A significant data exposure has revealed hundreds of thousands of private user conversations with Elon Musk’s AI chatbot, Grok, in public search engine results.
The incident, stemming from the platform’s “share” feature, has made sensitive user data freely accessible online, seemingly without the knowledge or explicit consent of the users involved.
The exposure was discovered when it became clear that using Grok’s share button did more than just generate a link for a specific recipient. It created a publicly accessible and indexable URL for the conversation transcript.
Consequently, search engines like Google crawled and indexed this content, making private chats searchable by anyone. A Google search on Thursday confirmed the scale of the issue, revealing nearly 300,000 indexed Grok conversations, with some reports from tech publications placing the number even higher, at over 370,000.
An analysis of the exposed chats highlights the severity of the privacy breach. Transcripts seen by the BBC and other outlets included users asking Grok for deeply personal or sensitive information. Examples ranged from creating secure passwords and detailed medical inquiries to developing weight-loss meal plans.
Through the CybersecurityNews team’s analysis using Google Dork Queries, we were able to identify multiple pages with the query site:https://x.com/i/grok?conversation=.
Grok Conversation on Google Search (Source: cybersecuritynews.com)
The data also revealed users testing the chatbot’s ethical boundaries, with one indexed chat containing detailed instructions on how to manufacture a Class A drug. While user account details may be anonymized, the content of the prompts themselves can easily contain personally identifiable or highly sensitive information.
Grok Conversation on Google Search (Source: cybersecuritynews.com)
This incident is not an isolated case in the rapidly evolving AI landscape. OpenAI, the creator of ChatGPT, recently reversed an experiment that also resulted in shared conversations appearing in search results.
Similarly, Meta faced criticism earlier this year after its Meta AI chatbot’s shared conversations were aggregated into a public “discover” feed. These repeated events underscore a troubling pattern of prioritizing feature deployment over user privacy.
Experts are sounding the alarm, describing the situation as a critical failure in data protection. “AI chatbots are a privacy disaster in progress,” Professor Luc Rocher of the Oxford Internet Institute told the BBC, warning that leaked conversations containing sensitive health, business, or personal details will remain online permanently.
The core of the issue lies in the lack of transparency. Dr. Carissa Véliz, an associate professor at Oxford’s Institute for Ethics in AI, emphasized that users were not adequately informed that sharing a chat would make it public. “Our technology doesn’t even tell us what it’s doing with our data, and that’s a problem,” she stated.
As of this report, X, the parent company of Grok, has not issued a public comment on the matter.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
Microsoft is investigating a significant service incident within Exchange Online, identified as EX1137017, which is preventing some users from sending or receiving emails through the Outlook mobile application.
The issue, which remains ongoing, specifically impacts customers utilizing Hybrid Modern Authentication (HMA), a common configuration for organizations that integrate on-premises Exchange servers with Exchange Online.
The disruption has left affected mobile users unable to access new messages or send outbound mail from their devices, causing considerable communication delays for those reliant on mobile access. The outage stems from a flawed build update recently pushed to the production environment.
According to Microsoft’s preliminary root cause analysis, the new build introduced a critical bug. When the system encounters a typical, temporary network failure an event usually handled gracefully it now generates an unexpected exception for a subset of users.
This exception improperly triggers a quarantine state for the mail synchronization job. As a result, the process responsible for syncing both inbound and outbound mail is suspended for a full 12-hour interval, effectively halting email flow to the user’s mobile app.
Microsoft’s engineering teams have identified the cause and developed a fix. As of their last update on Friday, August 22, 2025, at 8:50 AM, the deployment of this fix was in progress across the affected infrastructure.
The company stated it is actively monitoring the deployment’s saturation to ensure it resolves the issue without introducing further complications. However, a definitive timeline for full resolution has not yet been provided.
The scope of the impact is limited to some users on the Outlook mobile app within a hybrid environment. Desktop and web versions of Outlook do not appear to be affected by this specific incident.
This distinction highlights the mobile-centric nature of the bug, which targets the mail sync mechanism essential for on-the-go device connectivity.
Administrators and affected users are advised to monitor the Microsoft 365 Service Health Dashboard for updates regarding EX1137017.
Microsoft has committed to providing its next major update on the situation by Monday, August 25, 2025, at 9:00 PM UTC, by which time they hope to have more clarity on the deployment’s progress and a timeline for complete service restoration.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
A network monitoring tool is software or hardware that helps businesses monitor their computer networks and learn more about their security, health, and performance.
These tools record and examine network traffic, monitor network hardware, and give users immediate access to information on bandwidth usage, latency, packet loss, and other crucial network parameters.
Network monitoring tools assist administrators in spotting and resolving network problems, maximizing network resources, guaranteeing network uptime, and proactively spotting and addressing security risks.
These technologies enable enterprises to maintain a stable and secure network infrastructure by offering valuable insights for successful network management through alerting, reporting, and visualization features.
Classifications In Network Monitoring
Network monitoring can be classified into different categories based on various aspects. Here are some standard classifications in Network Monitoring:
Passive vs. Active Monitoring: Passive monitoring includes collecting and examining network traffic without purposefully creating test traffic.
In-Band vs. Out-of-Band Monitoring: In-band monitoring monitors network traffic on the same data stream as the actual network traffic.
Centralized vs. Distributed Monitoring: During centralized monitoring, monitoring information from several network devices and locations is combined into one system.
End-to-End Monitoring: End-to-end monitoring involves monitoring the entire path of network traffic from the source to the destination
Layer-Specific Monitoring: Monitoring of specific network layers, such as Layer 2 (Data Link), Layer 3 (Network), Layer 4 (Transport), or Layer 7 (Application), is the subject of layer-specific monitoring.
Flow-Based Monitoring: Flow-based monitoring involves analyzing network flow data, which provides aggregated information about network connections and their characteristics.
Categories Of Network Monitoring
Network monitoring can be categorized into four main categories based on the focus and scope of monitoring:
Performance Monitoring: The main goals of performance monitoring are measuring and analyzing the performance of network components and services.
Security Monitoring: Security risks and network vulnerabilities are found and addressed in security monitoring.
Fault Monitoring: Finding and diagnosing network problems and irregularities are the main goals of fault monitoring.
Availability Monitoring: The continual accessibility and availability of network services and resources are guaranteed through availability monitoring.
How To Use Network Monitoring Tool
Using a Network Monitoring Tool typically involves the following steps:
Identify Monitoring Requirements: Determine your specific monitoring requirements, such as the metrics you want to track, the devices and services you need to monitor, and the desired level of visibility into your network.
Select a Network Monitoring Tool: Research one that aligns with your monitoring requirements, budget, and network infrastructure.
Install and Configure the Tool: Install the program on a dedicated monitoring server or virtual machine by following the installation instructions. Set up the tool to connect to the services and devices on your network.
Monitor Network Performance: Once the tool is configured, it will collect data from the network devices and services you defined.
Analyze and Troubleshoot Network Issues: Use the monitoring tool’s reporting and analysis tools to learn more about network patterns, past performance information, and potential bottlenecks.
Regularly Review and Fine-Tune Monitoring: Review and adjust your network monitoring arrangement frequently.
Best Network Monitoring Tools
Nagios: Offers comprehensive network and system monitoring with real-time alerts, customizable plugins, and a powerful dashboard for visualizing network performance and health.
Wireshark: A widely-used network protocol analyzer that captures and displays data traffic, helping diagnose network issues and analyze packets in real time.
Paessler PRTG: An all-in-one network monitoring solution offering real-time monitoring, customizable dashboards, and automated alerts for network traffic, applications, and servers.
Zabbix: An open-source monitoring tool providing real-time network, server, and application monitoring with powerful visualization and alerting features.
SolarWinds: Provides a comprehensive suite of network monitoring tools, including real-time traffic analysis, performance metrics, and automated alerts for network devices and applications.
WhatsUp Gold: Network monitoring solution offering real-time network mapping, performance monitoring, and customizable alerts for proactive network management.
Icinga: Open-source monitoring platform that provides real-time network monitoring, alerting, and reporting with support for various plugins and extensions.
ManageEngine: Integrated IT management solution offering network, server, and application monitoring with real-time alerts, dashboards, and reporting.
Cacti: An open-source graphing solution that leverages RRDTool to store data and create customizable graphs for network performance monitoring.
LogicMonitor: Cloud-based monitoring platform providing automated discovery, real-time network monitoring, and customizable dashboards for performance and alerts.
NetFlow: This protocol collects and analyzes network traffic data, helping with bandwidth monitoring, traffic analysis, and troubleshooting.
Pandora FMS: Flexible monitoring tool providing real-time monitoring and alerting for networks, servers, and applications, with customizable dashboards and reporting.
Datadog: Comprehensive monitoring and analytics platform for infrastructure, applications, and logs, offering real-time insights and alerting.
Auvik Networks: Cloud-based network monitoring and management tool with automated network mapping, real-time monitoring, and alerting for network performance.
OpenNMS: Open-source network management platform offering monitoring, event management, and performance measurement focusing on scalability and flexibility.
Microsoft Network Monitor: Network protocol analyzer for capturing and analyzing network traffic, useful for diagnosing network issues and troubleshooting.
Zenoss: An IT monitoring platform that provides real-time monitoring and analytics for network, server, and application performance.
ThousandEyes: Network intelligence platform offering real-time visibility into network performance, outages, and internet health, with detailed path analysis.
Simple Network Management Protocol (SNMP): This protocol is for network management, monitoring, collecting, and organizing information about managed devices on IP networks.
Atera: IT management platform combining remote monitoring and management, network monitoring, and helpdesk capabilities in one solution.
1. System and network resource monitoring 2. Notifications and alerts for difficulties and outages 3. Monitoring performance and availability 4. Monitoring and management are centralized.
Comprehensive monitoring with customizable alerts and plugins.
1. VoIP troubleshooting and analysis 2. To rebuild sessions, follow the TCP stream. 3. Manipulation and injection of live packets 4. Bluetooth and Wi-Fi packet analysis
Network protocol analyzer for deep packet inspection.
1. Storage and analysis of historical data 2. Custom script and sensor development 3. Connection to other systems and tools 4. Role-based access management for users is monitored via a mobile app.
All-in-one monitoring with flexible sensor-based licensing.
1. Custom script monitoring is supported. 2. Access control and user authentication 3. Connection to other systems and tools 4. APIs for straightforward integration and automation
Open-source, enterprise-level monitoring with real-time alerting.
1. Monitoring of cloud infrastructure 2. Monitoring the performance of an application 3. Management and analysis of logs 4. Notifications and alerts in real-time
Robust network monitoring with detailed performance analytics.
1. Dashboards and reporting that can be customized 2. Connection to other systems and tools 3. User access control based on role 4. Remote monitoring through a mobile app
User-friendly network monitoring with interactive network mapping.
1. Connection to other systems and tools 2. Automation and configuration management 3. Web-based administration interface 4. RESTful API enabling programmatic access, pushed by the community and open-source.
Scalable monitoring with strong alerting and visualization.
1. Web-based administration interface 2. Device and interface identification 3. Connection to other systems and tools 4. Architecture that is scalable and dispersed
Powerful graphing solution for network performance data.
1. Connection to other systems and tools 2. User access control based on role 3. Architecture that is scalable and dispersed 4. Automation and integration API
Cloud-based infrastructure monitoring with automated discovery.
1. Connection to network monitoring tools 2. Optimization of resources and capacity planning 3. Diagnostics and troubleshooting 4. Export and storage of flow data
Traffic analysis and bandwidth monitoring using NetFlow data.
1. Monitoring of networks and infrastructure 2. Monitoring the performance of an application 3. Management of events and logs 4. Dashboards and reports that can be customized
Flexible, scalable monitoring with customizable dashboards.
1. Monitoring of cloud infrastructure 2. Monitoring the performance of an application 3. Management and analysis of logs 4. Notifications and alerts in real time
Cloud-native monitoring with detailed metrics and visualization.
1. Visibility of network infrastructure 2. Discovery and mapping of network devices 3. Network monitoring in real time 4. Traffic analysis and bandwidth utilization
Automated network discovery and detailed topology mapping.
1. Visibility of network infrastructure 2. Discovery and mapping of network devices 3. Network monitoring in real time 4. Traffic analysis and bandwidth utilization
Open-source network management platform with extensive features.
1. Monitoring and control of networks 2. Detection and correction of flaws 3. Performance evaluation and analysis 4. Event and alarm management Monitoring of service level agreements (SLAs)
Unified monitoring with real-time performance and health insights.
1. Benchmarking and comparing performance 2. Integrations with other tools via API 3. Storage and analysis of historical data 4. Collaboration tools for troubleshooting
Internet and cloud intelligence platform for monitoring.
1. MIB (Management Information Base) support for SNMP traps for proactive monitoring 2. Architecture that is extensible and scalable 3. Network monitoring and troubleshooting that is effective
1. Integration of customer relationship management (CRM) systems and tools 2. Management on the go using a mobile app 3. Capabilities for billing and invoicing 4. Documentation and a knowledge base
Integrated RMM platform with real-time monitoring and IT automation.
Starts at $79/month
Yes
1. Nagios
Nagios
Nagios is an open-source network monitoring tool that provides comprehensive monitoring and alerting for servers, switches, applications, and services, helping organizations ensure system availability and performance.
It offers customizable alerts and notifications, enabling administrators to proactively address potential issues before they affect system performance or availability, ensuring minimal downtime.
Nagios supports many plugins, allowing users to extend functionality and integrate with other IT management tools. This versatility makes it versatile for various monitoring needs.
The tool provides detailed reporting and visualization capabilities, helping users gain insights into network performance, track historical data, and make informed infrastructure planning and optimization decisions.
Why Do We Recommend It?
Storage and analysis of historical data
Capabilities for reporting and visualizing
Scalability is achieved by distributed monitoring.
Wireshark is an open-source network protocol analyzer that allows users to capture and interactively browse the traffic running on a computer network, making it an essential tool for network troubleshooting.
The tool supports deep inspection of hundreds of protocols, live capture, and offline analysis, providing detailed visibility into network communications and helping identify network issues and security threats.
Wireshark offers powerful filtering and search capabilities, enabling users to narrow down captured data to specific packets or traffic types, which is crucial for diagnosing and resolving particular network problems.
It is widely used in network administration, cybersecurity, and education. It offers a user-friendly interface and comprehensive documentation, making it accessible to beginners and experienced professionals.
Why Do We Recommend It?
Display and preferences can be customized.
Follow the TCP stream for VoIP session reconstruction and troubleshooting.
Paessler PRTG is a comprehensive network monitoring tool designed to assist IT professionals in monitoring the performance and availability of their network infrastructure.
PRTG is simple to set up and use. Its simple web-based interface makes it easy for users to configure and personalize the tool to suit their unique needs. It can monitor various network devices, such as servers, routers, switches, and firewalls.
It gathers data from these devices using various protocols, including SNMP, WMI, SSH, and HTTP. Then, it uses a customizable dashboard to show real-time network performance and availability data.
IT teams can keep their networks up and running with Paessler PRTG’s robust and adaptable network monitoring tool, which provides them with the visibility and insights they need to keep their networks operating smoothly and effectively.
Any organization that depends on its network infrastructure to support business operations can benefit from this tool’s customizable dashboard, in-depth reporting, and alerting features.
Why Do We Recommend It?
The capacity to use remote probes for distributed monitoring
Custom script and sensor development
Connection to other systems and tools
Role-based access management for users is monitored via a mobile app.
Zabbix is an open-source network monitoring tool that comprehensively monitors networks, servers, and applications. It provides real-time visibility and detailed insights into system performance and health.
It supports various monitoring protocols, including SNMP, IPMI, and JMX, allowing for versatile monitoring capabilities across multiple devices and platforms.
Zabbix features a highly customizable dashboard, enabling users to create personalized views of critical metrics, set up alerts, and receive notifications for potential issues before they escalate.
With robust data collection and analysis capabilities, Zabbix provides extensive reporting and graphing tools, helping users to track trends, plan capacity, and optimize system performance.
Zabbix offers three choices for discovery mode: network discovery, low-level discovery, and auto-discovery.
Why Do We Recommend It?
Custom script monitoring is supported.
Access control and user authentication
Connection to other systems and tools
Capabilities for configuration management and automation
APIs for straightforward integration and automation
SolarWinds Network Monitoring Tool provides comprehensive visibility into network performance. It enables real-time monitoring of network devices, traffic, and bandwidth utilization, helping identify and resolve issues quickly to maintain network health.
The tool offers advanced features such as automated network discovery, customizable alerts, and detailed performance metrics, ensuring efficient management of network resources and proactive detection of potential problems.
SolarWinds integrates seamlessly with other SolarWinds products and third-party applications, providing a unified platform for monitoring and managing complex IT environments from a single console.
It includes robust reporting and analytics capabilities, allowing users to generate custom reports, track key performance indicators, and gain insights into network trends and overall performance for informed decision-making.
Why Do We Recommend It?
Dashboards and reporting that can be customized
Architecture that is scalable and dispersed
Connection to other systems and tools
Role-based access control for users Mobile app for monitoring on the go
WhatsUp Gold is a comprehensive network monitoring tool that provides real-time visibility into the health and performance of network devices, servers, and applications, ensuring optimal system operation.
The tool features advanced alerting and reporting capabilities, enabling IT teams to quickly identify and resolve issues, minimize downtime, and maintain high service availability.
WhatsUp Gold supports extensive integrations with various third-party tools and technologies, allowing for seamless data collection, analysis, and action across diverse IT environments.
It offers an intuitive, user-friendly interface with customizable dashboards, making it easy for users to monitor key metrics, track trends, and generate detailed reports for informed decision-making.
Icinga is a network resource monitoring tool that checks for resource availability, alerts users to outages, and generates performance data for reporting. It is scalable and extensible and can monitor complicated environments across many locations.
Your private, public, or hybrid clouds and data centers are included. Icinga gathers data from and sends it to many of your current DevOps tools, allowing you to design a customized monitoring solution that completely meets your requirements.
The open-source Icinga monitoring program, developed as a rival to the Nagios project, allows you to monitor various operational aspects. Icinga gathers metrics and looks for patterns in your log files and log management software directly.
It provides a complete overview by combining and visualizing check results, metrics, and logs in a simple web interface. Icinga additionally offers a web-based interface that lets users view a dashboard-style overview of all the network infrastructure they monitor.
The interface is very user-friendly, allowing users to quickly generate reports, create custom views, and visualize the status of their IT systems.
Why Do We Recommend It?
Integration with additional systems and tools
Automation and configuration management
Web-based administration interface
RESTful API for programmatic access Open-source and community-driven
ManageEngine OpManager is an effective network monitoring tool that gives you deep insight into the functionality of your routers, switches, firewalls, load balancers, wireless LAN controllers, servers, virtual machines, printers, and storage devices.
ManageEngine is a simple and low-cost network monitoring solution that allows you to identify and eliminate the source of a problem. OpManager offers in-depth analyses of numerous problematic network areas and provides real-time monitoring.
ManageEngine provides a single snapshot page to view performance, bandwidth consumption, and recent device configuration changes. It allows you to identify the source of the problem and resolve it before it affects end users.
ManageEngine works with various platforms and operating systems, including Windows, Linux, and Mac OS. The software can monitor and manage multiple devices, including servers, network devices, applications, etc.
In network management, having a reliable and comprehensive monitoring tool is essential to ensure optimal performance and security. Cacti is a popular open-source network monitoring tool with many features for monitoring and graphing network data.
Cacti is a web-based network monitoring tool built on PHP and powered by RRDtool, a round-robin database for efficient data storage and graphing.
It gives administrators a centralized platform for monitoring network devices, tracking bandwidth usage, and analyzing network traffic patterns.
Its easy-to-use interface, advanced graphing capabilities, and automation features make it a popular choice among network administrators.
LogicMonitor is a cloud-based network monitoring tool that offers comprehensive visibility into network infrastructure, including devices, servers, applications, and cloud services, all from a single unified platform.
The tool features automated discovery and configuration, allowing it to quickly identify and monitor new devices and services in real time, ensuring up-to-date network visibility and management.
LogicMonitor provides customizable dashboards and advanced alerting, helping IT teams quickly identify, diagnose, and resolve network issues before they impact business operations or user experience.
It integrates with various third-party tools and services, including cloud platforms, ITSM systems, and collaboration tools, enhancing its versatility and allowing for seamless data flow across IT ecosystems.
NetFlow is a network protocol developed by Cisco for collecting IP traffic information, providing detailed insights into network traffic patterns and bandwidth usage across routers and switches.
It helps network administrators monitor and analyze network traffic by capturing metadata about data flows, including source and destination IP addresses, port numbers, and the amount of data transmitted.
NetFlow data is used for traffic analysis, network troubleshooting, and optimizing bandwidth usage, helping organizations identify congestion, unauthorized usage, and potential security threats.
It is widely supported across various network devices and integrated into many network monitoring and analysis tools, making it a versatile solution for comprehensive network visibility and management.
Why Do We Recommend It?
Connection to network monitoring tools
Optimization of resources and capacity planning
Diagnostics and troubleshooting
Export and storage of flow data
NetFlow version support (e.g., NetFlow v5, v9, IPFIX)
Pandora FMS is a flexible and scalable network monitoring tool that comprehensively monitors servers, applications, and network devices, ensuring optimal performance and availability across IT infrastructure.
It offers real-time monitoring and alerts, allowing administrators to quickly detect and resolve issues, reducing downtime, and maintaining service continuity for businesses of all sizes.
The tool supports various protocols and technologies, including SNMP, WMI, and ICMP, enabling detailed monitoring and management of diverse environments and systems.
Pandora FMS provides customizable dashboards and detailed reporting capabilities. It offers insights into performance metrics, trends, and potential issues, helping organizations make data-driven decisions and optimize their IT operations.
Datadog is a comprehensive network monitoring tool that provides real-time visibility into network performance. It helps organizations track metrics like bandwidth usage, latency, and packet loss across their infrastructure.
It supports integration with various network devices and cloud services, offering a unified view of both on-premises and cloud-based environments, making it ideal for hybrid networks.
Datadog’s advanced analytics and customizable dashboards enable users to quickly identify and troubleshoot network issues, improving overall network reliability and reducing downtime.
The tool also offers robust alerting capabilities. Teams can set up custom alerts based on specific network conditions, ensuring timely responses to potential problems.
Why Do We Recommend It?
Dashboards and graphics that can be customized
Integration of well-known technologies and services
Auvik is a cloud-based network monitoring and management tool that provides real-time visibility into network performance. Its intuitive interface and automated alerts help IT teams detect and resolve issues quickly.
The tool offers automated network discovery, mapping, and inventory management, enabling users to comprehensively view all connected devices and their relationships within the network infrastructure.
Auvik integrates seamlessly with other IT systems and tools, providing a centralized platform for managing network configurations, performance metrics, and security policies, enhancing overall network efficiency and security.
It includes detailed reporting and analytics capabilities, allowing users to track network health, performance trends, and usage patterns. This facilitates informed decision-making and proactive network management.
OpenNMS is a cost-free and open-source network monitoring solution supported by a dedicated community of users, developers, and the OpenNMS Group, which offers commercial services, training, and support.
It can monitor various network devices, including routers, switches, servers, and applications. It is a scalable platform that can be used to monitor large and complex networks.
OpenNMS provides various features for troubleshooting network problems, such as event correlation and alarm management.
OpenNMS’s event-driven architecture allows for the extension of service polling and data collection frameworks as well as flexible workflow integration.
Furthermore, it provides extensive customization options, allowing users to tailor the platform to their network’s requirements.
Why Do We Recommend It?
Dependency mapping and topology
Data gathering and storage for performance
IP address management (IPAM) is the administration of IP addresses.
Microsoft Network Monitor is a robust network monitoring software with many features for capturing, analyzing, and troubleshooting network traffic.
Microsoft Network Monitor, also known as NetMon, is a discontinued packet analyzer that allows you to capture, view, and analyze network data and decipher network protocols.
Microsoft Corporation created it as a free network monitoring tool. It enables network administrators to capture and analyze network traffic in real-time, effectively identifying and resolving network-related issues.
Microsoft Network Monitor has become a valuable asset for network administrators due to its simple interface and powerful capabilities.
It remains a reliable option for those seeking a free and feature-rich network monitoring solution.
Zenoss is a comprehensive network monitoring tool that provides real-time visibility into network performance. It enables organizations to proactively identify and resolve issues across their IT infrastructure.
It offers advanced analytics and machine learning capabilities, allowing users to predict and prevent potential network problems before they impact business operations, ensuring high availability and reliability.
Zenoss supports monitoring protocols and integrates seamlessly with various IT environments, providing unified monitoring for physical, virtual, and cloud-based infrastructure.
The tool features customizable dashboards and detailed reporting, giving users actionable insights into network performance, resource utilization, and capacity planning. This helps optimize network management and efficiency.
ThousandEyes is a cloud-based network monitoring tool that provides comprehensive visibility into network performance.
It enables businesses to monitor, detect, and diagnose network issues across their entire infrastructure.
The tool offers real-time insights into application delivery, internet performance, and network connectivity, helping organizations quickly identify and resolve issues that could impact user experience and business operations.
ThousandEyes integrates seamlessly with existing network infrastructure and supports many monitoring features, including path visualization, DNS monitoring, and BGP route visualization.
It provides detailed reporting and analytics, allowing businesses to generate custom reports, track key performance metrics, and gain insights into network performance trends and potential bottlenecks.
Network monitoring software for the Simple Network Management Protocol (SNMP) is a potent instrument for monitoring and managing network infrastructure and devices. SNMP can gather valuable data about network availability, performance, and other crucial metrics.
It allows network administrators to keep an eye on and troubleshoot devices, get instant notifications when a network issue arises, and learn more about the general health of the network.
Organizations can use SNMP to optimize performance, prevent downtime, and proactively identify and fix network issues.
This software is a valuable asset for companies of all sizes because it provides the fundamental framework for efficient network management.
Why Do We Recommend It?
Features for security and access control
MIB (Management Information Base) support for SNMP traps for proactive monitoring
Architecture that is extensible and scalable
Network monitoring and troubleshooting that is effective
Atera network monitoring software is a comprehensive solution designed to assist managed service providers (MSPs) efficiently monitor and manage their clients’ networks.
MSPs can use Atera to gain real-time visibility into network performance, detect issues, and proactively resolve them before they disrupt business operations.
The software enables MSPs to effectively track and manage network health by providing centralized monitoring and alerts for devices, applications, and services.
Atera includes automated ticketing, remote monitoring and management (RMM), and reporting to help MSPs streamline their operations and provide better customer service.
Why Do We Recommend It?
Integration of customer relationship management (CRM) systems and tools
The digital landscape in 2025 is more complex than ever, with organizations relying on intricate hybrid, cloud, and on-premises networks to power their operations. Network monitoring tools have become indispensable for IT teams to maintain network health, security, and performance. These solutions provide real-time visibility into network devices, traffic, and applications, helping administrators proactively identify […]
The Army is feeding hundreds of hours of video recordings into a large language model to improve maintenance on the infantry squad vehicle, and hopes to eventually see soldiers using AI-powered smart glasses to fix vehicles.
“Eventually, I'm going to run those LLMs on soldiers' faces with smart glasses, and I'm going to run them on their phones with things like the Android [Tactical] Assault Kit. I'm going to run them on their vehicles for maintenance,” Alex Miller, the Army’s chief technology officer, said on a recent podcast with the Washington AI Network.
For the ISV, a ruggedized version of the Chevy Colorado pickup truck, Miller said, they’re training the AI with “about 1,000 hours of video recordings of our engineers, our maintenance folks, just repairing,” the vehicle. The goal is to train a visual LLM integrated with smart glasses or HoloLens that soldiers can use to “diagnose a problem” and “walk through” the steps needed to repair it.
The Army also wants to digitize other support documents, such as log books, he said.
“So we will have two different versions: One is Smart Lookup, which is machine learning, and one will be, actually, generative. In terms of, how do we do this? It has to run on their face, and it has to run in a way that doesn't get so hot that we burn our soldiers,” like when using a phone in direct sunlight causes it to overheat.
[[Related Posts]]
Miller’s comments come on the heels of the release of a White House AI Action Plan to accelerate military adoption of AI, and as the Pentagon has quickly embraced generative AI with multiple $200 million contracts to assist with back-office tasks.
The Army has been experimenting with generative AI for daily operations ,and has considered using AI for more dangerous missions like disarming bombs and air operations, looking at ways to bring AI tools closer to the battlefield and in smaller formats, like laptops or handheld devices. The service also has been investing in AI on the enterprise level, with a potential $10 billion enterprise contract with Palantir and a $99.5 million research and development contract with Scale AI announced Thursday.
Additionally, the Army is working with several companies to “look at boundary conditions” and see how AI can be best used to scope out potential threats, Miller said.
“If you look at what a lot of the language domain models and LLMs do, they can do some pretty spooky stuff—from new chemistries to new material sciences. We want to have access to those to look at what the threats are. So, what's in the realm of medical technology that we should be aware of? Or bio sciences or bioterrorism?” he said.
“A lot of companies stand up venture arms, which is very cool, but they still have research arms. And they want…data back from us because we're willing to try really weird cases all the time for them.”
Microsoft has officially confirmed that its August 2025 security update is causing significant performance problems for users of NDI (Network Device Interface) technology.
Content creators, broadcasters, and IT professionals who installed the update are reporting severe lag, stuttering, and choppy audio/video when streaming between PCs, effectively disrupting production workflows that rely on the popular IP video protocol.
The issue arises from the cumulative update KB5063878, released on August 12, 2025, for Windows 11 and Windows 10. According to Microsoft’s updated release health dashboard entry on August 21, the company has acknowledged the problem, which affects systems running OS Build 26100.4946 and other recent versions.
The performance degradation is most prominent in streaming applications like OBS (Open Broadcast Software) and the official NDI Tools suite. Users have noted that the problem is especially triggered when using “Display Capture” on the source machine to send its screen output to another computer on the network.
Critically, the issue persists even on networks with low bandwidth utilization, indicating the root cause is not network congestion but rather a processing or protocol-handling flaw introduced by the Windows update.
In a statement on its health dashboard, Microsoft detailed the symptoms: “Severe stuttering, lag, and choppy audio/video might occur when using NDI (Network Device Interface) for streaming or transferring audio/video feeds between PCs after installing the August 2025 Windows security update.”
The affected platforms include:
Client: Windows 11, version 24H2; Windows 10, version 22H2; Windows 10, version 21H2
Server: No Windows Server versions are currently listed as affected.
Mitigations
While Microsoft investigates a permanent solution, a temporary workaround has been identified and recommended by NDI. The issue appears to be related to NDI’s default transport protocol, RUDP (Reliable User Datagram Protocol), which is designed to offer a balance between the speed of UDP and the reliability of TCP.
The KB5063878 update seems to interfere with how Windows handles these RUDP packets.
To mitigate the problem, users are advised to manually change the NDI Receive Mode on the receiving client to use either TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) instead of the default setting.
NDI has published guidance on its support site, titled “Traffic Drops After Windows Update,” which provides step-by-step instructions for making this change within the NDI Tools and other compatible applications.
Microsoft has stated, “We are investigating this issue and will provide more information when it is available.” This confirmation suggests that a fix will likely be delivered through a future cumulative update or a possible out-of-band (OOB) patch.
Until then, professionals who rely on NDI for live streaming, remote production, or corporate AV presentations should either apply the TCP/UDP workaround or consider pausing the deployment of the KB5063878 update in their production environments to avoid service disruption.
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure.
The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical
Microsoft has announced significant restrictions on email sending capabilities for organizations using default onmicrosoft.com domains, implementing a throttling system that limits external email delivery to 100 recipients per organization every 24 hours.
The policy change, announced through the Exchange Team Blog, aims to prevent spam abuse while encouraging organizations to migrate to custom domains for improved email deliverability and brand representation.
Key Takeaways 1. Microsoft limits onmicrosoft.com domains to 100 external emails daily. 2. Targets cybercriminals exploiting new tenants, protecting shared domain reputation. 3. Organizations must purchase custom domains, rollout phases through June 2026.
Email Throttling Imposed
Microsoft’s new policy specifically targets MOERA (Microsoft Online Email Routing Address) domains, which are automatically assigned when organizations create new Microsoft 365 tenants.
These default domains, such as contoso.onmicrosoft.com, have become attractive targets for cybercriminals who exploit newly created tenants to send spam bursts before detection systems can intervene.
The throttling mechanism will trigger NDR (Non-Delivery Report) messages with error code 550 5.7.236 when organizations exceed the 100 external recipient limit within the rolling 24-hour window.
Internal messaging remains unaffected, and the restriction applies only to external recipients after any distribution list expansions are calculated.
This technical implementation ensures that legitimate testing and internal communications continue uninterrupted while preventing large-scale spam operations.
The shared reputation model of onmicrosoft domains has created significant deliverability challenges for legitimate users.
Because all organizations share variations of the same domain namespace, malicious activity from one tenant can negatively impact email deliverability for all other users on the platform.
Phased Rollout Timeline
Microsoft has established a structured rollout schedule beginning with trial tenants on October 15, 2025, and progressing through different organization sizes based on Exchange seat counts.
The implementation will conclude with tenants having over 10,001 seats by June 1, 2026. Organizations with fewer than three seats will face restrictions starting December 1, 2025, followed by progressively larger organizations through the first half of 2026.
Technical migration involves several critical steps including purchasing custom domains through authorized registrars, configuring DNS validation, and updating primary SMTP addresses on all mailboxes.
Organizations must also address specific scenarios where MOERA domains might be inadvertently used, including Sender Rewriting Scheme (SRS) configurations, Microsoft Bookings notifications, and various Microsoft 365 service integrations.
Administrators can analyze current MOERA email traffic using the Message Trace feature in Exchange Admin Center with wildcard sender addresses to identify potential impacts before the restrictions take effect.
Organizations are strongly advised to begin migration planning immediately, as the throttling limits will significantly impact any business operations currently dependent on MOERA domains for external communications.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
This technique allows attackers who have gained an initial foothold on a Windows machine to harvest credentials for lateral movement across a network without triggering common security alerts.
How Windows Manages Secrets
The Local Security Authority (LSA), running within the lsass.exe process, is the core Windows component responsible for managing sensitive information. The LSA uses two in-memory databases that correspond to on-disk registry hives:
SAM database: Manages user, group, and alias objects and corresponds to the SAM registry hive. It stores user credentials, but there is no direct API to retrieve them in plaintext.
Security database: Manages policy, trusted-domain, account, and secret objects, corresponding to the SECURITY registry hive. This database holds LSA secrets, such as cached domain credentials and machine keys.
While these databases can be managed through RPC interfaces (MS-SAMR and MS-LSAD), they do not offer a simple way to decrypt stored secrets. To access the credentials and secrets, direct interaction with the SAM and SECURITY registry hives is necessary.
These hives are protected by Discretionary Access Control Lists (DACLs) that restrict access to accounts with SYSTEM privileges. The sensitive data within them, such as user credentials and machine keys, is encrypted.
Decrypting this information requires additional values from the SYSTEM hive to reconstruct the decryption key.
Attackers commonly use various local and remote techniques to harvest credentials, but modern security tools detect most well-known methods.
Interacting with the lsass.exe process memory, for example, is a high-risk activity that is heavily monitored by EDRs and Windows Defender, often resulting in immediate alerts.
EDR solutions primarily rely on kernel-mode callback routines to monitor system activity. By using functions like CmRegisterCallbackEx, an EDR’s driver can register to be notified by the Windows kernel of specific events, such as registry access.
When a process attempts to read a sensitive key, like HKLM\SAM or HKLM\SECURITY, the kernel notifies the EDR, which can then block the operation or raise an alert. To manage performance, EDRs typically monitor a select list of high-risk API calls and registry paths, rather than every single system operation.
A New Method for Silent Exfiltration
According to researcher Sud0Ru, who uncovered this technique, a new, two-pronged approach allows attackers to bypass these defenses by leveraging lesser-known Windows internals.
This method avoids creating on-disk backups of registry hives and does not require SYSTEM-level privileges, operating within the context of a local administrator.
secret data Exfiltration (Source : Sud0Ru)
Bypassing Access Controls with NtOpenKeyEx: The first step involves using the undocumented native API NtOpenKeyEx. By calling this function with the REG_OPTION_BACKUP_RESTORE flag and enabling the SeBackupPrivilege (available to administrators), an attacker can bypass the standard ACL checks on protected registry keys. This provides direct read access to the SAM and SECURITY hives without needing to be the SYSTEM user.
Evading Detection with RegQueryMultipleValuesW: Once access is gained, the next challenge is to read the data without triggering EDR alerts. Most EDRs monitor common API calls used for reading registry values, such as RegQueryValueExW. This new technique instead uses RegQueryMultipleValuesW, an API that retrieves data for a list of value names associated with a registry key. Because this function is used less frequently, many EDR vendors have not included it in their monitoring rules. By using this API to read a single value at a time, attackers can extract the encrypted secrets from the SAM and SECURITY hives without being detected.
This combined strategy allows the entire operation to occur in memory, leaving no on-disk artifacts and avoiding API calls that would typically flag malicious activity.
The result is a silent and effective method for harvesting credentials. While decrypting the exfiltrated data is a separate process, this collection technique demonstrates that even mature defensive systems can be circumvented by leveraging overlooked, legitimate functionalities within the operating system itself.
Find this Story Interesting! Follow us on LinkedIn and X to Get More Instant Updates.
By now, you’ve heard the hype. Agentic AI; self-directed and goal-oriented. Supposedly, the next big thing in security automation. If you’re working in a Security Operations Center (SOC), it might sound like déjà vu. Agentic AI brings autonomous, decision-making security agents that learn, adapt, and act across environments, while SOAR focuses on orchestrating and automating predefined […]
.webp)
.webp)
.webp)
.webp)
.webp)
.webp)
