Adaptix Ties to Russian Criminal Underworld, Threat Actors Harness Open-Source Tool for Malicious Payload

Posted in Commentary with tags on October 30, 2025 by itnerd

Silent Push has published new research in which its threat analysts uncover threat actors using Adaptix, a free and open source tool commonly used by penetration testers, to deliver malicious payloads. Silent Push has observed heavy ties linking Adaptix to Russia and the Russian criminal underworld. 

Abuse of Adaptix was first discovered during Silent Push’s research on the new malware CountLoader, which they reported previously. Soon after signatures were added to Silent Push detection methods, several public reports highlighted the surge in threat actors using Adaptix in global ransomware campaigns. 

Silent Push has identified a potential threat actor with significant ties to Russia who goes by the handle “RalfHacker,” appears to be a developer behind Adaptix, and manages a Russian language sales Telegram channel for the tool. 

The research can be found here: https://www.silentpush.com/blog/adaptix-c2.

Leave a comment »

Ontario Tech University answers the call to ensure AI serves humankind and the planet

Posted in Commentary with tags on October 30, 2025 by itnerd

From households to classrooms and workplaces, artificial intelligence (AI) has become deeply integrated into everyday life. As this technology’s influence accelerates worldwide, the need for leadership rooted in ethics, good governance and accountability has never been greater. Challenges and opportunities lie in balancing promise with risk so that innovations serve people and the planet.

Ontario Tech University is advancing initiatives that will establish the university, and Canada, as a global leader in ethically designed and executed AI. Through the launch of its School of Ethical Artificial Intelligence and Mindful Artificial Intelligence Research Institute, the university is setting the benchmark for human-centred innovation that’s anchored in values and guided by conscience. 

A framework for ethical AI

Achieving trust in AI and creating a more inclusive future requires researchers, industry, policymakers and the government to work together to confront the questions that influence AI’s design and use. The university’s AI commitment is grounded in four principles that safeguard the development of emerging technologies through care, conscience and social accountability:

  • Prioritizing privacy by design.
  • Ensuring robust data protection.
  • Minimizing algorithmic bias.
  • Addressing environmental consequences.

Building a future led by ethical leaders

Ontario Tech is not watching from the sidelines; it’s leading with bold, immediate actions to prepare students for the careers of today, and for those yet to be imagined.  

The university’s School of Ethical Artificial Intelligence unites experts across multiple disciplines, from computer science and business to engineering, education, health and social sciences, equipping students with technical expertise and preparing them to be responsible change-makers who understand how to apply critical thinking to AI systems and their outputs.

The university’s more than 65 AI-related courses help students gain the knowledge and skills to channel AI’s power toward serving society, and graduate ready to lead the workforce with integrity and purpose.

Advancing research through a mindful AI lens

The launch of the Mindful Artificial Intelligence Research Institute (MAIRI) reinforces Ontario Tech’s global reputation for thoughtful, intentional, inclusive and human-centred innovation. Bringing together more than 50 researchers from every faculty, MAIRI unites interdisciplinary expertise with key partnerships spanning academia, industry and government to explore AI’s role in advancing well-being and global flourishing.

MAIRI exemplifies Ontario Tech’s tech with a conscience ethos: innovation grounded in high ethical standards. This approach moves beyond emphasizing rapid technological and economic advancement, to consider how AI can make life better for people and communities.

Applying responsible AI in the real world

The university’s work in trustworthy AI moves beyond theory; it’s practical, measurable, responsibly designed and already changing lives:
  

  • The university works with Ontario Shores Centre for Mental Health Sciences to identify and remove potential systemic bias and discrimination in AI systems that influence patient outcomes and care access.   
  • In partnership with the Canadian National Institute for the Blind, the university explores ways to build accessibility considerations into the design of AI from the start, empowering people of all abilities to contribute to and benefit from technological innovations. Insights from this work are already informing new federal AI standards.

Learn more about SEAI, MAIRI and Ontario Tech’s leadership in responsible AI innovation: ontariotechu.ca/ai.

Leave a comment »

Hackers Impersonating Luxury Brands, Gucci, Louis Vuitton, and Rolex

Posted in Commentary with tags on October 30, 2025 by itnerd

BforeAI has releasee its latest research identifying over 1,000 domains leveraging the popularity of luxury brands in a campaign leading up to the high-traffic holiday season. These domains show coordinated registration patterns, with registrar preferences, top level domain abuse, and linguistic tricks. 

The campaign primarily impersonates high-end fashion and luxury brands, using domain strings impersonating or abusing names such as Gucci, Prada, Louis Vuitton, Rolex, Chanel, Dior, Versace, and Dolce & Gabbana. 

Since luxury retail brands are less frequently purchased online, these hackers are offering coupons and discounts to attract visitors.

You can read the research here: https://bfore.ai/report/luxury-fashion-brands-threats-in-2025-holiday-shopping-season/

Leave a comment »

National Film and Sound Archive of Australia Selects Arcitecta’s Mediaflux to Power the Nation’s Audiovisual Heritage Strategy

Posted in Commentary with tags on October 29, 2025 by itnerd

Arcitecta, a creative and innovative data management software company, today announced that the National Film and Sound Archive of Australia (NFSA) has selected Arcitecta’s Mediaflux® platform to serve as its central Digital Asset Management System (DAMS), marking a significant step in its digital transformation journey. This initiative is part of a broader strategy to enhance the discoverability, preservation and public accessibility of Australia’s audiovisual heritage, ensuring its continued relevance and value for future generations.

As digital assets grow at an unprecedented rate, traditional storage models and outdated workflows are no longer sufficient for institutions committed to preserving and providing access to cultural heritage. The NFSA faced mounting challenges in managing the scale, complexity and growing demand for access to its digital collections. Key requirements for its transformation included the ability to:

  • Enhance digital discovery and engagement through improved online experiences and social platform integration;
  • Replace legacy systems with a state-of-the-art, centralized platform that streamlines workflows and integrates seamlessly with existing collection and exhibition management tools;
  • Support the government-funded digitization of at-risk materials across multiple National Cultural Institutions; and
  • Automate external contributor workflows and reduce reliance on manual, labor-intensive asset handling processes.

NFSA selected Arcitecta’s Mediaflux following a rigorous evaluation, in which it distinguished itself with a unified, intelligent approach to data management. The platform delivers scalable, future-proof capabilities for metadata enrichment, long-term preservation and seamless integration with NFSA’s broader digital ecosystem. Mediaflux enables intelligent data tiering, automation and policy-driven governance—eliminating silos while enhancing operational efficiency.

This project reflects a larger trend within the GLAMs (galleries, libraries, archives and museums) sector as institutions adopt scalable, cloud-ready and metadata-driven platforms to address the growing demands of digital stewardship, research innovation and public engagement.

Through a multi-phase implementation, NFSA will modernize its workflows, making it significantly easier for external contributors to submit and access materials. The project is designed to support the long-term preservation of Australia’s cultural legacy while equipping NFSA with cutting-edge tools for managing digital assets. 

The first phase is focused on three key areas to optimize critical aspects of NFSA’s operations:

  1. Intelligent Metadata Management – Mediaflux will automate metadata ingestion and contextual enrichment, improving archival searchability and aligning with evolving storage formats.
  2. Next-Gen Collections Management – A robust digital accessioning workflow will streamline how new materials are curated and preserved.
  3. Seamless Contributor Interaction – An intuitive web portal will allow external parties—broadcasters, donors, and production houses—to securely deposit and withdraw digital assets, simplifying ingest and access.

To support these initiatives with a strong technical foundation, NFSA is integrating advanced infrastructure and storage solutions tailored for performance, scalability, and sustainability. Wasabi’s cloud storage integration, managed by Mediaflux, offers cost-effective scalability, no egress fees and intelligent tiering to optimize storage efficiency and sustainability.

Dell PowerScale flash and archive solutions are powering the high-speed digitization and long-term preservation of archive collections, enabling instant access to priceless history at scale.

Why Mediaflux

Mediaflux enables organizations to unify and consolidate digital assets across diverse formats and departments within a single, cohesive platform. Purpose-built for petabyte-scale data environments, it delivers real-time performance and advanced metadata automation to streamline complex workflows. Mediaflux combines deep domain expertise with flexible customization. Its robust capabilities also unlock new monetization and audience engagement opportunities by making enriched collections more accessible than ever before.

In addition, Arcitecta’s proven track record delivering DAMS solutions to institutions, combined with its deep experience in complex, multi-industry environments, gave NFSA confidence in its ability to provide reliable support, ongoing maintenance and adaptability to future needs.

Resources

Leave a comment »

Fubo, Disney’s Hulu + Live TV Complete Business Combination

Posted in Commentary with tags on October 29, 2025 by itnerd

FuboTV and The Walt Disney Company today announced they have closed the previously announced transaction to combine Fubo’s business with Disney’s Hulu + Live TV business.

The newly combined Fubo and Hulu + Live TV business creates a truly unique virtual MVPD (vMVPD) and the sixth largest Pay TV company in the U.S. with nearly 6 million subscribers in North America. The combined company offers consumers a broad set of sports, including more than 55,000 live sporting events, and entertainment-focused programming offerings from Fubo and Hulu + Live TV.

Fubo and Hulu + Live TV will continue to be available to consumers as separate and distinct services, each offering consumers multiple plan options from skinny to robust at compelling price points. Hulu + Live TV will continue to be streamed in the Hulu app and offered as part of an entertainment-focused bundle with Hulu, Disney+ and ESPN Unlimited. Fubo will continue to serve viewers in the Fubo app.

The combined business expects to realize cost, revenue and operational synergies through content cost savings achieved by more flexible programming packaging, advertising optimization and sales and marketing opportunities. The combined company will have access to a $145 million term loan that Disney has committed to provide Fubo in 2026 as part of the Transaction.

Leave a comment »

A Large Scale Questrade Phishing Campaign Is Making The Rounds

Posted in Commentary with tags on October 29, 2025 by itnerd

A threat actor is engaged in a large scale phishing campaign that is targeted at Questrade customers. The campaign starts with this email:

Now this all looks and sounds official. But it isn’t. When you look at the “Renew Your Form W-8BEN” link, you’ll note this:

While the link says Questrade in it, it clearly isn’t Questrade as the website isn’t going to someplace that Questrade controls. Instead it’s going to a website that the threat actor controls. Now rather than going down the rabbit hole of what is the goal of this campaign, I let Virus Total do it for me:

This appears to be a phishing campaign aimed at stealing your Questrade credentials. Not good. That is confirmed by going to the URL itself. Which by the way, you should never ever do:

This is an excellent replication of the real Questrade website as evidenced here:

It even has the text “Tip: Always double check the URL of log-in pages to keep your account secure” in it. Which if you follow their advice, you can recognize this as a phishing attempt.

I have seen a few dozen of these emails hit my honeypot recently. So this is a large scale phishing campaign. Likely being done by someone who is sending emails out by the thousands hoping to catch 1% of the recipients out and score a big payday as a result. Because scams don’t have to be successful in volume to be successful.

But we’re not done yet, there’s a second Questrade phishing email making the rounds:

The lure is different as it is trying to get you to fall for the scam by getting you to set up 2 factor authentication. But the net result is the same. It is trying to send you to a replication of the Questrade website that will steal your Questrade credentials, and your money along with it.

For the record, if you can use 2 factor or multi factor authentication for your accounts, it would make them way more secure. Questrade has instructions to set that up here.

Here’s the bottom line. If you you get one of these emails, delete it and move on with your life because it is clearly a scam. And a large scale one at that.

5 Comments »

TELUS Friendly Future Foundation launches second annual sweepstakes 

Posted in Commentary with tags on October 29, 2025 by itnerd

The TELUS Friendly Future Foundation launched its second annual Friendly Future Sweepstakes, this year in partnership with WestJet, offering Canadians 18 and older the chance to win a family trip for four to Costa Rica including flights, a five night stay at Planet Hollywood Costa Rica by Royalton and spending money. Additional prizes include the gift of flight for two guests to any regularly scheduled WestJet destination, prepaid gift cards, and more. Tickets start at $25 and are available online until December 5. TELUS Rewards members are able to redeem points for entries in the TELUS Rewards catalogue. WestJet Rewards members can now link their account to TELUS Rewards and convert points to use for entries from the TELUS Rewards catalogue. All proceeds support underserved, socially-minded post-secondary students through the TELUS Student Bursary program.

Building on the continued commitment to support even more youth in financial need across Canada, Canadians can also support the cause through the fifth annual Friendly Future Auction. Running until November 14, the auction features more than 100 carefully curated items up for bid, including tech and devices, vacation getaways, sporting event experiences, exclusive memorabilia and more. 

Since launching in 2023, the TELUS Student Bursary has supported more than 1,600 students across the country who are experiencing financial need and are committed to making a difference in their communities. Notably, 53 per cent of TELUS Student Bursaries in the 2025/2026 cohort were awarded to students who are the first in their family to pursue post-secondary education in Canada and 51 per cent went to students who are actively working during their studies to support themselves financially.

The next application window will open to eligible students in spring 2026. To learn more about the program or to donate to help even more students achieve their dreams, visit friendlyfuture.com.

For more information on the Friendly Future Sweepstakes, including how to purchase tickets, and view complete sweepstake rules, visit the friendlyfuture.com/sweepstakes. The sweepstakes end December 5, 2025.  To learn more about the Friendly Future Auction, including placing a bid visit friendlyfuture.com/auction.

Leave a comment »

KnowBe4 Uncovers Surged Abuse of Legitimate Platforms by Cybercriminals in 2025 

Posted in Commentary with tags on October 29, 2025 by itnerd

KnowBe4 today announced new research from its 2025 Phishing Threat Trends Report Vol. Six, which finds fundamental shifts in cybersecurity attacker tactics, prompting a significant increase in phishing attack volume from compromised accounts.

Key findings from the report include: 

  • Scattered Spider Destruction: The cybercriminal gang Scattered Spider breached multiple high-profile retailers in 2025, including M&S, Co-Op, Harrods and others, which caused hundreds of millions in damages and losses. These breaches spawned secondary phishing campaigns targeting customers, with attackers impersonating the compromised brands to harvest credentials. Scattered Spider’s signature tactics (including combining sophisticated social engineering, vishing, MFA bombing and credential harvesting) combine techniques that target both the technical and human layers as part of their attack methodology.
  • Voice Phishing Surge: Phone-based vishing attacks increased 449% compared to 2024, with phone numbers appearing as the sole payload in 5.5% of phishing emails. Researchers discovered that 77% of callback numbers used AI-generated voices, while 69% of vishing attacks were financially motivated, requesting bank detail changes, fraudulent refunds or transfers. 
  • Legitimate Platform Hijacking: Perhaps most concerning, cybercriminals increased their abuse of legitimate platforms like QuickBooks, Zoom, SharePoint, and PayPal by 67% year-to-date. These attacks pass DMARC authentication 100% of the time and often bypass traditional defenses because they originate from trusted domains. 

Download the KnowBe4 2025 Phishing Threat Trends Report

Leave a comment »

OpenText Cybersecurity Launches New Capabilities to Create Trusted Foundation for AI

Posted in Commentary with tags on October 29, 2025 by itnerd

 OpenText today announced new cybersecurity capabilities designed to help enterprises embed AI into everyday security work and enforce governance and compliance at scale. OpenText™ Cybersecurity unifies defenses across identity, data, applications, SecOps, and forensics, putting AI directly in the flow of work with OpenText™ Core Threat Detection and Response for behavioral analytics, OpenText™ Core Identity Foundation for advanced permission settings and access protection, and OpenText™ Application Security Aviator auto-remediation during application testing.  Along with OpenText Data Privacy and Protection for advanced encryption, these advanced new cybersecurity capabilities in CE 25.4 strengthen compliance with built-in controls (GDPR, HIPAA, PCI DSS) and ensure enterprise AI runs on security that is adaptive, governed, and trusted.

New innovations include:

  • Get AI Ready with Simplified Identity and Access for Hybrid Environments
    With OpenText Core Identity Foundation, organizations can unify identity and access across on-premises, cloud, and legacy environments without costly infrastructure overhauls. SaaS-based Zero Trust controls and enforces least-privilege access by fully managing all the edge identity stores across disparate environments as part of the Identity-as-a-Service (IDaaS) vision.
  • Put AI in Context with Secure Software Delivery Powered by AI Auto-Remediation
    Development teams can fix vulnerabilities in minutes instead of days with OpenText Application Security Aviator 25.4. Automated, validated code fixes reduce security debt and embed protection directly into DevSecOps workflow through the Fortify Command Line Interface (fcli).
  • Secure, Governed, Compliant with Proactive Threat Detection and Built-In Compliance
    OpenText Core Threat Detection and Response bring behavioral analytics into the SOC. OpenText Data Privacy and Protection is advanced encryption service that protects sensitive data at rest, in transit, and as it feeds AI. And if you’d like to gain expert help, OpenText Managed Security Services can bring Managed Extended Detection and Response (MxDR) and PCI-DSS attestation services to help security teams detect threats faster, respond in real time, and meet regulatory requirements with less operational overhead. For organizations seeking expert support, OpenText Managed Security Services can bring Managed Extended Detection and Response (MxDR) and PCI-DSS attestation services to help security teams detect threats faster, respond in real time, and meet regulatory requirements with less operational overhead.

The new capabilities are currently available with OpenText Cloud Editions 25.4.

Additional Resources

  • To explore OpenText™ Application Security Aviator 25.4 or request a personalized demo, click here.
  • For more information on OpenText™ Core Identity Function or to request a personalized demo, click here
  • To learn more about OpenText™ Managed Security Services, click here.
  • Learn more about OpenText™ Core Threat Detection and Response (TDR) here.
  • Learn more about OpenText™ Data Privacy and Protection Foundation (Voltage) here.

Leave a comment »

AI-Assisted Management Drives Latest SUSE Linux Release

Posted in Commentary with tags on October 29, 2025 by itnerd

The industry’s first enterprise Linux that integrates agentic AI is SUSE Linux Enterprise Server (SLES) 16, announces SUSE , a global leader in enterprise open source solutions.  This release provides deeper visibility, insights and automated management to streamline operations, reduce operational costs and time troubleshooting and create a faster time to market for mission critical applications. 

SLES 16 introduces agentic AI, with an implementation of the Model Context Protocol (MCP) standard. The SUSE Linux agentic AI implementation gives enterprises a secure, extensible way to connect AI models with external tools and data sources, while preserving freedom to choose and extend their preferred AI providers without lock-in. It provides a resilient and secure foundation, combining long-term lifecycle guarantees and enterprise-grade automation. 

SUSE Linux Enterprise Server (SLES) The First AI-Ready Linux for Agentic AI

SLES 16 introduces a framework for embedding intelligence directly into the OS. 

  • Integrated Agentic AI and MCP: SLES 16 implements the MCP (Model Context Protocol) standard and provides MCP host and server components, as tech preview, to seamlessly integrate AI operations. It enables AI-powered local administration through the simplified, browser-based interface Cockpit web console, the default configuration management tool for SLES 16,  and the command line, reducing operational overhead. 
  • Bridge to any LLM: The platform connects to any Large Language Model (LLM) provider.
  • Future-Ready Architecture: The SUSE linux of agentic AI implementation uses an extensible, standards-based architecture ready for the next generation of agentic AI. 

Additional Features 

  • A Predictable, Simpler and Longer Lifecycle: One of the longest support timeframes in the market, a 16 year total lifecycle,  backs the SLES 16 codestream. This makes it the first and only enterprise Linux with a support commitment that makes it post-2038 ready, guaranteeing support after that critical date without requiring disruptive upgrades. 
  • Instant Rollback:  Administrators can instantly roll back nearly any modification, from a system upgrade, a software patch, to a single configuration edit. Now enabled by default in cloud images, this provides a surgical, OS-level recovery option that is far faster and more granular than traditional VM-level snapshots.
  • Reproducible Builds: SLES 16 is the first Enterprise Linux distribution built with reproducible builds, giving customers the unprecedented ability to independently verify and even rebuild their enterprise Linux distribution from source while remaining fully supported by SUSE. This ultimate level of transparency and control, combined with Software Bills of Materials (SBOMs), is part of a development process evaluated for the highest security certifications (EAL4+) in the Linux market.
  • Reduced Skills Gap: The mainstream components in SLES 16 shrinks the skills gap when moving from other distributions. ·

Availability

SLES 16, including the SUSE Linux Agentic AI implementation, is available to all SUSE customers and partners starting today. 

Also available today, the SUSE Linux product family launches with a suite of tailored solutions to meet specific enterprise needs, ensuring there is an adapted Linux for every workload. This comprehensive launch includes:

  • SUSE Linux Enterprise Server for SAP applications 16: Available for mission-critical SAP environments, providing a secure, high-performance foundation optimized for SAP HANA and S/4HANA workloads.
  • SUSE Linux Enterprise High Availability Extension 16: Designed to ensure maximum business continuity, this extension provides automated failover and clustering to protect essential services and prevent downtime.
  • SUSE Linux Micro 6.2: Perfect for workloads needing a more resilient OS, like edge, embedded and other dispersed deployments, this resilient-by-design, transactional, and immutable OS enables an image-based mode perfect for predictable, automated DevOps at scale.

For details, please visit www.suse.com/server  and the SLES 16 blogpost.

Leave a comment »

« Older Entries
Newer Entries »