Archive for January 14, 2026

Team Cymru and OpenCTI Partner to Supercharge Threat Intelligence With Global Visibility

Posted in Commentary with tags on January 14, 2026 by itnerd

Team Cymru today announced a strategic partnership and integration with OpenCTI, the widely adopted open-source threat intelligence platform developed by Filigran. The collaboration brings Team Cymru’s Pure Signal intelligence and Scout capabilities directly into OpenCTI, enabling defenders to access global visibility, instant enrichment, and automated threat-hunting workflows without ever leaving the platform.

The integration transforms the analyst experience by replacing manual lookups with immediate clarity. Alerts can now be enriched on demand with global context, allowing analysts to quickly determine whether an IP is a controller, VPN endpoint, proxy, or part of a broader campaign. This greatly accelerates triage and response by delivering decision-ready intelligence within the analyst’s existing workflow rather than forcing them to pivot across tools. Teams can also shift from reactive operations to proactive threat hunting, using automated playbooks to continuously uncover emerging malicious infrastructure, such as ransomware or DPRK-aligned activity, as soon as adversaries establish it.

By fusing internal incident data with Team Cymru’s global perspective on NetFlow-derived insights, infrastructure classifications, and traffic patterns, organizations gain a more complete understanding of threats and the entities behind them. The integration further enables dynamic indicator generation by automatically converting complex Scout search results into STIX indicators, allowing immediate monitoring, alerting, and sharing across the OpenCTI ecosystem. In practical terms, the collaboration equips analysts with the equivalent of expanding their view from only the cameras inside their building to the entire city’s traffic camera network, offering visibility into threats long before they arrive at the door.

From Filigran’s perspective, the partnership enhances both operational value and the broader open-source intelligence community. “The strength of the threat-intelligence community comes from openness and collaboration. Integrating Team Cymru’s Pure Signal with OpenCTI empowers defenders everywhere with richer context and faster analytic workflows, all while preserving the transparency and extensibility of our platform. We are proud to partner with an organization committed to elevating the global security ecosystem,” said Samuel Hassine, CEO and Co-Founder of Filigran.

This partnership underscores Team Cymru’s commitment to delivering actionable visibility that helps organizations move from reactive response to proactive, intelligence-driven defense. The integration is available now for all OpenCTI users. For configuration details and onboarding guidance, visit https://www.team-cymru.com/opencti

Leave a comment »

The CCTS Annual Report Is Out…. And Rogers Leads The Way In A Bad Way…. Again….

Posted in Commentary with tags on January 14, 2026 by itnerd

The Commission for Complaints for Telecom-Television Services or CCTS has released its annual report which you can read here. But if you don’t have time to read the report, here’s the highlights.

  • The commission accepted  23,647 complaints. This covers all telco services such as phone, wireless, TV, Internet.
  • Rogers leads the way in a bad way with 6485 of those complaints being attributed to them. Another fun fact is that this is also a 16.6 per cent increase of last year.
  • Telus received 4904 complaints this year. That’s a 78 per cent increase from last year.
  • Bell had complaints 3966, which is a slight drop from last year at 0.2 per cent.
  • Freedom Mobile had 940 complaints which accounts for a 6.2 per cent increase from last year.

That kind of implies that Canadians as a whole are not happy with Canadian telcos. But Rogers and TELUS really need to step up their game as TELUS had a substantial increase in complaints year over year. Rogers had a significant increase as well. That doesn’t mean Bell can rest on the fact that they had a slight decrease. Clearly they have work to do. And Freedom isn’t exactly home free either as their complaints increased as well.

Hopefully Canadian telcos pay attention to this and up their respective games when it comes to customer service so that their customers are much happier than they are right now.

Leave a comment »

SafeBreach releases 2026 State of the Breach Report 

Posted in Commentary with tags on January 14, 2026 by itnerd

SafeBreach has released its 2026 State of the Breach Report, analyzing results from millions of real-world attack simulations conducted by large, global enterprises over a 12-month period using the SafeBreach Exposure Validation Platform.

The report provides never-before-seen insights about how enterprises fared against 2025’s high-profile threats by examining how security controls actually performed under real attack conditions, moving beyond traditional metrics such as alerts generated, patches applied, or tools deployed. Drawing on more than 1.8 million high-fidelity simulations executed throughout 2025, the data shows where modern enterprise defenses are performing well, where threats continue to evade controls, and how outcomes differ across industries, threat actors, and MITRE ATT&CK techniques.

Key findings show that attacks like ransomware were consistently prevented, while stealthy, identity-driven campaigns continue to evade enterprise defenses. The data highlights persistent gaps in credential abuse, post-compromise activity, and lateral movement, with more than 60% of organizations exposing harvestable credentials during testing. The report also finds that industries with integrated, centralized security stacks demonstrate stronger resilience, while fragmented IT/OT and endpoint-heavy environments fail regardless of budget or tool count.

You can read the report here: https://www.safebreach.com/white-papers/safebreach-2026-state-of-the-breach-report/

Leave a comment »

Guest Post: ChatGPT Health Promises Safety and Clarity – But at What Price to Your Privacy?

Posted in Commentary with tags on January 14, 2026 by itnerd

By Stefanie Schappert

AI health assistants are here to stay, and they may provide real value in helping people interpret complicated medical information, but consumers should understand exactly what that means before inviting those tools into their most sensitive digital lives. What are the data risks consumers need to know before plunging headfirst into this new era of healthcare?

ChatGPT Health: Insight vs Exposure in AI-Driven Healthcare

Health data is already among the most sensitive personal information people have, and with the introduction of ChatGPT Health last week, users will undoubtedly be pouring their medical data into the AI chatbot with the same verve they have since ChatGPT was first launched in November 2022. 

But should they? 

The amount of sensitive information users freely and regularly post into ChatGPT (and other popular AI chatbots) is astounding.  

A study last January found that nearly one in ten workers regularly exposed their own companies’ sensitive data when using AI. 

And when thousands of ChatGPT conversations were leaked via search engines last August, the conclusion was that people pretty much share everything with AI, literally. 

So when OpenAI introduced its ChatGPT Health to the public, tech and health experts began sounding the warning bells about privacy and security issues, as well as the limits of AI’s accuracy.  

This makes it crucial to understand where information is going and how it’s being used, especially when the data in question includes deeply sensitive details such as medical history or chronic conditions.

“Designed to Support, Not Replace, Medical Care”

OpenAI touts ChatGPT Health as a “dedicated experience” intended to help people understand lab results, prepare for doctor visits, track fitness and wellness trends, or compare insurance options, marking a significant shift in how consumers interact with AI. 

“Health is already one of the most common ways people use ChatGPT,” OpenAI said in the announcement, noting that 230 million people worldwide ask the bot health and wellness questions every week.

Users can now upload and connect Health not only to medical records, but also to wellness apps – such as Apple Health, Function, and MyFitnessPal – creating a complete individual health profile, the likes of which we have never seen before. 

Traditionally, health data has been scattered across many devices and platforms – a hospital portal here, a fitness tracker there, a PDF of bloodwork in your inbox. 

But now, health data will be woven together into new AI-generated interpretations and summaries, all stored within a single system.

Not just storing medical records, Health will aggregate and interpret them, creating narratives, patterns, and insights – a fundamental departure from how most people think about their medical data. 

This matters because the value of health data isn’t just in its raw form; it’s what can be inferred and contextualized from it. 

Derived insights, health trends over time, connections between symptoms and test results, and personalized explanations can prove more revealing than the “data points” themselves. 

People may also consent to sharing individual data points, for example, a symptom or lab result,  without understanding the new meaning that emerges once those data points are combined.

AI algorithms developed from aggregated data have already proven that, in the wrong hands,  could easily lead to AI biases, workplace, or societal discrimination, impacting such variables as individual treatment plans or health insurance premiums, among many others. 

Understanding the Privacy Tradeoffs

On the technical side, OpenAI says ChatGPT Health builds on its existing security architecture with additional, layered protections, including purpose-built encryption and isolation to keep health conversations protected and compartmentalized.

Users can also enable multi-factor authentication, review or delete Health memories, and revoke access to connected apps at any time, according to OpenAI.

With layered, end-to-end encryption, health conversations are isolated and not used to train models, the company further states.

Still, privacy critics have pointed out that when users upload medical records into an AI service – even one with promises of encryption and compartmentalization – they may effectively remove traditional privacy protections that would otherwise apply in regulated healthcare settings.

One expert recently told The Record that giving an AI access to electronic medical records can strip those records of the legal safeguards they enjoy under rules like HIPAA, which lays out how Protected Health Information (PHI) is processed, stored, transmitted, and secured.

“ChatGPT is only bound by its own disclosures and promises, so without any meaningful limitation on that, like regulation or a law, ChatGPT can change the terms of its service at any time,” explained Sara Geoghegan, senior counsel at the Electronic Privacy Information Center.

Because health data remains among the most valuable targets for hackers, any system that aggregates medical records, wellness data, and AI-generated health insights – especially on a single platform – can significantly increase the amount of data exposed in the event of a breach.

From a cybersecurity perspective, aggregation also concentrates value, making AI health platforms especially attractive targets for attackers seeking high-impact data rather than isolated records.

The tradeoff – insight versus exposure – is destined to be the burning question we face moving forward.

One thing is certain: weighing insight vs. exposure is no longer theoretical – it is now the defining moment of AI-driven healthcare.

ABOUT THE AUTHOR

Stefanie Schappert, a senior journalist at Cybernews, is an accomplished writer with an M.S. in cybersecurity, immersed in the security world since 2019.  She has a decade-plus experience in America’s #1 news market working for Fox News, Gannett, Blaze Media, Verizon Fios1, and NY1 News.  With a strong focus on national security, data breaches, trending threats, hacker groups, global issues, and women in tech, she is also a commentator for live panels, podcasts, radio, and TV. Earned the ISC2 Certified in Cybersecurity (CC) certification as part of the initial CC pilot program, participated in numerous Capture-the-Flag (CTF) competitions, and took 3rd place in Temple University’s International Social Engineering Pen Testing Competition, sponsored by Google.  Member of Women’s Society of Cyberjutsu (WSC), Upsilon Pi Epsilon (UPE) International Honor Society for Computing and Information Disciplines. 

Leave a comment »

SIOS Technology VP of Customer Experience Cassius Rhue Shares 2026 IT Predictions

Posted in Commentary with tags on January 14, 2026 by itnerd

 SIOS Technology Corp. today announced its 2026 technology predictions from Cassius Rhue, Vice President of Customer Experience. Rhue forecasts that high availability will expand far beyond uptime, becoming a core enabler of cybersecurity resilience, hybrid cloud operations, AI reliability, and simplified IT management.

“By 2026, IT admins will require clustering tools for high availability and disaster recovery that provide far greater visibility and control across increasingly complex environments,” said Rhue. “Hybrid cloud, cybersecurity pressures, and AI-driven workloads are fundamentally reshaping what organizations expect from HA and DR platforms.”

Key 2026 Predictions Include:

  • Hybrid and Multicloud Strategies Gain Momentum – Hybrid and Multicloud solutions have become a more proven option to help organizations balance performance, cost, and resilience while avoiding vendor lock-in.  More enterprises will continue to consider and adopt hybrid and multicloud architectures in 2026. As a result, HA solutions that can seamlessly operate across diverse infrastructures will become indispensable to modern IT strategies.
  • Cybersecurity Will Redefine the Role of High Availability – The rising wave of cybersecurity threats is transforming how enterprises view HA clustering. In 2026, HA will not only be about achieving 99.99% uptime—it will also serve as a vital tool for maintaining security resilience. More organizations will use HA clusters to enable rapid, low-risk patching and updates, ensuring systems remain both highly available and protected against emerging threats.
  • High Availability Focuses on Ease of Use to Meet Growing IT Admin Needs – As IT administrators and generalists are given increasing responsibility for managing complex high availability (HA) application environments, the demand for intuitive, automated HA solutions will surge. In 2026, IT teams will favor platforms that do not require specialized HA skills, minimize manual configuration and simplify cluster management. Vendors that prioritize ease of use, automation, and guided workflows will stand out as the market evolves toward accessibility for non-specialist admins.
  • DevOps teams will increasingly integrate high availability clustering into application planning to reduce deployment risk – Clustering tools with robust APIs, automation hooks, and real-time observability will allow rapid updates without interrupting production services. DevOps engineers will use clusters to test patches against active workloads, reducing the risk and degree of change. HA becomes a built-in feature of the delivery process—not an afterthought.
  • Continuous Availability: The New Foundation for Trusted AI – AI and ML workloads will run more frequently on distributed clusters and GPU-intensive systems, where downtime creates costly disruptions. In 2026, IT admins will demand high availability solutions that simplify complex AI stacks and expose full visibility into data, storage, and node health. Continuous availability becomes a prerequisite for AI reliability and trust.
  • Observability Becomes Essential for Complex IT Environments – As IT infrastructures expand across on-premises, cloud, hybrid, and multi-cloud environments, visibility into application performance and health and interdependencies of the elements of the IT stack will become mission-critical. In 2026, observability will emerge as a key differentiator for HA solutions, allowing IT teams to identify and resolve issues before they impact uptime. The most successful HA platforms will provide deep insights across the full stack—from hardware to application layer.
  • Consolidation of Virtual Application Environments Drives Up Complexity and Need for Easy-to-Manage HA – As enterprises consolidate onto virtualized platforms, IT admins will manage more mission-critical workloads per host. HA clustering will provide automated and intelligent failover across hypervisors without requiring deep virtualization expertise. Growing cybersecurity pressures will drive adoption of cluster-based patch automation to protect large pools of VMs simultaneously. Virtualized environments won’t just run clusters—they will depend on them.
  • Growing need for Automated Disaster Recovery – By 2026, high availability and disaster recovery IT admins will expect clustering tools to support disaster recovery locations with automate failover, verify replication integrity, and give full visibility into the entire application stack—including networking, storage, and cloud resources. Frequent cyber incidents will force DR teams to apply patches and recover systems rapidly, with clusters minimizing downtime during failover. Disaster recovery becomes proactive, not reactive.

Leave a comment »

RunSafe Security Appoints Bob Lyle as Chief Revenue Officer

Posted in Commentary with tags on January 14, 2026 by itnerd

RunSafe Security today announced the appointment of Bob Lyle as Chief Revenue Officer (CRO). Lyle brings more than 30 years of experience in cybersecurity, software, and high-technology markets and will lead RunSafe’s global revenue growth as the company scales adoption of its embedded software security platform, including patented runtime protection and build-time SBOM generation.

In his role, Lyle will oversee RunSafe’s sales execution, go-to-market strategy, customer expansion, and strategic partnerships, supporting continued growth across enterprise, government, and critical infrastructure markets. His appointment comes as RunSafe experiences growing demand from government, enterprise, and critical infrastructure customers facing software supply chain risks.

Lyle joins RunSafe from Medcrypt, where he served as Chief Revenue Officer. Previously, he served as CRO of MergeBase, which was acquired by Finite State, and Cybeats, where he helped grow the company from its first customers to an initial public offering on the Canadian Securities Exchange (CSE: CYBT). Earlier in his career, Lyle co-founded and served as CEO of Valona Labs, a mobile device security startup acquired by HMD Global in 2020.

In addition to his startup leadership, Lyle has held executive roles at Qualcomm, Samsung, Motorola, and Absolute, spanning both venture-backed and public technology companies. Lyle also serves as Chair of the GSMA’s Device Security Group (DSG), and has acted as Deputy Chair or Chair continuously since 2019.

Leave a comment »

GrowthPal secures $2.6M to boost AI-driven M&A

Posted in Commentary with tags on January 14, 2026 by itnerd

For most companies, inorganic growth depends on timing, context, and access. Yet M&A deal origination from mid-market and early stage companies, has changed little in decades, still driven by banker networks, static databases, and fragmented research workflows. Buyers often see only what is already on the market, while high-quality, off-market opportunities remain hidden. GrowthPal, co-founded by Maneesh Bhandari, Shalu Mitruka and Amaresh Shirsat, was built to change this dynamic. Today, the company announced a $2.6 million funding round to accelerate its AI-powered M&A copilot for deal sourcing and execution.

The round was led by Ideaspring Capital with participation from prominent angel investors globally. The new capital will support product development and expand GrowthPal’s presence across the US and international markets as demand grows for faster, more programmatic approaches to inorganic growth.

The announcement comes as M&A teams face increasing pressure to do more with less. Corporate development teams are leaner, timelines are compressed, and competition for quality assets is intensifying. While platforms like PitchBook, D&B, Datasite, and Tracxn have made company data more accessible, they largely stop at aggregation. GrowthPal addresses a different need by applying AI-driven reasoning to help teams identify which companies actually matter, based on strategic intent, sector context, and readiness to transact.

GrowthPal’s platform acts as an intelligent M&A copilot. When a buyer defines a growth objective – like acquiring a specific capability or entering a new geography – the system translates that goal into a structured acquisition thesis. Its AI agents then scan an enriched database of more than four million technology companies using signals from public filings, web activity, hiring trends, funding history, and other indicators. The result is a short list of precision-fit, often off-market targets that align closely with the buyer’s mandate, rather than broad lists of loosely relevant companies.

The company was founded to address a structural gap in the market. While more than a million meaningful startups exist globally, fewer than one percent scale successfully, often due to lack of timely exits or strategic partnerships. At the same time, many acquirers struggle to find the right targets efficiently, particularly for transactions under $70 million that fall below the focus of traditional investment banks. GrowthPal was created to connect these two sides by making deal sourcing proactive, discreet, and data-driven.

GrowthPal has already supported more than 42 completed M&A transactions and facilitated over 210 LOI-stage conversations across North America, Europe, Asia, and Latin America. Clients include large and mid-market enterprises, fast-growing startups, private equity-backed firms, and corporate development teams across sectors such as IT services, SaaS, fintech, and vertical software. In one case, a single client closed seven acquisitions within 18 months using the platform.

The broader M&A landscape is increasingly shaped by data abundance and decision scarcity. Teams have more information than ever, yet struggle to turn it into conviction. As acquisitions become a core growth lever for companies of all sizes, the ability to reason across signals, context, and intent is becoming a competitive advantage.

Looking ahead, GrowthPal plans to extend its intelligence deeper into the transaction lifecycle, supporting valuation reasoning, deal structuring, and preparation for negotiations. The company’s long-term vision is to become the system of intelligence that helps teams make better M&A decisions earlier, with greater confidence and clarity, starting from discovery and extending through execution.

Leave a comment »