Chicago IT Support & Cyber Security | Forward Technologies

Chicago-based Forward Technologies delivers IT support and cyber security to businesses in the Chicago area and nationwide.

When the Code Breaks, the AI Doesn’t Get the Call. I do

by

An “intern” character eagerly taking notes and improving, next to an AI bot that keeps dropping the same book labeled “Learn to Code” on the floor.The buzz around AI-powered coding tools is hard to avoid, and I get asked about them a lot. Instead of continuing to repeat myself I figured it was time to write down exactly why I don’t use them, and why that decision isn’t about being for or against AI in some grand ideological sense. This is just a practical take based on how I work, what I value, and what actually helps me get things done.

The core issue is speed—or the lack of it. If AI tools helped me move faster, I’d consider them. But they don’t. The idea of having an AI assistant write code for me sounds nice. A little robot fixing bugs while I sip coffee? Sure. But it doesn’t work like that. Any code that goes into my projects has to meet a standard, and that means reviewing it line by line. I have to understand what it’s doing, why it’s doing it, and feel confident I can tweak it later. Otherwise, it’s a liability. [Read more…]

DMARC in 2025: What’s Working, What’s Failing, and What Comes Next

by

Visual representation of email authentication flow highlighting DMARC enforcement and policy alignmentEmail authentication continues to improve, but DMARC is still widely misunderstood and often misused. The number of domains publishing DMARC records has grown steadily since 2023, especially in industries like finance, education, and healthcare. However, a large percentage of those domains are not enforcing any policy, which means spoofing and phishing attacks are still a serious concern.

Adoption is up, but enforcement remains low. Estimates show that while more than 30 percent of domains have added DMARC over the past two years, fewer than a third are using policies like quarantine or reject. Most records are set to “none,” which enables monitoring but provides no actual protection against domain impersonation. It’s a good first step, but without enforcement, DMARC doesn’t prevent malicious email from being delivered. [Read more…]

Microsoft Plugs One Secure Boot Flaw While Leaving Another Wide Open

by

A cartoon-style illustration of a worried programmer sitting at a desk with a laptop that has a red padlock icon. Behind him, a menacing robot labeled "VULNERABILITIES" holds two scrolls marked "EXPLOIT." A yellow "SECURE BOOT" sign with a padlock and boot icon hangs on the wall, symbolizing compromised device security. The background is a textured purple.Security researchers have identified two major exploits in the Secure Boot system, both capable of sidestepping one of the most important protections on modern PCs. Microsoft has issued a patch for one of them. The other remains untouched, even as it offers attackers a nearly universal method to bypass security during the startup process.

This week’s patch from Microsoft addresses a vulnerability known as CVE-2025-3052. It impacts over 50 manufacturers whose systems rely on Linux modules to support boot processes. The flaw allows someone with physical access to a device to disable Secure Boot entirely. Once that’s done, they can install malware that loads before the operating system starts. The attack is particularly concerning because it’s stealthy and persistent, and in cases where a hacker already has administrative access, it can be triggered remotely. [Read more…]

OpenAI Slams Judge’s ChatGPT Log Order, Cites Massive Privacy Risk

by

Tug-of-war illustration symbolizing ChatGPT privacy conflict between users and copyright enforcers.OpenAI Faces Pressure to Store All ChatGPT Conversations

A recent court order threatens ChatGPT privacy by forcing OpenAI to keep every user chat. That includes messages deleted by users and data from businesses using OpenAI’s API. The case stems from a lawsuit brought by major publishers, including The New York Times, who claim OpenAI may be erasing evidence of copyright violations. [Read more…]

Hackers Pose as IT Support to Breach Salesforce, Steal Corporate Data, and Demand Ransom

by

Illustration of hacker posing as IT support to access Salesforce dataHackers posing as IT support are targeting employees at large companies to sneak into their Salesforce systems and steal data. They start with a phone call, pretending to help with a routine issue. The real goal? To get the employee to connect to a fake version of Salesforce’s Data Loader tool. Once that happens, the attackers can quietly grab sensitive company data.

Google’s Threat Intelligence Group has been tracking the group behind this, known as UNC6040. Their method depends on trust—posing as helpful support staff and guiding employees through what feels like a normal setup process. Because the tool is something many employees already use, it doesn’t seem suspicious. [Read more…]

Social Media

Forward Technologies
747 N LaSalle
STE 500B
Chicago, IL 60654
(312) 715-7806