Check Point launches AI security strategy and announces three acquisitions 

Posted in Commentary with tags on February 12, 2026 by itnerd

Check Point today unveiled its four-pillar strategy to secure the AI transformation of enterprises, and announced three acquisitions that significantly expand opportunities for channel partners and managed service providers.

The acquisitions of Cyata, Cyclops, and Rotate strengthen the company’s platform across AI Security, Exposure Management, and Workspace Security — enabling partners to deliver new services around AI governance, risk-driven security, and scalable MSP protection.

These moves demonstrate Check Point’s commitment to supporting partners as customers navigate increasingly complex, AI-driven environments, while providing a clear framework for delivering integrated, prevention-first security services.

Check Point has a blog post on this that you can read here: Securing Your AI Transformation: How Check Point Is Helping Security Teams Keep Control in an AI-First World – Check Point Blog

Leave a comment »

Georgia health services provider ApolloMD pwned by Qilin

Posted in Commentary with tags on February 12, 2026 by itnerd

According to the U.S. Department of Health and Human Services Breach Portal, a major cyberattack on ApolloMD, a large healthcare services provider, exposed the personal information of 626,540 people in a breach that occurred May 22-23, 2025. Attackers accessed the company’s IT systems before being detected, and viewed sensitive data tied to ApolloMD’s affiliated physicians and practices, including patient names, addresses, medical diagnoses, insurance info, dates of service, and some social security numbers.

The company first reported the breach in September 2025, and provided authorities with the full number of victims this week.

The ransomware gang Qilin has claimed responsibility for the attack, adding the company to its Tor-based leak site in early June 2025. 

Here’s some commentary on this.

Vishal Agarwal, CTO Averlon:

   “The ApolloMD breach is unlikely to stem from a single missed vulnerability. Maintaining access for two days and reaching sensitive patient records suggests attackers were able to assemble an attack chain that led to protected health information.

   “In complex healthcare environments, applications and service identities often accumulate access over time. When systems are overprivileged, an attack chain does not stop at the initial compromise. It expands the blast radius and increases the volume of sensitive data that can be accessed.

   “In such environments, an assume-breach mindset and strict enforcement of least privilege are essential. Eliminating unnecessary access paths reduces blast radius and prevents an initial foothold from expanding into material data exposure.”

Michael Bell, CEO, Suzu Labs:

   “Dark web intelligence shows over 500 ApolloMD corporate credentials were already circulating on underground forums and Telegram channels before the breach. They came from third-party breaches going back years and were available to anyone who looked. When a healthcare organization holding data on 626,000 patients has that kind of credential exposure on the dark web unaddressed, the ransomware group doesn’t need a zero-day. They need a login.

   “238 gigabytes exfiltrated in 48 hours is not subtle. That should trigger every exfiltration alarm in the stack. If it didn’t, the monitoring wasn’t tuned for it. If it did and nobody acted, that’s worse. Qilin had a documented playbook before they hit ApolloMD. The Synnovis attack in 2024 crippled London hospitals and contributed to patient deaths. Their targeting, tools, and techniques were public knowledge.

   “Healthcare keeps treating vendor security like a regulatory exercise instead of an operational risk. ApolloMD touches patient data across dozens of physician groups. One vendor compromised, 626,000 patients exposed. And nine months between the breach and the HHS filing means those patients carried the exposure without knowing it. HIPAA requires notification within 60 days of discovery. The math doesn’t work.”

John Carberry, Solution Sleuth, Xcape, Inc.:

   “The ApolloMD data breach, which compromised the sensitive medical information of over 626,000 patients, serves as a stark warning that the healthcare industry has become a prime target for sophisticated extortionists globally. The Qilin ransomware group has been identified as the same Russian-linked entity behind the 2024 Synnovis attack. That incident disrupted London hospitals and reportedly led to at least one patient fatality, and they have now extended its “industrialized” extortion tactics to the U.S. healthcare system. Qilin’s impressive efficiency is underscored by its ability to exfiltrate 238GB of data, containing diagnoses and Social Security numbers, in just 48 hours, a speed that overwhelms conventional reactive defense strategies. The delayed revelation of the breach’s full extent, only recently reported to federal regulators, exposes the significant “visibility gap” inherent in managing third-party physician groups.

   “Security Operations Centers must understand that Qilin’s objective goes beyond mere financial gain; they leverage operational disruption and the considerable “shame value” associated with sensitive medical diagnoses to compel settlements. Qilin’s admitted involvement further emphasizes the persistent threat posed by ransomware groups to healthcare services and patient safety, echoing previous disruptive attacks on medical providers. The repercussions for patients can extend for years, even when services appear to be unaffected on the surface. Such patient information can be valuable to unscrupulous entities so further such misuses of the exfiltrated data are possible.

   “When ransomware can weaponize 600,000 medical records in a single weekend, it underscores the fact that “compliance” is just paperwork but cybersecurity is the lifeblood.”

Groups like Qilin highlights the fact that it’s not optional for organizations to have a robust defence strategy. It’s mandatory or they will simply become another statistic.

Leave a comment »

Deepgram Expands Language Coverage with Hebrew, Persian, and Urdu

Posted in Commentary with tags on February 12, 2026 by itnerd

Deepgram has expanded its Voice AI platform to include Hebrew, Persian, and Urdu — three monolingual right-to-left (RTL) languages.

Some key points:

  • This isn’t just new languages – it shows Deepgram has solved one of the hardest problems in global Voice AI and is now enabling enterprise-grade voice systems across some of the world’s fastest-growing markets.
  • Deepgram just removed one of the biggest blockers to scaling voice AI in the Middle East and South Asia.
  • This enables AI agents to operate natively in RTL markets.
  • Companies no longer need patchwork vendors for global deployments. Great for any size company, but also levels the playing field for smaller companies that thought they couldn’t afford global Voice AI.
  • This opens major revenue markets that were previously hard to serve.
  • This opens doors across virtually every industry from finance and healthcare, to retail, education, and manufacturing, to hospitality, oil & gas, and government, to travel, tourism, and entertainment, and more…

Find out more here: Speech-to-Text for Hebrew, Persian, and Urdu on Nova-3

Leave a comment »

Three of the Top Photo ID Apps Are Leaking Users’ Data

Posted in Commentary with tags on February 12, 2026 by itnerd

Three of the most widely used photo ID mobile applications are reported to have exposed sensitive user data, stemming from misconfigured Firebase instances exacerbated by an absence of attestation – i.e., a backend infrastructure that trusted requests without properly enforcing authentication and authorization controls. Once the backend endpoint was accessible, data could be retrieved directly outside the legitimate app context.

TechRadar Pro quotes Cybernews research noting that the exposed data included personal information and backend tokens, and more than 150,000 users were impacted: Dog Breed Identifier Photo Cam has 500K downloads, with 66,182 users affected; Spider Identifier App by Photo has 500K downloads, with 40,779 users affected; and Insect identifier by Photo Cam has 1M downloads, with 45,005 users affected.

Mobile app security expert Ted Miracco, CEO of Approov, notes:

    “These incidents show how mobile backend misconfigurations become breaches when APIs trust requests without verifying the app itself. Runtime app attestation and client-bound credentials can be immediately invoked and will stop attackers from exploiting exposed endpoints, even when backend controls fail. When publishers and B2C brands don’t take active steps to preventing reverse-engineered apps, scripts, or emulators from querying their backend APIs, the result is all too often a wide-open door that’s simple for greedy, data-stealing imposters to walk through.”

This highlights the fact that apps on your phone have to be completely trustworthy. It would really be nice if apps had “nutrition labels” or something like that so that you know what you are getting into. In the absence of that, I’m glad that someone is looking at this.

Leave a comment »

Ericsson unveils in-vehicle 5G router with industry-first dual-SIM failover and edge AI

Posted in Commentary with tags on February 12, 2026 by itnerd

Ericsson is addressing the growing need for resilient, intelligent connectivity in mobile environments with the new Ericsson Cradlepoint R2400 and extensible RC1250 modem. Designed for vehicles and mobile field teams, this solution combines ultra-fast failover, precise location services, and powerful edge computing to help organizations operate safely, efficiently, and with confidence.

Whether it’s first responders coordinating life-saving missions, transit operators keeping passengers connected and on schedule, or private fleets optimizing routes and conducting predictive maintenance, the R2400 delivers the reliability and performance these sectors demand. Compatible with public safety networks and new network slicing services, the R2400 leverages the latest in 5G standalone Release 17 technology to support new capabilities across public safety, mass transit, and private fleet networks.

Key highlights include:

  • Fast carrier failover: Industry-first Dual‑SIM / Dual Standby (DSDS) on a single modem enables carrier switchover roughly 10× faster than previous approaches keeping voice, video, and data flowing during critical missions and transit routes.
  • Centimetre‑level location accuracy: Real‑Time Kinematics (RTK) combined with dead‑reckoning improves positioning from 1–3 metres to ~1 cm, enabling lane‑level vehicle identification and precise real-time tracking of personnel, assets, and drones.
  • Multi-link resiliency: Support for up to five simultaneous cellular plus multiple low‑Earth‑orbit (LEO) satellite connections maximizes throughput and availability, even in rural or low‑coverage areas.
  • High‑performance in‑vehicle Wi‑Fi: Embedded 4×4 software defined Wi‑Fi 7 access point delivers approximately 2-4× faster Wi‑Fi speeds for passenger and operational communications across mass transit and public safety.

As first responders and mass-transit agencies adopt AI, real-time monitoring, and autonomous vehicles/drones, reliable, scalable in-vehicle connectivity is becoming critical. According to Verizon’s Frontline Study 2025, 46 per cent of first responders in the U.S. expect daily AI use within five years, and 48 per cent expect daily drone use. The National Academies Autonomous Transit Survey (2024) found that 84 per cent of U.S. transit agencies plan to use or evaluate autonomous buses within three to five years. Paired with the extensible RC1250 modem, the R2400 delivers pay-as-you-grow WAN capacity for applications such as live video streaming, while providing on-board local AI inferencing.

Key improvements over prior generations of products include:

  • Expanded edge compute: 2.5x more on‑device compute to support local AI inferencing, computer vision, and to support enhanced performance for containerized applications—accelerating actionable insights on scene.
  • Faster security processing: 2x more throughput to support NetCloud SASE’s zero-trust security and SD-WAN services to provide a highly secure and optimized WAN network across fleets, sites, and critical assets.
  • Future‑proof modularity: Unique extensible architecture allows organizations to add or upgrade 5G modems as carrier technology evolves, without replacing the router.
  • AI-assisted centralized management and orchestration: In addition to providing centralized visibility to every vehicle and its location, NetCloud offers the industry’s first agentic AI virtual expert optimized for enterprise 5G networking to help improve the productivity of lean IT teams. AIOps dashboards help pinpoint anomalies before impacting service.

The Ericsson Cradlepoint R2400 router and RC1250 captive modem accessory will be available in Q2 2026. For more information, visit the website.

Leave a comment »

Wallapop and Albatross Sign Strategic Partnership to Bring Real-Time AI Discovery to the Future of Consumer-to-Consumer Commerce

Posted in Commentary with tags on February 12, 2026 by itnerd

Wallapop, the leading platform for conscious consumption in Spain, today announced a strategic partnership with Swiss AI company Albatross to deploy real-time AI discovery across its platform, advancing user engagement and seller visibility at unprecedented scale.

With Albatross, Wallapop becomes one of the first C2C marketplaces globally to move beyond static, history-based recommendation systems toward in-session, adaptive discovery that understands user intent as it unfolds.

In practice, this means discovery on Wallapop becomes more pro-active and responsive. For instance, when a user explores a second-hand sofa and then starts browsing rugs or floor lamps, the system understands the shift from evaluating a single item to furnishing a living space. Instead of continuing to surface more sofas, as traditional recommenders do, discovery adapts in real time to reflect the user’s evolving intent, highlighting relevant complementary items across categories, including products the user didn’t know existed.

As the session continues, the experience keeps evolving: a user who then clicks on a vintage coffee table may start seeing lighting, paintings, décor, or storage pieces that match the same style, even if they never looked for them explicitly. This allows users to uncover highly relevant listings that feel like genuine finds, rather than variations of what they’ve already seen. Crucially, this allows discovery to keep pace as interests change (even within the same session) and helps the right listings surface at the right moment.

The announcement follows Albatross’ recent $12.25 million fundraise to deploy its real-time perception layer; a technology designed to understand what users want in the moment. Forbes recently described this approach as the “second pillar of AI.” While generative AI has transformed how content is created, Albatross focuses on how content is discovered in environments where scale and choice overwhelm traditional personalization.

Early production deployments have shown significant impact, beyond what is possible with traditional recommenders. In a four-week A/B test on 10% of Wallapop’s traffic, measuring performance across the entire homepage experience, the platform yielded:

  • Increase in User Engagement: +118.9%
  • Increase in Favorites & Interactions: +104.8%
  • Increase Purchase Intentions: +46.9%

Importantly, the system surfaced previously unseen items to qualified buyers, demonstrating its ability to unlock latent supply rather than simply amplify already popular listings. These gains have remained remarkably stable – and continued to improve – over an extended four-month production period, underscoring the robustness of the approach beyond short-term experimentation.

For Wallapop, the shift goes beyond buyer relevance. The partnership introduces algorithmic seller discovery as a core capability, dynamically matching live buyer intent with relevant, shippable listings and addressing one of recommerce’s hardest challenges: ensuring quality supply doesn’t get lost in volume.

Unlike conventional recommenders built on past behavior and popularity signals, Albatross’ technology continuously interprets live user interactions. Every action within a session updates the system’s understanding of user intent and the catalog, allowing discovery to adapt instantly to changing behavior, supply dynamics, and context. This approach is particularly helpful for second-hand marketplaces, where millions of unique items with inconsistent metadata make traditional popularity- or similarity-based methods ineffective.

For Albatross, Wallapop represents a demanding real-world environment for AI discovery. With a constantly evolving catalog of one-of-a-kind items and high listing velocity, Wallapop provides an ideal setting to validate and scale in-session perception models under real marketplace constraints.

The partnership represents one of the earliest large-scale commercial deployments of adaptive, in-session AI discovery in recommerce, reinforcing Wallapop’s ambition to lead the next phase of marketplace evolution.

Leave a comment »

Abstract joins Torq AMP Alliance Program to Accelerate Agentic SecOps

Posted in Commentary with tags on February 12, 2026 by itnerd

Abstract, the leader in streaming-first security operations, today announced it joined the expanding Torq AMP alliance program, designed to drive agentic AI innovation. Abstract was chosen due to its platform featuring a security data pipeline with streaming-first detections built in that seamlessly integrates with Torq’s AI SOC platform to empower customers and their SOC/Incident Response teams.

Torq AMP is unlike any other partner program in the history of cybersecurity. It exists in stark contrast to partner programs stuck in the distant past, built on elitist tiering systems, pay-to-play participation, and excessive bureaucracy. With Torq AMP, partners such as Abstract easily leverage Torq’s AI SOC platform and agentic AI capabilities to create unique, high-value solutions that integrate across mutual customers’ security stacks and ISV ecosystems. Torq AMP delivers builder-focused — not engineering-focused — integrations that elevate the value of partner offerings and go far beyond the static, pre-defined integrations of typical tech alliances. It’s all about driving mutual growth, adoption, and buzz for all participants.

Torq AMP provides these exclusive benefits to Abstract:

  • Integrated Solution Creation: Build innovative, joint AI-driven SecOps solutions quickly and easily at scale, without heavy engineering efforts
  • Deep Torq Sales Engagement: Joint field marketing events, collaborative prospecting, and integrated presence in Torq demo environments
  • Strategic GTM Collaboration: Collaborative sales enablement, team training, channel packaging, ROI analysis, and reporting
  • Disruptive Marketing Activation: Integration highlighted within the Torq platform, on Torq’s website, in customer and prospect emails, and across social posts, messaging, and custom swag

Leave a comment »

EnGenius ECW515 Brings Wi-Fi 7 Performance to In-Room and In-Unit Deployments 

Posted in Commentary with tags on February 12, 2026 by itnerd

EnGenius Technologies today announces the ECW515 Wi-Fi 7 dual-band 2×2:2 wall-plate access point, designed to deliver seamless in-room wireless and wired connectivity in multifamily units, student housing, senior living, hotels, and resorts.

Wi-Fi 7 In-Room Connectivity for MDU and Hospitality

The EnGenius ECW515 Wi-Fi 7 wall-plate access point delivers enterprise-grade wireless and wired connectivity directly inside the room, enabling fast, reliable in-room communication for streaming, voice, IoT, and productivity devices—while supporting VLAN-based per-user traffic segmentation to help maintain privacy and network control.

Consistent, Personalized In-Room Connectivity for Modern Communication and Entertainment

The ECW515 enhances the in-room experience by enabling seamless content streaming, reliable voice communication, and consistent network access across devices. SmartCasting allows guests and residents to stream content directly from their mobile devices to in-room TVs, while SSID on LAN extends the same secure network policies to wired devices—supporting captive portals and access controls. Together with carrier-class Wi-Fi calling support, the ECW515 helps ensure uninterrupted voice, video, and data services throughout the room.

Key Features:

  • Wi-Fi 7 dual-band performance delivering up to 3.6 Gbps aggregate throughput
  • Low-profile design providing reliable in-room wireless coverage for up to 1,000 sq. ft.
  • 2.5 GbE PoE-in uplink with 802.3at PoE+ support for simplified, flexible installations
  • Integrated 4-port Gigabit switch with PoE output to connect and power in-room devices
  • Built-in traffic control and VLAN support to help isolate users and devices for added privacy
  • SmartCasting support for seamless streaming from mobile devices to in-room TVs
  • Cloud-managed configuration and policy control optimized for mass multi-tenant deployments
  • Designed for Wi-Fi 7 client compatibility, including the latest smartphones, tablets, and laptops

The ECW515 is ideal for organizations seeking to modernize in-room networking infrastructure while maintaining a clean aesthetic and reducing installation complexity.

Availability

ECW515 will be available from EnGenius authorized resellers and distribution partners by the end of March, with an MSRP of $199. For additional product specifications and purchasing information, visit: ECW515

Leave a comment »

New Research Reveals Cybercriminals Love Valentine’s Day: 41% of all Valentine’s Day Spam Observed Malicious Intent

Posted in Commentary with tags on February 12, 2026 by itnerd

Bitdefender has released new findings showing that Valentine’s Day–themed spam has spiked in recent weeks, using the promise of love, discounts, and gifts from popular brands such as Dior, Sephora, and Walmart as lures.

41% of all Valentine’s Day spam observed had deceptive or malicious intent. Common tactics used to snare victims included phishing attempts, dating scams, fake giveaways, advance-fee schemes, and misleading surveys.

Findings include:

  • The U.S. was the most targeted destination at 55%, followed by Germany (13%), Ireland (8%), and the UK (6%).
  • The U.S. also ranked as the top source, responsible for over 43% of Valentine’s-related spam.
  • About 10% of scam-related messages used dating-themed lures, often relying on AI-generated profile images

You can get more details here: https://www.bitdefender.com/en-us/blog/hotforsecurity/nearly-4-in-10-valentines-day-emails-are-scams-what-bitdefender-antispam-lab-is-seeing-in-2026

Leave a comment »

The MSSP Threat Landscape Report Is Out From SOCRadar

Posted in Commentary with tags on February 11, 2026 by itnerd

In a threat landscape where 60% of underground discussions directly reference security vendors and their products, the question is no longer whether a company’s defenses are good enough; it’s whether they’re being actively monitored, adapted, and evolved.

A just-published MSSP Threat Landscape Report by threat intel company SOCRadar examines how threat actors systematically study, test, and bypass widely deployed security products, and why partnering with a Managed Security Service Provider is essential for true operational resilience. Have a look and consider what adjustments you need to do as an organization to keep yourself safe.

Leave a comment »

« Older Entries