As we kick off the first day of Dreamforce, the world’s largest technology event, Salesforce is unveiling big headlines that will be relevant for Canadian business leaders.
At a time where enterprise AI adoption is accelerating, new data from IDC and Salesforce shows that 67% of Canadian and American CEOs believe implementing AI agents is critical to staying competitive. These advances in agentic AI give Canadian leaders a way to outpace competitors and tackle challenges like low productivity and ongoing trade tensions.
News highlights:
Agentforce 360: Salesforce has launched the Agentic Enterprise with an integrated platform that enables businesses to deploy agents that are grounded in governed, trusted data; work across teams and workflows; collaborate with humans and other agents directly in Slack.
Brands Canadians use daily are already seeing major transformation – from Reddit cutting resolution times from 8.9 minutes to 1.4 minutes (84% reduction) to OpenTable resolving 70% of diner and restaurant inquiries autonomously.
OpenAI Partnership: Salesforce is coming to ChatGPT for the first time, starting with Sales and Commerce. Sales reps can ask ChatGPT to share a customer’s sales records and visualizations of their latest earnings reports. With Commerce, vendors can complete purchases, embed product catalogs, and turn natural language inquiries into sales directly within ChatGPT.
Anthropic Partnership: Claude will be a foundational model to power AI agents and applications within the Agentforce 360 Platform, ensuring highly regulated industries can use Claude securely. Claude will also run in Slack, with future plans for Salesforce apps to run in Claude.
Remember this Oracle vulnerability that is far from trivial? It now has its first confirmed victim outside of Oracle. And unfortunately for Oracle, it’s Harvard. Yes. That Harvard.
The cybercrime group Cl0p is now seemingly reaping the harvest after it successfully exploited a critical zero-day bug in Oracle’s E-Business Suite (EBS). Hundreds of companies and organizations – all Oracle clients – were allegedly compromised.
One of them is apparently Harvard University, which uses EBS for various administrative functions. Now, Cl0P, essentially a digital organized crime ring, has claimed it had stolen data from the prestigious school.
And:
According to Cybernews researchers, Cl0p has shared 1.4TB of data on its leak site. This data originates from Harvard’s servers hosted by Oracle.
The published data includes logs and reports from Harvard’s internal payment system as well as source code for various internal tools. Cybernews research team has analyzed the data and says it includes references that strongly suggest that it was indeed taken from OBS systems.
Anders Askasen, VP of Product Marketing, Radiant Logic had this to say:
“The Harvard breach tied to the Oracle EBS exploitation highlights a recurring truth: complexity is the adversary of security. When identity and data silos persist, visibility evaporates, and the ability to trace who has access to what becomes guesswork. Systems like Oracle EBS sit at the heart of enterprise operations — rich in sensitive HR and financial data, yet notoriously hard to govern across hybrid infrastructures. Resilience begins with a unified identity data foundation and continuous observability that enable organizations to detect exposures in real time, contain and act with precision, and restore confidence through verifiable facts rather than assumptions”
Will Baxter, Field CISO, Team Cymru follows with this comment:
“This threat highlights the importance of egress filtering and monitoring where files are downloaded from. This operation appears to have exploited the vulnerability weeks ahead of patch release, indicating early access or a brokered exploit. Detecting these campaigns early depends on correlating outbound anomalies, C2 beaconing, and shared infrastructure across sectors. The only scalable defense is collective intelligence — connecting enterprise telemetry with trusted partners before the stolen data surfaces publicly.”
Gunter Ollmann, CTO, Cobalt adds this comment:
“This campaign underscores the growing sophistication of financially motivated groups exploiting enterprise software supply chains. The attackers didn’t rely on a single exploit—they combined zero-day vulnerabilities with custom malware to maximize access before detection. It’s another reminder that penetration testing can’t stop at application edges; enterprises must stress-test complex ERP systems as part of their attack surface. Increasingly, the focus must shift toward offensive security services that continuously test not just applications, but also the effectiveness of defense-in-depth systems and SOC teams. Regular, adversarial testing provides the real-world validation organizations need to ensure their layered defenses perform as intended when it matters most.”
Sucks to be Harvard. And it sucks even more to be Oracle who’s senior management have to be reconsidering their life choices at this point. Because they know that there will be more fallout, and the lawsuits that follow that fallout.
Starburst, the data platform for apps and AI, recognized the winners of the 2025 Data Visionary Awards at a celebration event held alongside AI & Datanova 2025 Thursday evening. The awards honor customers and partners who are harnessing data and AI to deliver transformative results, accelerate innovation, and shape the future of their industries.
The awards celebrate achievements across six customer categories and four partner categories, recognizing visionaries whose leadership and execution are pushing the boundaries of what’s possible with Starburst.
Customer Award Winners
● AI & Data Visionary Award: S&P Global Market Intelligence – Enterprise Solutions Technology Team
The Enterprise Solutions Technology team at S&P Global Market Intelligence is recognized for its bold vision and execution in building a modern, AI-ready data foundation leveraging Starburst. By embracing a federated, governed architecture, the team has accelerated innovation, reduced time-to-market, and set a new standard for responsible AI adoption.
● Executive AI & Data Visionary Award Winner: Anna Nicanorova, CTO, Annalect
Anna is recognized for her leadership in driving Annalect’s enterprise-wide data vision and AI transformation. By championing Starburst, she has accelerated insights, strengthened decision-making, and delivered measurable business impact across Annalect’s global operations.
● Data AI Award Winner: Asurion Asurion is recognized for building a modern, AI-ready data foundation with Starburst, including Iceberg lakehouses, federated access, and strong governance. This approach positions Asurion for scalable AI adoption, future RAG use cases, and accelerated enterprise insights.
● Impact Through AI Award Winner: Arity
Arity is recognized for harnessing Starburst to power data-driven insights that improve transportation safety and efficiency. By applying AI to vast mobility datasets, Arity helps businesses and communities reduce risk, optimize operations, and make faster, more informed decisions, thereby delivering measurable impact across the transportation ecosystem.
● Data Pathfinder Award Winner: Periyasamy Sivakumar (Siva), Head of Data Engineering, OCBC Siva is recognized for his leadership in driving Starburst adoption and data modernization at OCBC. Through hands-on influence and advocacy, he has delivered results in a complex, regulated environment and inspired peers across the organization.
● Data Disruptor Award Winner: PSEG Long Island
PSEG Long Island is recognized for its bold, fast-moving approach to transforming data and analytics. By leveraging Starburst to modernize access to critical data and accelerate insights, PSEG Long Island demonstrated how a forward-thinking organization can disrupt traditional practices and drive meaningful impact.
Partner Award Winners
● Starburst Partner: Data Visionary Award Winner: Amazon Web Services, Inc. (AWS) AWS is recognized for advancing cloud-native AI and data solutions that empower enterprises to unlock transformative insights and accelerate business value with Starburst.
● Starburst Partner: Data Trailblazer Award Winner: Dell Technologies Dell is celebrated for helping joint customers modernize their data architectures with Starburst, delivering integrated, high-performance solutions that bring the power of governed, federated analytics to enterprises at scale, and enabling organizations to accelerate their AI and data-driven initiatives.
● Integration & Ecosystem Impact Award Winner: Alteryx Alteryx is honored for delivering seamless integration and technical innovation that extend the value of Starburst, enabling organizations to achieve new levels of interoperability and business impact.
● Managed Service Excellence Award Winner: Kubrick Kubrick is recognized for outstanding implementation expertise, customer satisfaction, and the ability to drive transformative outcomes through high-impact Starburst deployments.
Posted in Commentary with tags Approov on October 14, 2025 by itnerd
Approov today announced significant strategic expansion of its global network infrastructure, positioning its unique cloud-based mobile app and device attestation platform as the essential defense against rapidly evolving AI-based API threats. This expansion includes the deployment of Cloudflare’s Argo Smart Routing technology across its multi-cloud network, which is supported by Amazon Web Services (AWS) and Google Cloud Platform (GCP).
Approov’s architecture represents a major shift in mobile security, moving away from conventional, on-device approaches like Runtime Application Self-Protection (RASP) and code obfuscation that are increasingly vulnerable to sophisticated hacking tools and AI-driven reverse engineering.
The Next Generation of Mobile Security: Cloud-Based Attestation
The core of Approov’s next-generation platform is its approach to security-by-design: moving all sensitive secrets, such as API keys, out of the mobile application and into a secure, cloud-based enclave. Security is then managed through a rigorous, real-time app and device attestation process performed entirely in the cloud.
Approov’s cloud platform verifies that all API requests originate from a genuine, untampered mobile app running on a secure device. This model drastically reduces API attacks from bots, scripts, and cloned apps by over 95%, creating a safer digital ecosystem for major organizations in finance, retail, healthcare, and connected cars.
High Performance for a Mission-Critical Platform
To ensure this mission-critical security is delivered without compromising the user experience, Approov recognizes the absolute need for a high-performance, robust, and resilient network infrastructure. The platform must deliver attestation tokens over an encrypted channel with the lowest possible latency, regardless of a mobile app’s operating location.
To meet this demand, Approov has made two key infrastructure enhancements:
1. Cloudflare Argo Smart Routing Integration: Approov has integrated Cloudflare’s Argo Smart Routing™ across its network. This technology continuously optimizes the routing of attestation traffic by dynamically selecting the fastest and most reliable network paths. By enabling Argo Smart Routing, Approov reduces Internet latency on average by more than 30% and connection errors by 27%, significantly enhancing performance for end-users globally. The integration also includes Cloudflare’s enterprise-level Layer 4/7 Distributed Denial of Service (DDoS) protection.
2. Expanded Global Attestation Fabric: Approov continues to grow its multi-region, multi-cloud fabric with new points of presence in U.S. East, Hong Kong, and Taipei, Taiwan, complementing existing locations in Dublin, U.S. West (San Jose), Sao Paulo, and Singapore. The multi-cloud deployment on AWS and Google Cloud is designed with automatic cross-cloud failover for maximum resiliency under the most extreme threats.
These strategic investments ensure that Approov will continue to deliver the fastest, most efficient, and most secure mobile app protection, allowing enterprises to fully trust the source of every mobile API request.
Brilliant marketers are still buried in dashboards, spending more time on reports and clicks than on strategy and creativity. Epiminds was created to solve this problem. The company, founded by Swedish entrepreneurs Elias Malm and Mo Elkhidir, today announced its public launch from stealth alongside $6.6 million in funding led by Lightspeed Venture Partners with participation from EWOR, Entourage, and high-profile angels including the former CMO of Booking.com. In just twelve weeks from ideation, Epiminds already signed major agencies that manage over 240 brands in their platform.
Agencies today are squeezed from both sides: clients demand more transparency, faster reporting, and measurable ROI – all with smaller budgets. Inside agency walls, insights are scattered across platforms, making decisions slow or reliant on gut instinct, while the rapid rise of AI creates uncertainty about which tools to adopt and how to scale capacity sustainably. The traditional fixes – hiring more specialists, layering on dashboards and optimizers, or making reactive choices once problems surface – only raise costs and complexity without solving the underlying inefficiency. Worse, they don’t prepare agencies for where the future of marketing is heading. Epiminds solves each of these problems, and more.
The company creates advanced multi-agent AI systems that agencies can train and evolve over time. At the core is Lucy, an AI marketing manager that leads a dynamic team of more than 20 specialized agents working together across reporting, optimizations, budget pacing, bidding and creatives. Agencies can onboard a client in less than 30 seconds and instantly get an AI-powered marketing team capable of running campaigns from A to Z. Lucy and her team doesn’t just surface insights but executes them, learns each agency’s playbooks, and proactively monitors accounts to flag risks before they hurt performance.
“Marketers are under more pressure than ever to do more with less ,” said Mo Elkhidir, Co-Founder of Epiminds. “Lucy and her team take on the busywork so that marketing talent can do their best work. This is not about replacing creativity; it’s about giving it room to flourish.”
The vision was born out of the founders’ own frustrations. Malm, who ran an agency and later worked at Google leading agency partnerships across the Nordics, saw firsthand how talented teams were stuck in inefficient processes. Elkhidir, a Sudanese-born machine learning expert who led technical teams at Spotify and Kry, spent years researching multi-agent systems, teaching AI agents to collaborate to solve complex tasks. The spark came during a weekend project simulating Sweden’s 10.8 million citizens in AI, each with hundreds of attributes. When they discovered that 23,400 of them were marketers, the idea crystallized: an AI-powered marketing workforce that could free real marketers to focus on strategy and creative impact.
The impact is already visible. Agencies using Epiminds report faster onboarding, better performance, less wasted spend, and teams that can shift focus back to creativity and strategy. The dynamic multi-agent system seamlessly handles everything from everyday tasks like reporting and pacing to advanced capabilities such as audits, creative analysis, competitive insights, and strategic planning. By connecting insights to action across platforms, Lucy enables a 10x increase in output without adding headcount.
The timing is crucial in filling a big market gap. Legacy dashboards and optimization tools remain siloed, requiring heavy manual work. Point AI tools solve one-off problems but fail to orchestrate the bigger picture. Epiminds’ multi-agent approach creates an integrated, adaptive system that continuously learns and improves.
After just twelve weeks of joining EWOR, which has a a 0.1% application success rate, Epiminds signed major agencies managing over 240 brands on their platform.
Looking ahead, Epiminds plans to expand Lucy’s capabilities across more integrations, increase level of autonomy, and self-improving capabilities. Each new feature strengthens the entire system, creating a network effect where every agency benefits from smarter, more capable AI.
Posted in Commentary with tags KnowBe4 on October 14, 2025 by itnerd
By Martin Kraemer, CISO Advisor at KnowBe4
In late September 2025, several European airports reported significant delays and flight cancellations due to issues with their check-in and passenger systems. Collin’s Aerospace, the vendor of the vMUSE check-in system, had been hit by a ransomware attack.
Collins Aerospace operates ARINC AviNet, a virtual environment that hosts their ARINC vMUSE ground system for customers. Attackers exploited vulnerabilities in the ground system and its proprietary network, resulting in significant operational delays, reputational damage, and a loss of passenger trust. It is believed that the attackers accessed the shared AviNet network and subsequently encrypted portions of the ARINC Multi-User System Environment (vMUSE).
Strategic Lessons for Executives
Despite comprehensive regulations like NIS2, most organizations significantly underestimate the security risks stemming from a lack of visibility into their vendors’ security posture. Vendor risk management is not merely a compliance checkbox but a strategic issue of resilience, as this incident demonstrates how a third-party ransomware attack can ripple across entire ecosystems.
The incident was likely a result of security negligence. Researchers discovered several outdated systems (IIS 8.5, Glassfish 2014, Oracle 2015, and end-of-life Cisco ASA devices) that presented predictable vulnerabilities for attackers. Legacy systems represent not just technical debt but also significant business continuity risks. Therefore, modernization programs and operational investments must be integrated.
The effort airports invest in continuity planning was evident as fallback procedures were successfully invoked. While fallback was available, it proved highly disruptive. Furthermore, when experts attempted to restore the software, they were re-infected, indicating the ransomware was still present on the system. This highlights that detection, response, and recovery must be considered as a holistic process.
The incident clearly underscores the need to elevate cyber risk to the board level. The outage affected passenger experience, operational continuity, and brand reputation.
Strategic Imperatives
Supply chain security requires visibility, not just assurances, to mitigate the ripple effects when a vendor is compromised. Security assurance from vendors must evolve beyond simple checkbox exercises to in-depth analysis of their practices and configurations. Merely documenting compliance with ISO 27001, NIST, and NIS2 will no longer suffice. As high-impact cyber-attacks persist, organizations, especially those in critical infrastructure, will demand greater visibility and transparency from their vendors. When it comes to maintaining a country’s operations, the focus must shift from minimizing liability to ensuring continuity.
In sectors where legacy systems are prevalent, rigorous legacy management is essential. For systems with unpatchable vulnerabilities, compensating controls must be implemented, and a phased retirement of high-risk systems must be planned. Legacy systems are common in critical infrastructure, often deemed essential for continued operations and complex to replace. Without proper monitoring and maintenance, outdated systems and missing patches, as seen in cases like Collin’s Aerospace, will expose an organization’s vulnerabilities.
Strengthening supply chain governance is a critical step forward. Organizations should map out dependencies, conduct joint exercises, and establish contractual obligations for security monitoring. Developing resilience by design is the optimal approach. Investments in redundancy, the development and testing of rapid recovery processes, and regular crisis simulations are valuable tools for organizational preparedness.
Conclusion
Organizations in critical infrastructure must immediately stop prioritizing liability reduction which compliance requirements often falsely are interpreted as. Instead, nation-states must incentivize business continuity and offer guidance and oversight to small and medium businesses that cannot afford to develop their own resilience functions. Incentives must be structured so that organizations perceive expensive cybersecurity investments as worthwhile, leading to greater risk reduction and fewer losses.
This approach is crucial for improving supply chain risk management in critical infrastructure, where adversaries are likely to exploit weaknesses. Policymakers must advocate for stronger regulatory oversight and shared responsibility models, particularly in aviation. Executives must view cybersecurity as a strategic business enabler, rather than a technical afterthought.
Ransomware attacks continue to rise in 2025, with 6,330 cases recorded so far, underscoring escalating risks for small and medium-sized businesses
The latest data analyzed by NordStellar, a threat exposure management platform, reveals that the number of ransomware incidents in 2025 is continuing to grow. Between January and September 2025, 6,330 ransomware cases were exposed on the dark web, representing a 47% increase compared to the 4,293 cases recorded in the same period last year.
“So far this year’s results are highlighting a worrying trend — the number of ransomware cases continues to grow steadily,” says Vakaris Noreika, cybersecurity expert at NordStellar. “The majority of the growth we’re witnessing right now is most likely a direct result of the increase in ransomware-as-a-service (RaaS) that allows cybercriminals to scale their attacks and has lowered the entry barrier for bad actors. Another key factor is the significant increase in the number of active ransomware groups, which has reached an all-time high.”
Noreika explains that the number of active ransomware groups has been consistently increasing over the past five years. In September alone, NordStellar traced back the ransomware incidents to 66 different groups.
Prime targets in Q3 2025: The US, SMBs, and the manufacturing industry
In July-September 2025, 1,943 ransomware cases were exposed on the dark web, a 31% increase compared to the same period in 2024 (1,484 cases). US businesses were the most targeted, accounting for 54% of the 1,274 cases that could be traced to specific victim countries. Canada holds the second spot with 62 incidents, followed closely by Germany (60), the United Kingdom (54), and France (35).
“The findings mirror the results we have been seeing all year,” explains Noreika. “The US is home to numerous profitable public businesses, and this, coupled with strict regulations, makes them an attractive target for cybercriminals. Their potential for high profitability, combined with a higher likelihood of meeting ransomware demands to resolve incidents quickly, increases the chances of success for attackers.”
Ransomware data from July to September 2025 revealed that the manufacturing industry was the most affected by ransomware, with 245 cases, mirroring the results of the previous quarters. It was followed by professional, scientific, and technical services (107), information technology (103), construction (91), and financial services (69).
“Companies operating in the manufacturing industry experience high operational downtime costs, making them more inclined to give in to ransomware demands to resolve the incident as soon as possible. They also often rely on outdated or unpatched software and systems and are more likely to experience supply chain vulnerabilities due to reliance on third-party vendors, partners, and logistics providers,” says Noreika.
He explains that companies operating in the professional, scientific, and technical services industry often work with confidential customer data, intellectual property, and critical business tools, making them an attractive target for ransomware actors. According to Noreika, businesses in the information technology industry are targeted because they handle large volumes of valuable data and are key components of the supply chain. This means that attacking them can spread ransomware to multiple businesses simultaneously.
Small and medium-sized businesses (SMBs) were the most affected. The data revealed that organizations with up to 200 employees and revenues of up to $25 million experienced the most attacks.
“As in the first half of 2025, SMBs continue to remain the primary targets for ransomware. Ransomware actors usually perceive smaller businesses as lower-risk targets because they might lack a sophisticated IT infrastructure, operate on low cybersecurity budgets, and not have the means to investigate or report attacks to authorities,” says Noreika.
He adds that smaller revenue companies may also be more likely to meet attackers’ demands since the cost of downtime, data loss, or reputational damage from a full-blown ransomware attack could devastate the business financially. As a result, many of them could view paying the ransom as the only option, making them a higher success target for ransomware attackers.
Old players take the lead
The ransomware group Qilin was responsible for the most attacks in Q3 2025, with 241 incidents, and continues to hold the number one spot from the previous quarter. It’s followed by Akira (190), INC Ransom (146), Play (102), and Safepay (92).
“Qilin, Akira, and Play are more experienced players, active from 2022-2023, and are known for their double extortion models and large victim scope. They are also more likely to keep their operations in-house, without utilizing or offering RaaS, so as not to compromise their operations,” says Noreika. “Safepay is the youngest group, first detected in the fall of last year, but so far has been consistently among the top perpetrators this year. INC Ransom was first discovered in late 2023 and is generally lesser-known. However, this year, they have been quite consistent with their attacks as well.”
According to Noreika, ransomware groups are highly organized. He explains that business leaders are not always fully aware of the danger they pose — for example, that they often seek out top talent in cybersecurity or might even recruit insiders to carry out a targeted attack against an organization, making them a threat that companies cannot afford to underestimate.
Main mistakes that make a business more vulnerable to ransomware
Noreika explains that the first step in making a company ransomware-resistant is prevention. He highlights cybersecurity hygiene as the primary foundation.
“Most attacks happen due to user error. As a result, raising cybersecurity awareness and increasing training, as well as promoting good cybersecurity hygiene, is the basic first step,” says Noreika.
He continues by saying that employees who can recognize phishing scams, understand the importance of proper password management, and recognize the necessity and importance of utilizing tools like multi-factor authentication or a VPN are less likely to open the company’s network to cyber intruders.
“Another important factor is monitoring and addressing unknown cybersecurity gaps. With more businesses embracing hybrid or remote work models, introducing unmanaged devices and relying on third-party vendors, the attack surface is expanding, and any endpoint can be exploited,” says Noreika.
To stay ahead of attackers, he advises companies to monitor for external vulnerabilities before they are exploited, as well as any potential data leaks on the dark web, to minimize the possibility of a more sophisticated attack. Noreika emphasizes that recovery plans and backing up critical data are among the essential steps to reduce the impact of a potential ransomware incident.
Disclaimer: While the total number of 1,943 ransomware attacks in Q3 2025 is accurate, the figures presented for each category (industry, company size, and country) may be slightly higher. This is because a number of incidents were missing data needed for categorization and thus were omitted.
Ericsson and Vodafone, one of the world’s leading telecommunications companies, have announced a five-year strategic partnership to modernize Vodafone’s network footprint using Ericsson’s high-performing programmable network solutions across several key markets.
Ericsson will be Vodafone’s sole RAN vendor in Ireland, Netherlands, and Portugal, as well as a major vendor in Germany, Romania, and Egypt. This move further deepens the long-standing, strategic relationship between the two companies.
The modernization of Vodafone’s RAN infrastructure and management will lay the foundation for widespread deployment of 5G Standalone, enabling Vodafone to offer differentiated connectivity solutions with guaranteed, performance-based characteristics for their consumer and enterprise customers.
Under the partnership, Vodafone will deploy Ericsson’s state-of-the-art and Open RAN-compatible Massive MIMO radios and RAN Compute solutions, as well as 5G Advanced RAN software capabilities extensively across their networks in these markets.
The pan-European deal introduces Ericsson Intelligent Automation Platform and a number of AI-powered rApps which will be deployed market-by-market to deliver automated RAN optimization, energy efficiency, and management of the multi-vendor network.
Germany will be the first market to deploy the platform and rApps for Ericsson and multi-vendor RAN management, with work beginning in Q4 2025. The comprehensive AI and network evolution partnership will elevate Vodafone’s infrastructure to world-class standards, taking the first steps towards autonomous networks and ensuring their networks are at the forefront of technological advancement and capable of meeting future demands.
Vodafone will further enhance its network infrastructure by using Ericsson 5G Advanced RAN software solutions that employ AI and automation to enable intelligent, real-time network management, improve operational and energy efficiency, deliver superior device and network performance, and create opportunities for new revenue streams through differentiated connectivity services.
By embracing high-performing programmable network architectures, this partnership sets the stage for accelerated innovation and the development of new use cases across Vodafone’s markets. This forward-looking approach will ensure Vodafone’s network infrastructure is fit for the future and adaptable to emerging technologies, solidifying the company’s position as a leader in the global telecommunications landscape.
Posted in Products with tags Ford on October 14, 2025 by itnerd
Over the years I’ve reviewed a lot of vehicles. But I have to admit that this is the most difficult vehicle that I have ever reviewed. Before I get to why it was difficult to review, let’s take a look at the vehicle.
Meet the Ford Expedition. This vehicle is simply huge. And I am not the target audience for it. Why is that? This is for someone who wants a a huge vehicle that carries a lot of people, or stuff, or both. And tows a lot. That’s not me. Sure I could get my wife and I along with both our road bikes in it. But we can do that in an Explorer or even an Escape as well. Thus to properly review this, I need to climb inside the head someone who would use this vehicle for what it is intended to be used for.
This is the King Ranch edition. Which I always thought was a F150 trim level. But clearly not. You see the King Ranch influence everywhere. Including:
The wheels
The interior:
And the door sill plates. There’s more places where you see this influence, but we’d be here all day if I were to point them all out. And for what it’s worth, King Ranch is a real ranch in Texas.
A big vehicle needs a big engine. Right? Well sort of. This Expedition comes with Ford’s 3.5L V6 EcoBoost Engine. It’s mated to a 10 speed automatic transmission. This combo is good for 400 horsepower and 480 pound feet of torque. So while a lot of these body on frame SUVs come with a V8, this one has a V6. And I don’t think that this is a downgrade. Because you can tow 9000 pounds with this setup. And at no point did I feel that I lacked power to merge onto a highway or pass anything. What’s even more impressive is the fact that power is easily modulated with your right foot. The only gripe that I had was that it took me a bit to get used to braking which is able to bring this rather huge SUV to a stop very quickly should the need arise. But I suppose this is a non issue if you daily drive it.
When it comes to fuel economy, it’s not as bad as you might think. The Expedition is rated for 15.4 L/100 KM city, 10.7 L/100 KM highway, and 13.1 L/100 KM combined. I hit 13.1 L/100 KM during my week with the Expedition which was better than I was expecting.
Now this vehicle as I said is huge. And this took me some getting used to as I am coming from an SUV that is much smaller. I will not call it agile, but it had a surprisingly decent turning radius. You can also get it to change lanes in a hurry if needed on the highway without it complaining. Having said that, condo owners like me should take this vehicle off your shopping list as the height of this vehicle is close to the maximum limit of my garage. And parking it in my parking spot was to be frank, comical. I say that because what is normally a 1 minute exercise is 5 minutes with this vehicle as I was taking care to make sure I didn’t hit anything. Thus I spent a lot of time shuffling this vehicle back and forth to get it into my spot without hitting the pillar to my right, or the car to my left. Good thing that it has an array of sensors and cameras to warn you if you are getting too close to an object. That helped immensely. In terms of noise, vibration, and harshness, the Expedition is generally quiet except for tire noise. And while it does bounce if you hit a bump that a bit too big, it wasn’t anywhere near as bouncy as I was expecting it to be.
One other note:
Because this vehicle has about 9″ of ground clearance, this trim level comes with retractable running boards. And if you’re anything shorter than 5′ 5″ tall, you will need them to get in and out of the vehicle.
Tomorrow I’m going to walk you through the interior of the Expedition. But here’s a spoiler alert, it’s on another level.
Posted in Commentary with tags Hacked on October 13, 2025 by itnerd
Comparitech has reportedSimonMed Imaging over the weekend confirmed 1,275,669 people had been affected in its January 2025 data breach, which was claimed by ransomware gang Medusa with a $1 million ransom demand.
Rebecca Moody, Head of Data Research at Comparitech has this comment:
“This attack on SimonMed Imaging becomes the second-largest data breach on a healthcare company this year (via ransomware). Overall, we’ve noted 96 attacks on healthcare providers (worldwide) this year with over 8.7 million records breached across these attacks. The average ransom across these attacks has been $660,000, putting Medusa’s demand of $1 million from SimonMed well above average.
The attack also highlights our recent findings that healthcare providers are facing an increased threat of attacks via the third parties they use to carry out certain services. In the case of SimonMed Imaging, it appears that this attack was successful due to a breach of one of its vendors. With such highly sensitive data on offer, healthcare organizations remain a key target for hackers and even those with the most robust of cybersecurity practices can still find themselves at the center of devastating breaches due to attacks via the third parties they use.”
Ensar Seker, CISO at SOCRadar follows with this comment:
“The SimonMed breach illustrates the perfect storm we often fear in healthcare cybersecurity: a long dwell time, a wide scope of compromised data, and a ransomware group bold enough to publicize both the theft and ransom demand. Attacks like this are not just about health records they compromise full digital identities, from SSNs to login credentials, and create cascading risks of identity theft, insurance fraud, and even social engineering attacks on hospitals or insurers.
What’s especially troubling here is the theft of authentication credentials, which could be weaponized for secondary attacks or network persistence.
This attack isn’t a good one. And I have the feeling that this one will have far reaching effects for some time to come. By that I mean months or even years.
Healthcare organizations remain attractive targets because of their sensitive datasets, complex third-party ecosystems, and historically underfunded cybersecurity operations. Ransomware gangs like Medusa don’t just want to encrypt but they want to extract maximum leverage by exfiltrating and publishing stolen data. This reinforces the urgent need for real-time anomaly detection, segmented architectures, and a zero-trust posture across healthcare networks. It’s also a wake-up call that disclosure timelines must improve; weeks of unauthorized access is far too long in any sector, but in healthcare, it’s catastrophic.”
Salesforce Has News From Dreamforce
Posted in Commentary with tags Salesforce on October 14, 2025 by itnerdAs we kick off the first day of Dreamforce, the world’s largest technology event, Salesforce is unveiling big headlines that will be relevant for Canadian business leaders.
At a time where enterprise AI adoption is accelerating, new data from IDC and Salesforce shows that 67% of Canadian and American CEOs believe implementing AI agents is critical to staying competitive. These advances in agentic AI give Canadian leaders a way to outpace competitors and tackle challenges like low productivity and ongoing trade tensions.
News highlights:
Brands Canadians use daily are already seeing major transformation – from Reddit cutting resolution times from 8.9 minutes to 1.4 minutes (84% reduction) to OpenTable resolving 70% of diner and restaurant inquiries autonomously.
Leave a comment »