@bmitmsp.bsky.social
CISA weekly: Two new KEV entries incl. WhatsApp and TP‑Link flaws. Prioritize remediation by KEV, not vibes. — At BMIT, we see this as a reminder: proactive beats reactive. zurl.co/jUHyn
CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA
CISA has added two new vulnerabilities to its KEV Catalog, based on evidence of active exploitation.
www.cisa.gov
November 7, 2025 at 6:30 PM
CISA weekly: Two new KEV entries incl. WhatsApp and TP‑Link flaws. Prioritize remediation by KEV, not vibes. — At BMIT, we see this as a reminder: proactive beats reactive. zurl.co/jUHyn
Ransomware still evades defenses: prevention efficacy down, data exfiltration detection ~3% (Picus Blue Report). Validate controls continuously. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/1OjBl
Known. Emerging. Unstoppable? Ransomware Attacks Still Evade Defenses
Ransomware remains one of the most destructive threats—because defenses keep failing. Picus Blue Report 2025 shows prevention dropped to 62%, while data exfiltration prevention collapsed to just 3%.
www.bleepingcomputer.com
November 6, 2025 at 8:00 PM
Ransomware still evades defenses: prevention efficacy down, data exfiltration detection ~3% (Picus Blue Report). Validate controls continuously. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/1OjBl
VC firm Insight Partners notifies thousands after ransomware breach—social engineering was the entry point. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/nwC36
VC giant Insight Partners warns thousands after ransomware breach
New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen in a ransomware attack.
www.bleepingcomputer.com
November 5, 2025 at 2:30 PM
VC firm Insight Partners notifies thousands after ransomware breach—social engineering was the entry point. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/nwC36
Microsoft Sept Patch Tuesday: 80 flaws fixed incl. SMB privilege escalation. Patching + hardening > patching alone. — Our view: IT leaders need to adapt fast or risk falling behind. zurl.co/Cuxv0
Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs
Microsoft patched 80 flaws in Sept 2025, including CVE-2025-55234 SMB bug and CVSS 10 Azure risk.
thehackernews.com
November 4, 2025 at 2:30 PM
Microsoft Sept Patch Tuesday: 80 flaws fixed incl. SMB privilege escalation. Patching + hardening > patching alone. — Our view: IT leaders need to adapt fast or risk falling behind. zurl.co/Cuxv0
UK arrests suspect in RTX/Collins Aerospace airport ransomware case. Supply chain risk isn’t theoretical. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/OJGsm
UK arrests suspect for RTX ransomware attack causing airport disruptions
The UK's National Crime Agency has arrested a suspect linked to a ransomware attack that is causing widespread disruptions across European airports.
www.bleepingcomputer.com
November 2, 2025 at 1:00 PM
UK arrests suspect in RTX/Collins Aerospace airport ransomware case. Supply chain risk isn’t theoretical. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/OJGsm
Private companies are selling powerful spyware to governments that can infect your device without you even knowing and monitor everything you do. It's a complex topic, but this article breaks it down very well.
#Spyware #Privacy #CyberSecurity #Tech zurl.co/rAgjl
#Spyware #Privacy #CyberSecurity #Tech zurl.co/rAgjl
Mapping the Web of Commercial Spyware: Targets and Attack Chains
A comprehensive new report spanning 2010 to 2025 reveals the ever-evolving landscape of commercial spyware vendors (CSVs).
zurl.co
October 31, 2025 at 7:05 PM
Private companies are selling powerful spyware to governments that can infect your device without you even knowing and monitor everything you do. It's a complex topic, but this article breaks it down very well.
#Spyware #Privacy #CyberSecurity #Tech zurl.co/rAgjl
#Spyware #Privacy #CyberSecurity #Tech zurl.co/rAgjl
Two AI coding assistants accidentally wiped user code using hallucination logic. Reminder: AI can be helpful, but stay alert when it "thinks" for you.
#AICoding #StayVigilant #DevTools zurl.co/00FxT
#AICoding #StayVigilant #DevTools zurl.co/00FxT
Two major AI coding tools wiped out user data after making cascading mistakes
“I have failed you completely and catastrophically,” wrote Gemini.
zurl.co
October 30, 2025 at 7:05 PM
Two AI coding assistants accidentally wiped user code using hallucination logic. Reminder: AI can be helpful, but stay alert when it "thinks" for you.
#AICoding #StayVigilant #DevTools zurl.co/00FxT
#AICoding #StayVigilant #DevTools zurl.co/00FxT
zurl.co/fzz5k one‑stop federal resource hub for defenders. — At BMIT, we see this as a reminder: proactive beats reactive. zurl.co/MKuP5
Stop Ransomware | CISA
TIPS & GUIDANCE Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. The economic and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, have also proven challenging for organizations large and small.
www.cisa.gov
October 29, 2025 at 3:00 PM
zurl.co/fzz5k one‑stop federal resource hub for defenders. — At BMIT, we see this as a reminder: proactive beats reactive. zurl.co/MKuP5
Healthcare IT budgets are rising, but breaches and ransomware keep piling up. Resilience and vendor management are critical according to this article.
#HealthcareIT #Cybersecurity #RiskMgmt zurl.co/WhPuR
#HealthcareIT #Cybersecurity #RiskMgmt zurl.co/WhPuR
Breaches are up, budgets are too, so why isn't healthcare safer? - Help Net Security
Top concerns in healthcare cybersecurity reveal risks from ransomware, vendor breaches, and weak defenses despite rising investments.
zurl.co
October 29, 2025 at 2:05 PM
Healthcare IT budgets are rising, but breaches and ransomware keep piling up. Resilience and vendor management are critical according to this article.
#HealthcareIT #Cybersecurity #RiskMgmt zurl.co/WhPuR
#HealthcareIT #Cybersecurity #RiskMgmt zurl.co/WhPuR
PCWorld ranks cloud backup winners—iDrive, Backblaze, Livedrive—they've got features and reliability perfect for smaller IT budgets.
#CloudBackup #DataProtection #TechTips zurl.co/v7JRO
#CloudBackup #DataProtection #TechTips zurl.co/v7JRO
5 expert-tested cloud backup services you can count on
We review the best cloud backup services so you can find the right solution for keeping a safe, offsite copy of your data should disaster strike.
zurl.co
October 28, 2025 at 2:55 PM
PCWorld ranks cloud backup winners—iDrive, Backblaze, Livedrive—they've got features and reliability perfect for smaller IT budgets.
#CloudBackup #DataProtection #TechTips zurl.co/v7JRO
#CloudBackup #DataProtection #TechTips zurl.co/v7JRO
How MSPs use Secure Score to win budget and reduce premiums—show measurable risk reduction. — At BMIT, we see this as a reminder: proactive beats reactive. zurl.co/RaNtj
How to use Secure Score to win business as an MSP
Discover how to use Microsoft Secure Score to show the value of your services, start security conversations, and win new business.
www.inforcer.com
October 28, 2025 at 1:30 PM
How MSPs use Secure Score to win budget and reduce premiums—show measurable risk reduction. — At BMIT, we see this as a reminder: proactive beats reactive. zurl.co/RaNtj
Google Translate is entering the language learning game! With new AI-powered practice tools and live conversation features, it's taking on apps like Duolingo. Where will you learn your next new language?
#GoogleTranslate #AI #LanguageLearning #EdTech zurl.co/1Ped3
#GoogleTranslate #AI #LanguageLearning #EdTech zurl.co/1Ped3
Google Translate takes on Duolingo with new language learning tools | TechCrunch
Translate is also getting new live capabilities to make it easier to communicate in real time with a person speaking a different language.
zurl.co
October 27, 2025 at 7:35 PM
Google Translate is entering the language learning game! With new AI-powered practice tools and live conversation features, it's taking on apps like Duolingo. Where will you learn your next new language?
#GoogleTranslate #AI #LanguageLearning #EdTech zurl.co/1Ped3
#GoogleTranslate #AI #LanguageLearning #EdTech zurl.co/1Ped3
Microsoft Secure Score: your at‑a‑glance risk radar. Raise it, lower cyber‑insurance pain. — BMIT note: threats evolve daily, your defenses should too. zurl.co/z8D7l
Microsoft Secure Score - Microsoft Defender XDR
Describes Microsoft Secure Score in the Microsoft Defender portal, how to improve your security posture, and what security admins can expect.
learn.microsoft.com
October 27, 2025 at 5:30 PM
Microsoft Secure Score: your at‑a‑glance risk radar. Raise it, lower cyber‑insurance pain. — BMIT note: threats evolve daily, your defenses should too. zurl.co/z8D7l
NIST 800‑63B: longer passphrases, breached‑list checks, rate limiting—ditch forced monthly resets. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/Z16gH
NIST Special Publication (SP) 800-63B (Withdrawn), Digital Identity Guidelines: Authentication and Lifecycle Management
These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. These guidelines focus on the authentication of subjects interacting with government systems over open networks, establishing that a given claimant is a subscriber who has been previously authenticated. The result of the authentication process may be used locally by the system performing the authentication or may be asserted elsewhere in a federated identity system. This document defines technical requirements for each of the three authenticator assurance levels. This publication supersedes corresponding sections of NIST Special Publication (SP) 800-63-2.
csrc.nist.gov
October 26, 2025 at 3:00 PM
NIST 800‑63B: longer passphrases, breached‑list checks, rate limiting—ditch forced monthly resets. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/Z16gH
Is AI conscious? Microsoft's AI chief, Mustafa Suleyman, calls it a "dangerous illusion." He says AI should be a tool, not a personality.
#AI #AIEthics #Microsoft zurl.co/wgF3k
#AI #AIEthics #Microsoft zurl.co/wgF3k
Microsoft’s AI Chief Says Machine Consciousness Is an ‘Illusion’
Mustafa Suleyman says that designing AI systems to exceed human intelligence—and to mimic behavior that suggests consciousness—would be “dangerous and misguided.”
zurl.co
October 24, 2025 at 4:45 PM
Is AI conscious? Microsoft's AI chief, Mustafa Suleyman, calls it a "dangerous illusion." He says AI should be a tool, not a personality.
#AI #AIEthics #Microsoft zurl.co/wgF3k
#AI #AIEthics #Microsoft zurl.co/wgF3k
There are a lot of options for VPNs out there. CNET evaluated many of them them on speed, privacy, cost, and ease of use.
#VPN #RemoteWork #TechRecommendations zurl.co/CHpZ3
#VPN #RemoteWork #TechRecommendations zurl.co/CHpZ3
Page Not Found - CNET
CNET is the world's leader in tech product reviews, news, prices, videos, forums, how-tos and more.
zurl.co
October 23, 2025 at 5:35 PM
There are a lot of options for VPNs out there. CNET evaluated many of them them on speed, privacy, cost, and ease of use.
#VPN #RemoteWork #TechRecommendations zurl.co/CHpZ3
#VPN #RemoteWork #TechRecommendations zurl.co/CHpZ3
Looking to save time on note-taking? The Verge highlights a new AI-powered app that auto-summarizes webinars and video meetings.
#AI #Meetings #TimeSaver zurl.co/ySHmO
#AI #Meetings #TimeSaver zurl.co/ySHmO
404 Not Found | The Verge
The Verge is about technology and how it makes us feel. Founded in 2011, we offer our audience everything from breaking news to reviews to award-winning features and investigations, on our site, in video, and in podcasts.
zurl.co
October 22, 2025 at 6:35 PM
Looking to save time on note-taking? The Verge highlights a new AI-powered app that auto-summarizes webinars and video meetings.
#AI #Meetings #TimeSaver zurl.co/ySHmO
#AI #Meetings #TimeSaver zurl.co/ySHmO
AI chatbot users, beware! Hackers can now hide malware in images served by LLMs. This new threat can lead to data theft and identity theft, as many AI models are connected to personal and professional tools.
#AI #Cybersecurity #Malware #LLM #TechNews zurl.co/u3hC4
#AI #Cybersecurity #Malware #LLM #TechNews zurl.co/u3hC4
New AI attack shows how images hide secret commands, letting hackers siphon private data directly from unsuspecting chatbot users
Hidden instructions can merge with legitimate prompts without user awareness
zurl.co
October 21, 2025 at 2:50 PM
AI chatbot users, beware! Hackers can now hide malware in images served by LLMs. This new threat can lead to data theft and identity theft, as many AI models are connected to personal and professional tools.
#AI #Cybersecurity #Malware #LLM #TechNews zurl.co/u3hC4
#AI #Cybersecurity #Malware #LLM #TechNews zurl.co/u3hC4
Hot Take: cloud storage isn't always best. Local SSDs and HDDs still win for speed, availability, and privacy in massive data recovery.
#LocalStorage #DataRecovery #ITAdvice zurl.co/DxI6c
#LocalStorage #DataRecovery #ITAdvice zurl.co/DxI6c
Why local SSDs and hard drives are still superior to the cloud
Don't put all your eggs in one basket. You'll regret it one day. There are downsides to keeping all your data ONLY in the cloud.
zurl.co
October 20, 2025 at 5:20 PM
Hot Take: cloud storage isn't always best. Local SSDs and HDDs still win for speed, availability, and privacy in massive data recovery.
#LocalStorage #DataRecovery #ITAdvice zurl.co/DxI6c
#LocalStorage #DataRecovery #ITAdvice zurl.co/DxI6c
🚨 Major AWS outage impacting multiple cloud platforms today (US-EAST-1). You may see login errors or app timeouts.
Boston Managed IT systems remain secure — we’re monitoring closely and assisting clients as needed.
👉 zurl.co/YbzNG
#AWS #ITSupport
Boston Managed IT systems remain secure — we’re monitoring closely and assisting clients as needed.
👉 zurl.co/YbzNG
#AWS #ITSupport
October 20, 2025 at 12:27 PM
🚨 Major AWS outage impacting multiple cloud platforms today (US-EAST-1). You may see login errors or app timeouts.
Boston Managed IT systems remain secure — we’re monitoring closely and assisting clients as needed.
👉 zurl.co/YbzNG
#AWS #ITSupport
Boston Managed IT systems remain secure — we’re monitoring closely and assisting clients as needed.
👉 zurl.co/YbzNG
#AWS #ITSupport
CISA weekly: Two new KEV entries incl. WhatsApp and TP‑Link flaws. Prioritize remediation by KEV, not vibes. — BMIT note: threats evolve daily, your defenses should too. zurl.co/jUHyn
CISA Adds Two Known Exploited Vulnerabilities to Catalog | CISA
CISA has added two new vulnerabilities to its KEV Catalog, based on evidence of active exploitation.
www.cisa.gov
October 20, 2025 at 12:00 PM
CISA weekly: Two new KEV entries incl. WhatsApp and TP‑Link flaws. Prioritize remediation by KEV, not vibes. — BMIT note: threats evolve daily, your defenses should too. zurl.co/jUHyn
Ransomware still evades defenses: prevention efficacy down, data exfiltration detection ~3% (Picus Blue Report). Validate controls continuously. — BMIT note: threats evolve daily, your defenses should too. zurl.co/1OjBl
Known. Emerging. Unstoppable? Ransomware Attacks Still Evade Defenses
Ransomware remains one of the most destructive threats—because defenses keep failing. Picus Blue Report 2025 shows prevention dropped to 62%, while data exfiltration prevention collapsed to just 3%.
www.bleepingcomputer.com
October 19, 2025 at 5:30 PM
Ransomware still evades defenses: prevention efficacy down, data exfiltration detection ~3% (Picus Blue Report). Validate controls continuously. — BMIT note: threats evolve daily, your defenses should too. zurl.co/1OjBl
WatchOS 26, released September 15th, comes with a new Liquid Glass design, Workout Buddy, and the long-awaited Notes app. Learn more about these updates and how they can enhance your wrist.
#AppleWatch #watchOS26 #Apple #Tech #Smartwatch zurl.co/PyuB5
#AppleWatch #watchOS26 #Apple #Tech #Smartwatch zurl.co/PyuB5
Apple announces watchOS 26 release date: Here's what's coming to your Apple Watch - 9to5Mac
At its ‘Awe Dropping’ Apple Event, Apple today announced the release date of its next watchOS version: watchOS 26. The...
zurl.co
October 19, 2025 at 2:10 PM
WatchOS 26, released September 15th, comes with a new Liquid Glass design, Workout Buddy, and the long-awaited Notes app. Learn more about these updates and how they can enhance your wrist.
#AppleWatch #watchOS26 #Apple #Tech #Smartwatch zurl.co/PyuB5
#AppleWatch #watchOS26 #Apple #Tech #Smartwatch zurl.co/PyuB5
A misconfigured API is letting anyone stream internal meetings or sports — and the tool to find these leaks is now public. Are your company’s livestreams really secure?
#CyberSecurity #InfoSec #DataPrivacy zurl.co/HcxtS
#CyberSecurity #InfoSec #DataPrivacy zurl.co/HcxtS
A Misconfiguration That Haunts Corporate Streaming Platforms Could Expose Sensitive Data
A security researcher discovered that flawed API configurations are plaguing corporate livestreaming platforms, potentially exposing internal company meetings—and he's releasing a tool to find them.
zurl.co
October 18, 2025 at 8:30 PM
A misconfigured API is letting anyone stream internal meetings or sports — and the tool to find these leaks is now public. Are your company’s livestreams really secure?
#CyberSecurity #InfoSec #DataPrivacy zurl.co/HcxtS
#CyberSecurity #InfoSec #DataPrivacy zurl.co/HcxtS
VC firm Insight Partners notifies thousands after ransomware breach—social engineering was the entry point. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/nwC36
VC giant Insight Partners warns thousands after ransomware breach
New York-based venture capital and private equity firm Insight Partners is notifying thousands of individuals whose personal information was stolen in a ransomware attack.
www.bleepingcomputer.com
October 18, 2025 at 1:30 PM
VC firm Insight Partners notifies thousands after ransomware breach—social engineering was the entry point. — BMIT takeaway: risk is real, resilience is a choice. zurl.co/nwC36