supply chain Archives

Tech Optimizer

June 13, 2025

Microsoft Data Loss Prevention (DLP): Tips to Protect Your Business Following the Latest Outage

Microsoft attributed a recent global outage affecting various digital infrastructures to a "CrowdStrike update," which disrupted multiple applications including OneDrive, OneNote, Outlook, PowerBI, Microsoft Teams, and others. Users experienced issues such as synchronization failures and access difficulties. The incident highlights vulnerabilities in supply chains that organizations rely on for managing sensitive data, which can be targeted by cyber threats. Data Loss Prevention (DLP) is a feature within Microsoft Purview designed to protect sensitive information from unauthorized disclosure. DLP policies can monitor user activity and take protective actions like alerting users about inappropriate sharing, blocking sharing attempts, or relocating data to secure locations. DLP can be applied across various platforms, including Office 365 applications and Windows endpoints. The DLP lifecycle includes planning and deployment phases, where organizations assess data to be monitored and ensure policies do not disrupt workflows. Monitoring and reporting tools provide insights into policy matches and incidents, helping organizations refine their DLP efforts. However, DLP has limitations, including false positives, user resistance, and challenges in detecting data leakages through new communication channels.

Tech Optimizer

June 12, 2025

Databricks launches Lakebase Postgres database for AI era

Databricks has launched Lakebase, a fully managed Postgres database designed for AI applications, currently in Public Preview. It integrates an operational database layer into Databricks' Data Intelligence Platform, facilitating the development of data applications and AI agents in a multi-cloud environment. Lakebase uses Neon technology within a lakehouse architecture, allowing for efficient real-time data processing and scalable operations. Key features include independent scaling of compute and storage, low latency under 10 milliseconds, high concurrency over 10,000 queries per second, rapid launch times under a second, and a consumption-based payment model. It also offers data synchronization with lakehouse tables, an online feature store for machine learning, and is managed entirely by Databricks with built-in security features. During its Private Preview, Lakebase attracted participation from hundreds of enterprises across various sectors. It is supported by a partner network including Accenture, Deloitte, and others, and will receive further enhancements in the coming months.

Tech Optimizer

June 9, 2025

Cryptostealing Malware Found in Printer Software Highlights Growing Supply Chain Threat

A cybersecurity incident involving Procolored printers revealed vulnerabilities in everyday hardware, as users may have downloaded malware capable of stealing cryptocurrencies like Bitcoin. Tech content creator Cameron Coward reported an antivirus alert linked to Procolored printer software, prompting an investigation by G Data researchers who found malicious code in installation files on the manufacturer's website. The identified threats included a remote access tool (Win32.Backdoor.XRedRAT.A) and a cryptocurrency wallet stealer (MSIL.Trojan-Stealer.CoinStealer.H). Compromised files were last updated in October 2024 and distributed through official channels. The company initially denied the issue but later removed the downloads from their website in May 2025 and acknowledged the malware might have been introduced via USB transfers. An analysis of an attacker’s wallet showed a total of 9.3 BTC accumulated across 330 transactions before it was emptied. Cybersecurity experts recommend that users conduct antivirus scans and consider reformatting drives and reinstalling operating systems if infections are suspected.

Tech Optimizer

June 4, 2025

Snowflake’s Latest Acquisition Targets $350B Market with Enterprise-Grade Postgres for AI Development

Snowflake intends to acquire Crunchy Data, a provider of open-source Postgres technology, to integrate its enterprise-grade PostgreSQL database into the Snowflake ecosystem. This acquisition, announced at the Snowflake Summit 2025, aims to enhance secure and compliant AI applications for enterprises. Snowflake Postgres will utilize Crunchy Data's technology to provide full Postgres compatibility and support for production applications, particularly in FedRAMP-compliant environments. The integration is expected to simplify the development and scaling of AI applications and is set to enter private preview soon. The acquisition is subject to regulatory approvals and customary closing conditions.

Tech Optimizer

June 4, 2025

Snowflake Acquisition Expands Postgres Capabilities Of Its AI Data Cloud

Snowflake is acquiring Crunchy Data, a provider of open-source PostgreSQL technology, to enhance its PostgreSQL database services and bolster its AI Data Cloud platform with the introduction of Snowflake Postgres. This acquisition will provide developers with full PostgreSQL capabilities integrated with governance, security, and operational standards for AI applications. Crunchy Data, founded in 2012, offers products like Crunchy Bridge and has a focus on security and compliance, making it a trusted choice for enterprises. Snowflake plans to integrate Crunchy Data's technology into its offerings, streamlining the lifecycle of enterprise PostgreSQL workloads. The acquisition is estimated to be around 0 million and is pending regulatory approvals. Snowflake aims to support Crunchy Data's existing customers and strengthen ties with the Postgres community.

Tech Optimizer

June 4, 2025

Snowflake to acquire Crunchy Data to enhance Postgres for AI

Snowflake plans to acquire Crunchy Data, a provider of open-source Postgres technology, to enhance its AI Data Cloud with a new database platform called Snowflake Postgres. This platform will offer PostgreSQL compatibility while ensuring governance, security, and operational standards for enterprise-grade AI applications. The demand for secure, enterprise-ready PostgreSQL solutions has increased, and the integration of Crunchy Data is expected to meet these needs, particularly in regulated environments like FedRAMP. PostgreSQL is widely adopted, with 49% of developers using it, and Snowflake's Postgres offering aims to streamline the development and scaling of AI applications. Crunchy Data will bring features such as access to performance metrics, scalable architecture, and a user-friendly interface. Organizations using PostgreSQL, including Snowflake partners like Blue Yonder and LandingAI, are expected to benefit from improved development and operational efficiency. Snowflake will support Crunchy Data's existing customers post-acquisition and engage with the PostgreSQL community. Snowflake Postgres will be available in private preview, pending regulatory approvals.

Tech Optimizer

June 4, 2025

Snowflake Buying Crunchy Data To Help Enterprises Deploy Compliant AI Agents

Snowflake plans to acquire Crunchy Data, a provider of open-source Postgres technology, to integrate Snowflake Postgres into its AI Data Cloud. This acquisition aims to offer an enterprise-grade, AI-ready PostgreSQL database with strong governance and security for mission-critical AI applications. Snowflake Postgres will be fully compatible with production applications, enhancing capabilities within the AI Data Cloud by leveraging Crunchy Data’s reputation for enterprise readiness in FedRAMP-compliant environments. PostgreSQL is favored by 49% of developers, and Snowflake Postgres will simplify building, deploying, and scaling production-ready AI applications. Customers like Blue Yonder and LandingAI will benefit from accelerated operations and enhanced efficiency through this integration. Snowflake aims to support the Postgres community and existing Crunchy Data customers, unifying transactional and analytical data within a single database. Key stakeholders from both companies express confidence in the acquisition's potential to enhance security and operational capabilities for enterprise organizations.

Tech Optimizer

June 3, 2025

Misspell one word and you’re infected: New malware campaign fools developers on both Windows and Linux

Cybersecurity experts have highlighted the risks of typosquatting, where developers accidentally download malicious packages due to typographical errors. A report from Checkmarx reveals that attackers exploit this trust by creating counterfeit packages that can grant unauthorized access to systems. Malicious packages have been found in the Python Package Index (PyPI) and can enable remote control, posing serious threats to system integrity. Attackers employ a cross-platform strategy, mixing names from different programming environments to target unsuspecting users. On Windows, malware can create scheduled tasks and disable antivirus protections, while on Linux, certain packages facilitate encrypted reverse shells for data exfiltration. Although the malicious packages have been removed, the threat remains, prompting developers to verify package sources and spellings. Checkmarx recommends organizations conduct audits of deployed packages and scrutinize application code to enhance security.

Tech Optimizer

May 29, 2025

Sophos warns MSPs over DragonForce threat

Sophos has warned managed service providers (MSPs) about their vulnerability to ransomware attacks targeting remote monitoring and management (RMM) tools. They reported a ransomware incident involving DragonForce, where attackers accessed the SimpleHelp RMM to deploy ransomware across multiple endpoints and exfiltrate sensitive data using a double extortion strategy. An alert was triggered by a suspicious SimpleHelp installer file pushed through the MSP's legitimate RMM instance. MSPs utilizing Sophos's managed detection and response (MDR) services successfully prevented hacker access, while those without security investments were impacted by the ransomware and data exfiltration. Following the incident, the affected MSP sought help from Sophos Rapid Response for digital forensics. Mark Appleton from Also Cloud UK stressed the importance of MSPs investing in advanced exposure management tools to mitigate cyber threats, noting that endpoints are primary targets for breaches. He highlighted the significance of continuous threat exposure management as essential for MSPs to protect themselves and their clients from attacks.

AppWizard

May 27, 2025

What brands can learn from Minecraft’s Chicken Jockey

Brands are increasingly required to engage with customers in digital spaces, with platforms like Roblox attracting 90 million daily active users. 56% of Gen Z prioritize styling their avatars over their own appearance, highlighting the need for brands to adapt to virtual environments. The gaming sector provides opportunities for product testing using digital twin technology, allowing brands to simulate scenarios and analyze data for trend forecasting. Retailers like Temu, Shein, and TikTok are rapidly creating products in response to trends, necessitating a shift from traditional six-month development cycles to real-time supply chains. Demand spikes can arise from various sources, and without a robust Order Management System (OMS), businesses risk losing sales. Accurate, real-time inventory visibility is crucial for managing demand spikes and anticipating future needs. Nike has launched Nikeland on Roblox for product testing and consumer engagement, while Snapchat offers AR features for virtual try-ons, allowing brands to gauge interest before physical launches. The intersection of gaming and commerce presents unique opportunities for innovative consumer engagement.