2025 Holiday Threat Assessment From Flashpoint

Posted in Commentary with tags on November 18, 2025 by itnerd


The 2025 holiday shopping season is expected to bring record retail spending, with US sales projected to surpass $1 trillion USD for the first time. At the same time, this surge in online activity and spending creates a lucrative environment for financially motivated threat actors. 

As cybercriminals intensify their efforts to exploit the holiday season, Flashpoint shares the top cyber and physical threats that people can expect this holiday season:

QR Code Fraud

  • The core technique involves creating convincing fake QR codes, often leveraging readily available public QR code generators that redirect victims to malicious sites.

Gift Card Draining

  • The widespread popularity of gift cards has made them a prime target for organized financial crime, specifically for financially motivated organized fraud groups. 
  • The process is highly organized: first, they lift and reseal the protective sticker to obtain the PIN and card number. Then, the fraud operators leverage specialized software to monitor the card’s status. The moment a consumer purchases and activates the card at the register, the funds are instantly drained.

Phishing and Social Engineering

  • Flashpoint expects threat actors to deploy highly tailored phishing emails and text messages designed to steal sensitive information such as login credentials and financial details from unsuspecting retail employees and shoppers.

Crowds and Physical Violence 

  • While the digital domain encapsulates most of the threats in the 2025 holiday season, large holiday events and public gatherings—such as Black Friday doorbusters and the Macy’s Thanksgiving Day Parade in New York City and various European Christmas markets or Hanukkah events—may become targets, as global social and political tensions remain heightened.

A full blog post has been published on the topic:

Flashpoint’s 2025 Holiday Threat Assessment

Leave a comment »

Microsoft Entra Invitations Hijacked in Surge of TOAD Phishing Attacks

Posted in Commentary with tags on November 17, 2025 by itnerd

A newly identified phishing campaign is exploiting Microsoft Entra tenant invitation functionality to orchestrate TOAD (Telephone-Oriented Attack Delivery) attacks against unsuspecting users. Commenting on this is Ensar Seker, CISO at SOCRadar:

“This campaign is a prime example of how attackers increasingly repurpose legitimate cloud-native features for malicious purposes. By abusing Microsoft Entra’s guest invitation system, the threat actors bypass traditional email filters and exploit trust users place in official Microsoft-branded messages. Because the Entra invitations are often whitelisted and routed through Microsoft’s infrastructure, they have higher deliverability and lower suspicion thresholds.

TOAD phishing attacks differ from traditional credential harvesting because they rely on inducing the user to take offline action usually by calling a phone number. In this case, embedding the phone number within a trusted Microsoft invitation gives the scam an air of legitimacy. Once the victim initiates the call, attackers may request remote access, payment details, or PII under the guise of “fixing” an account issue or refunding a charge.

What makes this campaign particularly dangerous is the convergence of:

  • Trusted delivery mechanisms (Microsoft Entra infrastructure)
  • Minimal technical indicators (no malicious attachment or link to analyze)
  • Social pressure (urgent account issues prompting a phone call)

Traditional email filtering, sandboxing, and EDR tools are less effective here because the initial “payload” is human interaction, not code execution.

Organizations should monitor and audit their Microsoft Entra guest invitation logs for anomalous behaviors such as spikes in external invitations, use of unusual messaging language, or repeated invitations to consumer domains. Security awareness training should explicitly cover TOAD threats and the misuse of trusted platforms to initiate phone-based social engineering.

This is part of a broader trend in adversary-in-the-middle techniques that blend cloud abuse, social engineering, and trust manipulation. It underlines the need for zero trust policies even within SaaS environments, continuous behavioral monitoring, and adaptive email filtering models that account for intent, not just indicators.”

This is a pretty interesting, and not in a good way, attack as it is difficult to defend against. This means that defences will have to be devised quickly or this could easily spiral out of control.

Leave a comment »

Smart gifts, smart prices – your Black Friday tech guide From Samsung

Posted in Commentary with tags on November 17, 2025 by itnerd

With the holidays around the corner Samsung’s Black Friday deals now live:

  • Galaxy Buds3 or Galaxy Buds3 Pro for as low as $39 (with the purchase of an eligible Galaxy device) – Designed for comfort with a new ergonomic fit, the Galaxy Buds3 series delivers immersive sound with Active Noise Cancellation, intuitive swipe controls, and smart features like Interpreter for real-time translation on the go.
  • Galaxy Watch8 or Galaxy Watch8 Classic for as low as $299 (with the purchase of an eligible Galaxy device) – The latest Galaxy Watches introduce advanced health insights like Antioxidant Index and Vascular Load monitoring, plus the return of the rotating bezel on the Classic model for that timeless, premium feel.
  • Save $200 on the Galaxy Tab S10 Lite – The Galaxy Tab S10 Lite offers a large 10.9-inch, 90 Hz display with up to 600 nits brightness and blue-light reduction, paired with an S Pen for fluid writing, sketching and productivity on the go.

For the full list of Samsung Black Friday deals check out Samsung.com/ca for more details or the chart below.

ModelOfferPromo PeriodMain Features
Galaxy Tab A11+Save $100 with Promo Code “TABA11”Nov 13 – Dec 16 ·       Premium design
·       256GB Storage (expandable to 2TB)
·       Galaxy AI (Gemini, Circle to Search, Solve Math)
Galaxy Tab S10 LiteSave $200Nov 12 – Dec 4·       S Pen Included
·       256GB Storage (expandable to 2TB)
·       Galaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy Watch8 & Watch8 ClassicSave $100Nov 12 – Dec 4·       Health and fitness tracking
·       New features include Running Coach and Antioxidant Index
Galaxy Buds3 ProSave $100Nov 12 – Dec 4·       Comfortable fit
·       ANC
·       Interpreter & Live Translate
Galaxy Z Flip7Save $263 with Promo Code “FLIP7BF”Nov 13 – Dec 1·       200MP camera
·       Slim design
·       Expansive unfolding screen
·       Galaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy Z Fold7Save $300 with Promo Code “FOLD7BF”Nov 13 – Dec 1·       200MP camera
·       Slim design
·       Expansive unfolding screen
·       Galaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy S25 EdgeSave $379 with Promo Code “BFS25”Nov 13 – Dec 1·       200MP camera
·       Slim design
·       Galaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy S25 UltraSave $319 with Promo Code “BFS25”Nov 13 – Dec 1·       S Pen included
·       200MP camera·       100x space zoom
·       Long lasting battery
·       Galaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy S25+Save $289 with Promo Code “BFS25”Nov 13 – Dec 1·       Snapdragon 8 Elite
·       Long lasting battery
·       Galaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy S25Save $299 with Promo Code “BFS25”Nov 13 – Dec 1·       200MP camera
·       Slim design
·       Galaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)

Leave a comment »

Logitech Named As The Latest Victim Of The Oracle’s E-Business Suite Vulnerability

Posted in Commentary with tags on November 17, 2025 by itnerd

Recently, Logitech disclosed a data breach after it was named a victim of the hacking and extortion campaign targeting customers of Oracle’s E-Business Suite (EBS) enterprise resource planning solution.

Adrian Culley, Senior Sales Engineer at SafeBreach hd this to say:

“The Oracle E-Business Suite zero-day campaign (CVE-2025-61882) is one of the most technically advanced operations we have seen from the Cl0p extortion group this year. It reinforces that Cl0p has matured into a threat actor capable of conducting its own vulnerability research and weaponizing flaws before defenders even know they exist. The group recently published a list of alleged victims on its TOR site, although several organizations have not yet confirmed compromise.

This activity highlights a broader and recurring pattern. Cl0p continues to find and exploit systemic weaknesses in enterprise software supply chains, and they are accelerating. Organizations do not have to wait to become the next name on a leak site. These attack paths can be simulated and the security gaps addressed before an intrusion occurs. Now is the time to run these scenarios and close the exposures that groups like Cl0p rely on.”

VP of Cyber Risk for HITRUST, Tom Kellermann adds this:

“As we head into the fifth anniversary of the SolarWinds attack, this Logitech breach underscores again the systemic risk created by zero-day exploitation within trusted enterprise platforms. The Cl0p extortion campaign targeting Oracle E-Business Suite customers is not an isolated criminal act; it reflects the broader evolution of cyber insurgency against Western supply chains. When over 50 major organizations are impacted through the same vector, we are witnessing a campaign of island hopping—where adversaries infiltrate a third-party platform to traverse into corporate networks at scale.

This incident highlights the escalating threat posed by financially motivated groups with nation-state tradecraft, such as the cluster linked to FIN11. These actors are weaponizing supply chain dependencies to exfiltrate sensitive corporate data without disrupting operations, making detection far more difficult.

Enterprises must dramatically enhance third-party risk management and expand continuous monitoring of interconnected systems. Zero-day exploitation campaigns of this magnitude demonstrate that defending your own perimeter is no longer enough. Organizations must assume their software providers are targets, harden identity controls, and increase threat hunting across all integrated platforms to suppress these campaigns before they metastasize.”

I have said it before and I will say it again, this will be the biggest hack since the last biggest hack. And I suspect that the victims will really start to pile up in the coming days as more victims come forward.

1 Comment »

TELUS Sovereign AI Factory named Canada’s fastest and most powerful supercomputer

Posted in Commentary with tags on November 17, 2025 by itnerd

TELUS today announced that the TELUS Sovereign AI Factory in Rimouski, Quebec has been named Canada’s fastest and most powerful supercomputer by the prestigious TOP500 list, which ranks the world’s 500 most powerful computing systems, making TELUS the only telecom provider in Canada to receive this distinction. This recognition marks a groundbreaking achievement for Canadian technology innovation – proving that Canadian-owned and operated infrastructure can deliver world-class computational power while keeping data, innovation and economic benefits firmly within Canadian borders.

The TOP500 list is the global standard for high-performance computing and evaluates a supercomputer’s ability to solve complex sets of mathematical equations. It employs the High-Performance LINPACK (HPL) to measure how many calculations a system can complete per second, with results expressed in floating-point operations per second (FLOPS).

The TELUS Sovereign AI Factory, designed and implemented in partnership with HPE and powered by NVIDIA H200 GPUs and NVIDIA Quantum-2 InfiniBand, achieved a performance score of 22.74 petaFLOPS, ranking 78th overall by demonstrating exceptional capability in solving complex mathematical equations and performing floating-point operations, calculations involving very large or very small numbers common in scientific and engineering applications, at extraordinary speeds. Representing 22.74 quadrillion calculations per second, the immense processing power delivered by its Sovereign AI Factory positions TELUS at the forefront of organizations capable of handling the most demanding computational tasks in scientific research, artificial intelligence and advanced data analytics.

The supercomputing infrastructure will enable Canada to accelerate breakthroughs across multiple domains, such as:

  • Artificial intelligence and machine learning: Training, fine-tuning and inferencing advanced AI models for enhanced customer experiences and business solutions
  • Healthcare innovation: Supporting complex medical research, drug discovery and genomic analysis
  • Climate modeling: Contributing to environmental sustainability through sophisticated climate prediction and analysis
  • Network optimization: Enhancing telecommunications infrastructure and service delivery through advanced computational modeling

Since 1993, the TOP500 project has provided a reliable basis for tracking and detecting trends in high performance computing. Twice a year, it publishes a list of the world’s 500 most powerful computer systems, providing the most accurate and historically consistent ranking of general-purpose HPC systems used for high-end applications.

This achievement underscores TELUS’ dedication to advancing Canadian technology leadership and creating opportunities for researchers, businesses, and institutions to access world-class computational resources, fostering collaboration and innovation across the country.

Leave a comment »

Early Black Friday Tech Deals Already Live – Powered by Intel

Posted in Commentary with tags on November 17, 2025 by itnerd

Black Friday is already heating up in Canada, and several major retailers – including Best Buy, Staples, Memory Express, and Canada Computers – have gone early with discounts of up to $500 on Intel-powered laptops across budget, gaming, and premium categories. These limited-time offers are live now through end of day November 20, making them strong candidates for Black Friday and Cyber Monday.

Top Live Black Friday Deals – Powered by Intel

Under $1,299: Budget + Entry Gaming Deals Now Live 

MSI THIN 15.6″ Gaming Laptop — Intel Core 5-210H 

  • Black Friday Price: $899 (save $400) — Staples 
    A rare sub-$900 RTX gaming laptop with a 144Hz display and 1TB SSD. Strong pick for “best affordable gaming laptops” and entry-level esports coverage. 
  • Sales linkStaples 

Acer Nitro V 15 — Intel Core i7-13620H 

  • Black Friday Price: $1,299 (save $300) — Memory Express 
    Great value for RTX 4060 performance. Ideal for guides featuring “best gaming laptops under $1,500.” 
  • Sales linkMemory Express 

Lenovo Slim 7i Copilot+ — Intel Core Ultra 7 

  • Black Friday Price: $1,399 (save $300) — Best Buy 
    OLED touchscreen, Wi-Fi 7, AI-powered features — a standout for creator-friendly and productivity-focused gift guides. 
  • Sales linkBest Buy Canada 

Mid- to High-End Picks: $1,799–$1,999 

ASUS Zenbook S 14 — Intel Core Ultra 7 

  • Black Friday Price: $1,799 (save $400) — Best Buy 
    A premium ultraportable perfect for lifestyle, travel, or business-tech roundups. 
  • Sales linkBest Buy Canada 

Acer Predator Helios Neo 16 — Intel Core Ultra 9 

  • Black Friday Price: $1,699 (save $500) — Canada Computers 
    Major discount on a powerhouse gaming system with an Ultra 9 processor and RTX 5060. Great inclusion for “best midrange gaming laptops.” 
  • Sales linkCanada Computers 

Lenovo Legion Pro 5i 16″ OLED — Intel Ultra 9-275HX 

  • Black Friday Price: $1,999 (save $400) — Canada Computers 
    OLED gaming display + high-end performance make this ideal for creator/gamer crossover guides. 
  • Sales linkCanada Computers  

Premium Tier: $2,299+ 

Lenovo Legion Pro 5i — Intel Core Ultra 7 255HX + RTX 5070 

  • Black Friday Price: $2,299.99 (save $300) — Memory Express 
    High-end OLED gaming paired with AI-accelerated performance — strong pick for “premium gaming laptop” lists. 
  • Sales linkMemory Express 

Leave a comment »

2026 Cyber Predictions From Forta

Posted in Commentary with tags on November 17, 2025 by itnerd

The Fortra Intelligence and Research Experts (FIRE) team have released 2026 predictions that uncover the darker side of AI and the next evolution of cyber defense.

John Grancarich, Chief Strategy Officer

Brand protection will expand the attack surface. The attack surface as it stands now includes an organization’s brand, its executives and its online reputation. By 2026, protecting trust beyond the network – across the open web, social platforms and dark web – will become as critical as protecting the network itself.

Tyler Reguly, Associate Director, Security R&D

Companies that over invest in AI and put emphasis on AI over humans will start to struggle. As everyone likes to say, ‘Today, AI is the worst it will ever be.” With that said, AI isn’t great. It is costly and limited in capabilities. While some tasks are performed amazingly, others demonstrate the real weakness in reliance on AI. AI is a tool and should be treated as such. It can increase productivity, but it can’t be productive on its own. That requires human expertise and companies that realize that early and retain their experts will prosper over those that adopt AI-only strategies. 

Josh Taylor, Lead Security Analyst, Fortra

Attacks on critical infrastructure will accelerate. Nation-state and criminal actors will target energy, healthcare, and transportation systems with cyber-physical impacts, turning outages and disruptions into strategic weapons. Enterprises in these sectors must treat cybersecurity as a safety imperative and plan for worst-case operational scenarios.

Leave a comment »

OVHcloud unveils its Quantum Platform: the first European solution for accessing quantum computers in the cloud

Posted in Commentary with tags on November 17, 2025 by itnerd

At Choose France – France Edition, OVHcloud, a global player and the European Cloud leader, announces the launch of its Quantum Platform, the first European Quantum-as-a-Service solution (QaaS). It will provide access to at least eight of the most advanced quantum computers, including the Pasqal Orion Beta QPU, available now. By facilitating access to quantum technologies, OVHcloud is now enabling organisations to prepare for the most complex technological challenges.

The platform that facilitates the adoption of quantum technology by businesses

Quantum computing can solve problems and use cases that are far too complex for traditional approaches. The cloud is key in making these advanced technologies accessible, democratizing quantum computing and facilitating its adoption without specialized infrastructure. With the launch of its Quantum Platform, OVHcloud now offers businesses and public organisations access to quantum technology from Pasqal, a pioneer in neutral atom computing, giving customers the opportunity to benefit from a 100-qubit system.

An ecosystem offering an innovative range of quantum technologies

This announcement is part of OVHcloud’s commitment to contributing to the creation of a European quantum ecosystem. As early as 2022, the Group laid the groundwork by launching its first quantum emulator, available in a specialised environment. Today, no fewer than nine quantum emulators are available on OVHcloud infrastructures, representing the widest range of European quantum emulators, with nearly a thousand users. With the launch of the first European Quantum-as-a-Service solution using Pasqal’s QPU, OVHcloud is expanding its offering to include both emulators, enabling users to try out different quantum computing models, and real quantum computers accessible on demand. After Pasqal, OVHcloud plans to integrate eight other QPUs, including seven from European suppliers, by the end of 2027.

Learn more about OVHcloud Quantum offer

Leave a comment »

Hammerspace Announces Latest Version of its Data Platform Software

Posted in Commentary with tags on November 17, 2025 by itnerd

Hammerspace, the high-performance data platform for AI Anywhere, today announced the upcoming release of Hammerspace v5.2, delivering performance, security and ecosystem enhancements that help organizations unify, automate and accelerate their AI and high-performance workloads across any on-premises, hybrid or cloud-based infrastructure.

With v5.2, Hammerspace raises the bar on standards-based parallel file system performance, particularly for AI and HPC workloads, continuing the trajectory demonstrated in public benchmarks earlier this year. The new release achieved a 33.7% higher IO500 overall score than results on the previous version published five months ago, with total bandwidth doubling and individual sub-tests showing dramatic improvements — including an over 800% gain in IOR-Hard-Read.

A key component of these performance improvements is Hammerspace’s continued contribution of significant client-side NFS performance enhancements to the standard Linux kernel, improvements specifically designed to accelerate AI and HPC workloads. By tightly integrating Hammerspace software with these upstream kernel advancements, the Data Platform delivers dramatic performance gains without requiring customers to install proprietary software on application servers or trap their data into vendor-locked silos.

This standards-based approach means Hammerspace is compatible with any storage platform, enabling customers to adapt and deliver the performance and low latency needed for new workloads such as training, inference or RAG with existing infrastructure and data sets. This approach eliminates the cost and complexity of migrating data to net-new storage silos to launch AI projects.

To support extreme scale, v5.2 adds Share Referrals, a transparent mechanism that distributes the namespace across as many metadata servers as are needed to accommodate extreme file counts. This enhancement ensures linear scalability, so performance and responsiveness remain steady even as data estates for AI and HPC environments explode. 

The release also strengthens security options with the addition of Kerberos authentication and Labeled NFS support. By enabling SELinux and other Mandatory Access Control (MAC) systems to transport and enforce security labels across NFS, organizations gain consistent, fine-grained control over data access, which is essential for sensitive research, government and regulated industries.

Hammerspace v5.2 will further expand the platform’s reach by adding support for running Hammerspace in Oracle Cloud Infrastructure (OCI).  New shapes, including bare metal, will be supported, and support for OCI dedicated Regions will follow, providing a critical option for customers that must maintain strict data sovereignty across distributed environments.

This tight OCI integration extends Hammerspace’s multi-site, multi-cloud and multi-protocol capabilities, including its unique S3-connector technology, so customers can seamlessly bridge on-premises environments to cloud-based GPU-accelerated compute clusters in OCI, AWS and Azure. In this way, NFS-based applications gain native, transparent access to cloud compute resources without workflow changes or moving data into new silos.

This seamless hybrid cloud flexibility is what enables organizations such as Meta to burst extreme-performance AI workloads between on-premises data centers and GPU clusters in OCI, with data movement orchestrated among storage types and locations transparently in the background. At the same time, Hammerspace’s global namespace maintains consistent access for users and applications.

Availability

Hammerspace v5.2 will be generally available in December. To learn more or request early access, visit www.hammerspace.com.

In addition to the baseline performance gains, v5.2 introduces Tier 0 affinitization, adding locality-aware intelligence to Tier 0 deployments. By automatically aligning data placement with the optimal servers within a GPU cluster, Tier 0 affinitization reduces east-west network traffic to accelerate throughput and simplifies Tier 0 deployments by eliminating the need for manual configuration. The feature is automatic, transparent and enabled by default.

Leave a comment »

AI-powered Black Friday scams are Evolving Fast: Forcepoint X-Labs

Posted in Commentary with tags on November 14, 2025 by itnerd

Here’s a timely piece of research just published by Forcepoint’s X-Labs team and authored by Lydia McElligott, Security Researcher, titled “How AI is Fueling a New Wave of Black Friday Scams” 

Given the upcoming holiday sales surge, this one (with a number of visual examples included) hits at the intersection of cybersecurity, retail behavior and the AI threat landscape.

Three key take-aways from the research:

  • AI is raising the stakes. Scams this year don’t look like the old “cheap deal” bait—they’re polished, coherent and realistic: phishing emails that mirror brand templates, cloned retail websites spun up in minutes, fake social-media ads. 
  • Trusted brands are primary targets. Attackers are leveraging familiarity with brands like Amazon, Temu and luxury labels to build trust and urgency in their scams. 
  • Defensive behaviours still work—but they require discipline. The article outlines actionable red flags: inspecting sender domains, hovering rather than clicking links, really questioning “too-good-to-be-true” discounts and using secure payment methods. 

The post is at: https://www.forcepoint.com/blog/x-labs/black-friday-scams-ai-phishing-guide

Leave a comment »

« Older Entries
Newer Entries »