New Research Reveals Coordinated Campaign Targeting Perplexity Comet Users Across Various Attack Vectors

Posted in Commentary with tags on October 23, 2025 by itnerd

Today, BforeAI released the company’s research of an investigation into fraudulent and malicious activities targeting users seeking to download Perplexity’s Comet AI browser.

The analysis reveals a coordinated campaign of domain squatting, fraudulent mobile applications, and deceptive advertising designed to capitalize on the legitimate Comet browser’s popularity.

The research dives reveals:

  • Suspicious domains investigated with varying threat levels
  • Critical-level mobile app threats identified on Google Play Store
  • Domains registered in 2025 following Comet’s launch timeline
  • Multiple attack vectors including fake downloads, malvertising, and brand impersonation observed on search engines.

You can find the research here: https://bfore.ai/report/malicious-activity-surrounding-perplexity-comet-browser-launch-threat-research/

Leave a comment »

Consumers Expose Passwords in Password Manager/VPN Exchanges New Study Shows

Posted in Commentary with tags on October 23, 2025 by itnerd

Researchers with Ontario Tech University, PureSquare, and CQR Cybersecurity have published a new study warning that consumers and businesses that use separate VPNs and password managers are susceptible to concurrent multi-vector attacks that put their data at risk.

The use of disparate password managers and VPNs from different vendors (security tool fragmentation) creates a previously unknown security gap. Threat actors exploit this gap and consumer ‘alert fatigue’ to steal credentials.

The measured cost of security tools fragmentation:

  • 44% of users receive overlapping alerts.
  • 38% receiving overlapping alerts say they ignore them.
  • 29–34% of people leave tools disabled or miss paid features entirely.
  • Redundant subscriptions account for 24% of annual security tool costs.
  • The high cost of tool fragmentation and alert chaos: $400 million is lost every year to multi-surface attacks (see below).
  • Personal pre-breach costs to consumers: duplicative “chaos tax” expenditures can cost more than $850 per consumer, per year.
  • The average person now manages 3.4 security apps, spends up to 27 hours a year maintaining them, and wastes between $574 and $850 annually on redundant subscriptions and unmanaged risks.

Ironically, this results in people spend hundreds of dollars and dozens of hours every year managing overlapping, non-integrated security tools, but are actually spending more and working harder to be less secure.

The “alert fatigue” blind spot that stems from notification flood cycles became especially visible during the 2025 Google breach affecting 2.5 billion Gmail accounts. The breach drove individuals to flood forums and search engines with urgent “what to do” queries while scrambling across multiple apps.

One App, Complete Protection

Leading from this research, PureVPN has unified VPN, Password Manager, Dark Web Monitoring, Tracker & Ad Blocker, and Data Removal into a single unified platform. Instead of multiple apps competing for the consumer’s attention, users receive one alert stream, one workflow, and one place to act.

Notifications are consolidated and prioritized to reduce false alarms, while the new bottom navigation keeps breach-response tools easily accessible under stress.

You can read the study here.

Leave a comment »

Pave Bank raises $39 million to scale world’s first programmable bank built for digital assets and AI era 

Posted in Commentary with tags on October 23, 2025 by itnerd

The future of finance is shifting on-chain. As that shift accelerates, the world’s financial system is being rebuilt around tokenisation, the programmability of money and assets, along with a focus on regulation, risk and compliance. Pave Bank, a fully licensed commercial bank built for this new financial architecture, today announced it has raised over $39 million in funding led by Accel, with participation from Tether Investments, Quona Capital, Wintermute, Helios Digital Ventures, Financial Technology Partners, Yolo Investments, Kazea Fund, and GC&H Investments. The round brings the company’s total funding to more than $44 million and positions Pave Bank to expand its regulatory footprint, accelerate product development, continue to build institutional grade infrastructure and scale its client coverage across global markets.

Pave Bank was founded on two core ideas: that the future of money is programmable, and that businesses need a regulated, bank-grade counterparty capable of operating seamlessly across both traditional and digital asset rails. Today, the company offers a single platform that unifies commercial banking services – deposit accounts, broad payment coverage, deep FX liquidity, payment card issuance and corporate treasury management – with institutional-grade digital asset management, an instant settlement network and an OTC trading desk. Instead of managing multiple providers for fiat banking, custody, and liquidity, clients can operate across both systems under one regulatory framework, one compliance standard, and one interface.

Businesses using Pave Bank can manage both fiat and digital assets in real time, automate treasury operations, and reduce reliance on intermediaries. An exchange or market maker can manage both digital assets, fiat and fixed income treasury products in one place, and at the same time, deal with their counterparties using the Pave Network – enhancing operational liquidity and mitigating operational risk. Corporates exploring using stablecoins in their operations can unify digital assets and fiat corporate treasuries with regulatory clarity and in a secure manner – improving speed, control, and cost efficiency. 

Since launching, Pave Bank has focused on building a sustainable, technology-driven operating model rather than chasing top-line growth. The company achieved profitability in seven of its first nine months of operation – a rare milestone for a newly licensed bank – by leveraging automation and AI across software engineering, compliance, operations, and treasury functions. With a team of just over fifty people, the bank expects to continue to scale intelligently while maintaining profitability along with a core focus on risk and compliance. 

The financing reflects growing institutional demand for a new kind of financial institution – one that can manage regulated digital assets, from stablecoins to bitcoin, alongside everything that is expected from a commercial bank, provide instant settlement and programmable flows, and have prudential oversight. Pave Bank has been building within regulatory frameworks for digital assets from day one, and as these regulations mature and harmonize, Pave Bank is working directly with regulators to ensure compliance and interoperability across jurisdictions.

Looking ahead, Pave Bank plans to expand its licensing coverage, deepen its programmable treasury and institutional financial products, and integrate with major financial and digital asset ecosystems. The long-term vision is to become the trusted corporate and institutional global financial institution -the place where the traditional and digital economies finally operate as one.

Leave a comment »

Apache Syncope Allows Malicious Admins to Inject Groovy Code 

Posted in Commentary with tags on October 23, 2025 by itnerd

A researcher has uncovered an RCE vulnerability in open-source identity management system Apache Syncope through its Groovy scripting feature. On versions prior to 3.0.14 and 4.0.2, an administrator can upload Groovy code that executes with the privileges of the running Syncope Core process, enabling remote code execution (RCE).

You can find more details here:

 https://gist.github.com/N3mes1s/213e20931ea2d27af5c47e90dedbe05f

Henrique Teixeira, SVP of Strategy, Saviynt, commented:

“First, credit to the researcher and Apache for identifying and resolving this issue. CVEs like this matter. If exploited, attackers could execute code, exfiltrate secrets, or pivot across environments. But we also need to look at the threat model: exploitation requires administrative access to the tenant or domain. And if someone already has admin rights in an identity system, it’s effectively game over. That person can create or remove users, escalate privileges, and move laterally across systems.

This highlights why identity controls are so critical. Organizations should upgrade to the patched Syncope versions, avoid Groovy in favor of Java implementations, and enforce least privilege and strong authentication. Log everything, continuously audit admin activity, and prioritize identity hygiene by removing unused permissions and applying just-in-time privilege access. The bigger picture is that while patching vulnerabilities is essential, most breaches still start with exposed or misused identities. Securing them must remain the first line of defense.”

This was fixed pretty quickly. But next time, because there is always a next time, the world may not be so lucky. Thus having a layered defensive structure that includes the suggestions that Mr. Teixeira made above is the best advice that organizations could receive.

Leave a comment »

Qilin Ransomware: Now the most prolific gang of the last few years says Comparitech

Posted in Commentary with tags on October 23, 2025 by itnerd

Comparitech researchers has published a research study diving into this very ransomware gang.

Key findings for Qilin in 2025 include:

  • 701 victims (118 of these attacks have been confirmed)
  • 45 attacks on healthcare providers (14 confirmed)
  • 40 attacks on government entities (22 confirmed)
  • 26 attacks on the education sector (7 confirmed)
  • 590 attacks on businesses (75 confirmed):
    • 143 on manufacturers (11 confirmed)
    • 108 on service-based businesses (9 confirmed)
    • 69 on finance companies (27 confirmed)
    • 50 on retailers (2 confirmed)
    • 34 on construction companies (2 confirmed)
  • 788,377 records breached in the confirmed attacks
  • 116 TB of data stolen across all attacks (47 TB in confirmed attacks)
  • The US accounts for the most attacks (375), followed by France (41), Canada (39), South Korea (33), and Spain (26)

You can read more here: https://www.comparitech.com/news/qilin-ransomware-stats-on-attacks-ransoms-data-breaches/

Leave a comment »

SOCRadar Serves Up The Top 10 AI Deepfake Detection Tools to Combat Digital Deception in 2025 

Posted in Commentary with tags on October 22, 2025 by itnerd

Deepfake technology is increasingly being used in sophisticated fraud schemes, making it harder for individuals and businesses to distinguish real from fake. Scammers have used AI-generated voices to impersonate executives, leading to financial losses, while cybercriminals exploit deepfakes for identity theft and phishing attacks. Manipulated videos and AI-generated speeches can also be used to spread false information, particularly during elections or political events. With social media accelerating the spread of digital content, ensuring that news organizations and platforms can verify the authenticity of videos and images is more important than ever.

Businesses that rely on voice authentication and digital verification must now implement detection tools to protect sensitive data and prevent fraud. In industries such as banking, law enforcement, and cybersecurity, deepfake detection is crucial for preventing unauthorized access and maintaining secure authentication systems.

As a result, many organizations now use AI-powered tools to analyze biometric data, verify identities, and detect synthetic media before it can cause harm. As deepfake technology advances, having reliable detection solutions will be essential for maintaining trust and security in an increasingly AI-driven world.

Researchers at threat intelligence cybersecurity company SOCRadar have published a list of Top 10 AI Deepfake Detection Tools to Combat Digital Deception in 2025. This is worth your time to read.

Leave a comment »

FlightHub Creates New Commercial Using AI Powered Video Enhancements

Posted in Commentary with tags on October 22, 2025 by itnerd

FlightHub produced a new commercial highlighting their mobile app, but instead of relying on traditional visual effects, the team turned to AI-powered video enhancement to elevate the visuals in a faster, smarter, and more cost-efficient way. 

Some key highlights include: 

  • Six times lower production cost: By using AI to enhance visual elements instead of traditional VFX, FlightHub achieved the same high-quality result at a fraction of the typical cost. 
  • Cinematic quality, simplified process: The AI workflow enabled realistic motion and environmental effects, all while maintaining the creative integrity of live-action footage. 
  • Faster creative turnaround: AI tools made it possible to preview, iterate, and refine visuals in real time, reducing bottlenecks between creative and post-production teams. 
  • Human + AI collaboration: The project showcased how AI can support (not replace) creative professionals, blending human vision with machine precision to achieve a seamless final product. 
  • Proof of innovation: This campaign reinforces FlightHub’s commitment to experimenting with emerging technologies that enhance creativity, efficiency, and storytelling in travel marketing. 
  • Sustainability benefit: A lighter production footprint (fewer reshoots, less rendering time, and optimized resources) contributed to a more sustainable creative process. 

You can see the commercial here:

Leave a comment »

Sharepoint ToolShell attacks targeted organizations across four continents

Posted in Commentary with tags on October 22, 2025 by itnerd

Hackers believed to be associated with China have leveraged the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint in attacks targeting government agencies, universities, telecommunication service providers, and finance organizations.

The same threat actors also compromised two government departments in the same African country during the same time period. Zingdoor, which was deployed on the networks of all three organizations, has in the past been associated with the Chinese group Glowworm (aka Earth Estries, FamousSparrow). 

Commenting on this is Roger Grimes, CISO Advisor at KnowBe4: 

“I think this is yet another great example of why default auto-patching should be required in every software program and device with firmware. That’s because every patch for every announced vulnerability will not be applied 100% by everyone. In fact, it’s very common for 10% – 25% of related instances to remain unpatched for months — and even years — after a patch is released. There are always people who don’t apply critical patches for some reason or another. But if auto-patching were the default, more instances would get patched in a timely manner.”

I wasn’t a believer in patching as soon as patches come out. But I have changed my mind on that front and I patch everything ASAP to stop a threat actor from making my life miserable. Perhaps you should consider doing the same thing as clearly this is a today problem.

Leave a comment »

Bluepath Robotics expands North American footprint with strong debut at ADM

Posted in Commentary with tags on October 22, 2025 by itnerd

Bluepath Robotics has completed its first participation at ADM Toronto (Advanced Design and Manufacturing) with strong engagement from manufacturers across Canada. The event marked Bluepath Robotics’ formal entry into the Canadian market and highlighted its growing North American footprint, supported by a new office in Detroit, Michigan.

Bluepath’s presence at ADM Toronto generated significant interest among industrial, logistics, and automotive sector participants seeking safer, more efficient material flows and faster time-to-value from automation. The company’s entry to Canada aligns with a broader regional expansion strategy focused on strengthening local deployment, service, and lifecycle support capabilities.

Single accountable partner, compliance by design

Bluepath Robotics designs and manufactures both the AMR hardware and the fleet management software in-house, providing customers with a single accountable partner from planning to scale. This full-stack approach reduces integration risk and accelerates commissioning, while enabling tighter alignment with site-specific workflows, safety practices, and industrial standards.

The company’s portfolio includes Underdrive/Platform and Tugger AMRs, along with Forklift and Stacker models. Payloads, navigation methods, and attachments are configurable to the application. Deployments typically follow a phased pathway—assessment, pilot, and scale-up—supported by operator training and safety validation at each step.

Bluepath Robotics’ fleet software interfaces with common systems such as WMS (Warehouse Management System), MES (Manufacturing Execution System), and ERP (Enterprise Resource Planning), and is developed for industrial safety standards and VDA-5050-style interoperability.

Chosen by global manufacturers and now available in Canada

Bluepath Robotics’ entry to the Canadian market is underpinned by references with leading manufacturers. These projects demonstrate field-tested reliability, safety, and measurable ROI (Return on Investment) in complex production environments—credentials that are increasingly sought by the Canadian operators advancing their automation roadmaps.

Canadian manufacturers are accelerating automation to protect workers, stabilize operations, and offset labour constraints. Bluepath Robotics’ AMRs are designed to reduce manual strain, streamline repetitive transport tasks, and help teams focus on higher-value work. The company’s approach emphasizes pragmatic integration and stepwise scale-up, enabling customers to realize benefits early while building toward larger fleets.

Following ADM Toronto, Bluepath Robotics is engaging with plant leaders, industrial engineering teams, and systems integrators across Canada to identify pilot opportunities in manufacturing, logistics, e-commerce fulfillment, heavy industry, and discrete production. The Detroit office will coordinate assessments, pilots, and post-deployment support for Canadian sites, with remote monitoring and updates delivered through the fleet management platform of Bluepath Robotics.

Leave a comment »

Saviynt Announces Integration with the CrowdStrike Falcon Platform

Posted in Commentary with tags on October 22, 2025 by itnerd

Saviynt today announced a new integration with the CrowdStrike Falcon® platform, now available on the CrowdStrike Marketplace. The bidirectional integration enables Saviynt to leverage CrowdStrike’s industry-leading endpoint, identity, and cloud telemetry to drive dynamic, risk-based access governance decisions, while CrowdStrike Falcon® Next-Gen SIEM ingests Saviynt identity data to deliver unified visibility, faster investigations, and improved response across hybrid environments.

As organizations face growing complexity in managing human, non-human, and AI identities across hybrid and multicloud environments, attackers increasingly exploit compromised accounts and devices to reach critical systems and data. Falcon Next-Gen SIEM, the engine of the agentic SOC, combines native Falcon platform telemetry and third-party data with industry-leading threat intelligence and AI-driven automation to deliver unified visibility and rapid response across domains. By integrating CrowdStrike’s real-time telemetry with Saviynt’s governance capabilities, customers can respond faster to threats.

The Saviynt–CrowdStrike integration delivers identity-driven outcomes that enhance visibility and streamline response:

  • Automated Remediation to Minimize Exposure and Accelerate Response – Suspends compromised accounts, revokes risky entitlements, and automates policy-driven workflows to accelerate containment and recovery without manual intervention.

Leave a comment »

« Older Entries
Newer Entries »