maturity Model Certification (CMMC), but also delivers measurable cost savings and productivity gains.
The 2025 VMI Report shows that secure mobility requires a data-centric, privacy-driven approach, not device control. Virtual Mobile Infrastructure provides an easier way to eliminate endpoint risk, strengthen compliance, and safeguard enterprise workforces with seamless Zero Trust principles.
Posted in Commentary with tags Hacked on December 5, 2025 by itnerd
Researchers have confirmed that the LummaC2 infostealer log has infected a North Korean threat actor operating as a sophisticated malware development rig. The machine is directly linked to the broader North Korean threat ecosystem and infrastructure associated with the historic $1.5 Billion ByBit Heist. BBC news has more details on the heist. And you can find more details about the North Korean Malware here:
Ensar Seker, CISO at threat intel company SOCRadar, provided the following comments:
“Prediction: AIOps will transition from observability to autonomy. In 2026, AIOps will evolve from a support tool into a semi-autonomous agent capable of executing remediation workflows across hybrid environments. What used to be alerts and recommendations will become real-time auto-responses to performance anomalies and security threats. We’ll see a convergence of observability, threat detection, and infrastructure automation powered by specialized LLMs trained on enterprise telemetry. The challenge won’t be in detection anymore, it’ll be in trust, governance, and interpretability of the decisions AIOps platforms make.
“Prediction: Developer copilots will shift from code completion to context-aware agents. By 2026, developer AI tools will no longer be just autocomplete engines, they’ll become full-blown context-aware agents that understand project architecture, regulatory boundaries, and CI/CD constraints. These AI-powered copilots will write unit tests, generate documentation, enforce security guardrails, and even suggest architecture changes during sprints. The best tools will be deeply integrated with threat intelligence and compliance engines, transforming developers into secure-by-default builders.
Prediction: Agentic AI will revolutionize DevSecOps. The next wave of AI development will revolve around agentic architectures, AI that can plan, reason, and act across systems. In DevSecOps, this means AI that not only flags vulnerabilities, but also files a Jira ticket, forks the repo, fixes the issue, and raises a pull request, without human intervention. This isn’t science fiction, it’s already happening in prototype environments, and by 2026, security teams will increasingly rely on agentic AI to handle low-level security debt while focusing on strategic risks.”
North Korea continues to up their game when it comes to being a threat actor. Thus those of us who are responsible for defending against their attacks should consider this to be fair warning that they also need to up their game.
Posted in Commentary with tags CISA on December 5, 2025 by itnerd
The CISA, the NSA, and Canadian Centre for Cyber Security are warning that the People’s Republic of China (PRC) state-sponsored cyber actors are using BRICKSTORM malware for long-term persistence on victim systems.
Ensar Seker, CISO at threat intel company SOCRadar, provided the following comments:
“The recent advisory from CISA, NSA and the Canadian Centre for Cyber Security (Cyber Centre) confirms that a China‑linked actor is using BRICKSTORM to compromise virtual‑infrastructure environments, creating hidden virtual machines, harvesting credentials via cloned VM snapshots, and maintaining long dwell times of up to 393 days.
What’s especially alarming about this campaign is that it targets the virtualization layer itself, not the OS or applications, which historically receives less attention. Once the hypervisor or management console (vCenter) is compromised, attackers gain broad visibility over the virtual infrastructure and can bypass many traditional endpoint defenses (like EDR), because these often don’t monitor hypervisor behavior or VM snapshot manipulation.
For defenders, the implications are stark: if you run VMware vSphere or ESXi, particularly with vCenter exposed internally or weakly segmented, you are directly in scope. This means organizations must treat virtualization infrastructure as a critical attack surface with the same urgency as public‑facing apps or legacy enterprise systems.
Immediate steps: apply detection signatures/YARA and Sigma rules from the joint CISA/NSA report to hunt for BRICKSTORM indicators; audit VM snapshot creation and export logs; restrict vCenter access tightly; segment management consoles from general workloads; block unauthorized DNS‑over‑HTTPS (DoH) traffic from servers; and ensure build‑in and third‑party monitoring includes hypervisor‑level telemetry.
In short, this isn’t just another malware campaign. It’s a wake‑up call showing that adversaries are shifting upward in the stack, targeting the foundations of virtualization rather than individual VMs. For many organizations, exposure will only be obvious after they start actively hunting for hypervisor‑layer compromise. Let me know if you’d like a short quote or deeper technical breakdown to include.”
Everyone needs to pay attention to this as it is clear from this alert that the bad guys are changing the tactics that they use to get a bigger payoff at the end of the day. Which is bad for all of us and requires immeidate attention from defenders.
Cybersecurity researcher Jeremiah Fowler recently discovered a non-password-protected database containing over one million sensitive records belonging to Magic Edit, a popular AI image generator tool developed by BoostInsider Inc.
In a few words, the publicly accessible database:
exposed 1,099,985 images and video files;
included face-swapped images on AI-generated bodies converted into sexually explicit images;
contained unaltered images of real individuals, possibly uploaded as references and presumably without those individuals’ knowledge or consent.
If you wanted proof of how reliant the Internet is on content delivery network Cloudflare, this should provide you proof of that. For the second time in a few weeks, Clouldflare takes down the Internet due to an issue that they have resolved as I type this according to their status page. The incident began around 09:00 UTC, and affected much of the web with X, Substack, Canva, LinkedIn, Deliveroo, Spotify, and ironically Downdetector which reports on outages on the Internet, among others going down.
What this makes clear is that putting all of your eggs in the Cloudflare basket isn’t a good idea. Thus maybe there needs to be a wide ranging discussion on how to make the Internet more resilient without relying on a single provider. Just a thought.
SIOS LifeKeeper v10: Expanding Control and Streamlining HA/DR Management for System Admins
Posted in Commentary with tags SIOS Technology on December 8, 2025 by itnerdSIOS Technology Corp today announced the availability of LifeKeeper v10, featuring the new LifeKeeper Web Management Console (LKWMC) management console. LKWMC provides a unified, intuitive user interface across both Linux and Windows environments, giving system administrators unprecedented visibility and control while dramatically simplifying the management of complex, mission-critical high availability and disaster recovery configurations.
New in SIOS LifeKeeper v10:
Pricing and Availability
SIOS LifeKeeper v10 is currently generally available. SIOS software is priced by the server node and offers perpetual, subscription and consumption (cloud marketplace) options.
Leave a comment »