Posted in Commentary with tags Samsung on February 5, 2026 by itnerd
As Valentine’s Day approaches, there’s growing interest in design-forward gifts that add lasting value to the home, rather than novelty items tied to a single moment.
Samsung has few lifestyle-focused products that are a natural fit for Valentine’s Day gift guides centered on home, design, or everyday living , each standing on its own as a long-term upgrade.
A movable, height-adjustable screen designed for flexibility around the home
Easy to reposition between rooms, making it ideal for casual viewing, workouts, or shared spaces
Combines portability with a clean, modern design
Each one offers a more thoughtful alternative to traditional Valentine’s Day gifts, prioritizing design, everyday use, and longevity over seasonal novelty.
Cayosoft and XMS Solutions today announced they have been selected to support a Department of War agency modernization effort focused on strengthening Identity, Credential, Access, and Management (ICAM) capabilities in alignment with federal Zero Trust objectives. The effort supports Department of War priorities for improving identity security, operational resilience, and mission continuity across complex hybrid Microsoft environments, consistent with Executive Order 14028 and Zero Trust Architecture principles defined in NIST Special Publication 800-207.
As part of the initiative, the agency is modernizing legacy identity administration and recovery capabilities to reduce operational risk, improve visibility into identity activity, and strengthen its ability to respond to and recover from cyber incidents affecting directory services. Cayosoft and XMS Solutions were selected to deliver a standardized, scalable ICAM capability designed to support secure access, continuous monitoring, and resilient operations across on-premises and cloud environments.
The joint solution integrates Cayosoft’s commercial off-the-shelf identity management, security, and recovery platform with XMS Solutions’ federal implementation and operational expertise. Together, the team is delivering an ICAM capability that supports Zero Trust outcomes by enforcing least privilege, improving auditability, reducing reliance on custom scripting, and enabling rapid restoration of identity services required for mission execution.
The Cayosoft Enterprise Management Suite provides unified administration, continuous monitoring, policy enforcement, and recovery for hybrid Microsoft identity platforms. The solution supports audit readiness and operational resilience by enabling agencies to maintain trusted identity services before, during, and after cyber events—without introducing additional operational complexity.
Posted in Commentary with tags CISA on February 5, 2026 by itnerd
The CISA has added to its KEV catalog and is giving federal agencies till Friday to patch the actively exploited, critical security (9.8) flaw reported last week in SolarWinds’ Web Help Desk software.
The bug involves an untrusted data deserialization weakness that allows a remote, unauthenticated attacker to execute arbitrary code on affected systems.
Horizon3.ai researchers revealed that the recently identified SolarWinds vulnerability, tracked as CVE-2025-40551, stems from an earlier flaw uncovered in 2024 (CVE-2024-28986) and the new bug is part of an ongoing chain of issues caused by incomplete remediation of the original vulnerability, allowing attackers to bypass previous fixes.
In response to the discovery, SolarWinds has released updates in its Web Help Desk 2026.1 release that address this and several related vulnerabilities, including several with high severity ratings, some of which can also bypass authentication controls or allow similar impacts such as privilege escalation or arbitrary actions by unauthenticated users.
“What stands out is not one critical CVE, but a series of six caused by incomplete fixes of the same underlying weakness. This incident shows how easy it is to patch the reported bug without eliminating the root problem. Engineers are moving fast, working at scale, and are not security specialists. The answer isn’t more expertise. It’s better reasoning that helps teams fix the system, not just the CVE.”
Damon Small, Board of Directors, Xcape, Inc. follows with this comment:
“SolarWinds’ Web Help Desk has a critical remote code execution vulnerability (CVE-2025-40551) stemming from untrusted data deserialization, which is the same root cause as a flaw patched two years ago, discovered by the same researcher who found the original issue. CISA has added it to the Known Exploited Vulnerabilities catalog, confirming active exploitation and requiring immediate patching to version 2026.1.
“While this is the only confirmed exploit currently, the January 2026 patch also addressed three other critical vulnerabilities, including authentication bypasses, that could be chained together for full system compromise. Organizations must patch immediately to avoid becoming the next breach headline.
“When the same researcher finds the bypass to your two-year-old patch, that’s not a vulnerability; that’s a sequel nobody asked for.”
“These CVEs are quite serious and involve Remote Code Execution (RCE) attacks caused by authentication bypass or improper data deserialization. “Help Desk” software is an obvious target and an easy entry point into an enterprise network, enabling attackers to cause further damage. Security teams should patch these vulnerabilities right away.”
I truly thought that we were done with the dumpster fire that was SolarWinds. But I guess like the bad guy who dies at the end of the movie only to come back in the sequel, nothing of this sort truly goes away.
Palo Alto Networks today announced the next generation of its NextWave Partner Program, fundamentally redefining partner profitability for the AI era. As the industry moves toward AI-driven security, NextWave moves beyond transactional volume to reward partners who deliver platform-centric security outcomes.
The evolved program enables the entire partner ecosystem to move away from the ‘point-product’ trap. By focusing on platformization, Palo Alto Networks enables partners to integrate their customers’ security stacks across the network, cloud, and SOC—reducing complexity while increasing high-margin, partner-led service opportunities.
Available to partners now, the new NextWave Partner Program is built on direct feedback from the global partner community, focusing on three transformative benefits:
Enhancing Partner Margins: Streamlined rebates focus on Next-Generation Firewalls (NGFW), Next-Generation Security (NGS) and platformization to reward technical expertise and maximize profitability.
Accelerating Deal Velocity: Enhanced Configure, Price, Quote (CPQ) and new automated deal registrations, combined with improved service delivery tools, to reduce friction and speed up time to close.
Reinvesting For Growth: A new Partner Development Fund (PDF) reinvests earned rebates directly into partner-led demand generation, training, and solution development to drive differentiation and accelerate joint customer success.
With Tailored Paths for Every Partner:
Managed Security Service Providers (MSSPs): Predictable, tiered pricing to build high-margin managed services to ensure accelerated outcomes.
Distributors: Enhanced capabilities, governance and support for Distributor Managed Partner growth.
Global System Integrators (GSIs): A “Global Path” rewarding multi-theater influence and strategic consulting with a white glove experience, coming later this year.
Posted in Commentary with tags BforeAI on February 5, 2026 by itnerd
Many of us are watching developments in Iran with interest. The threat researchers at BforeAI took a look at how these tensions are being used to fuel online scams and other fraudulent or malicious activity. While the timeframe for this analysis ranges from the beginning of December to mid-January, we feel that this is indicative of what can be expected, especially as rhetoric from the governments of the US and Iran, as well as regional powers in the Mideast, continues to escalate.
PreCrime™ Labs analyzed an organized surge of Iran-themed domain registrations across a small set of registrars and cheap top level domains (TLDs), indicating clear clusters around themes including protest, conflict, sanctions evasion, gambling, and infrastructure that can be used as predictive indicators for preemptive security controls.
There is a strong concentration around a handful of registrars, privacy protected records, and Cloudflare or Chinese DNS, which together act as early risk signals for coordinated campaigns tied to the ongoing Iran conflict and related information operations. Multiple thematic clusters using keywords such as “protests”, “no war”, “sanctions”, “logistics”, “casinos”, and “VPN”, provide high-value predictive indicators for proactive blocking, brand and policy enforcement, and sanctions risk monitoring before full campaigns go live.
Comparitech researchers have published a study looking at all the education ransomware attacks of 2025.
In 2025, ransomware gangs took credit for 251 cyberattacks on schools, universities, and other educational institutions. While similar to 2024’s figure (247), 2025’s attacks resulted in the breach of over 3.96 million records, a significant increase from 2024 (3.11 million).
The three largest breaches of 2025 all stem from Clop’s exploit of a zero-day vulnerability in Oracle’s E-Business Suite software, highlighting how schools not only face the threat of ransomware attacks on their own systems but also on the third parties they rely on.
Key findings include:
3,962,869 records are known to have been breached in the confirmed attacks–UP 27% from 2024’s figure (3,112,121)
Average ransom demand across all attacks = $464,000–DOWN 33% from 2024 ($694,000)
The ransomware strains that claimed the most attacks against schools, colleges, and universities were Qilin (37), SafePay (23), Fog and Interlock (18 each), and INC (17)
Interlock took credit for the most confirmed attacks (11), followed by Qilin (9), Fog (7), SafePay, INC, and Clop (6 each), and Medusa (4)
Over 241 TB of data was allegedly stolen across all attacks
The United States saw the most attacks (130), followed by the United Kingdom (12), France, Brazil, and Japan (9 each), Canada (8), and Australia and Spain (7 each)
Attacks in the US (-9%), the UK (-50%), France (-18%), and Germany (-40%) all declined, while attacks in Brazil (+125%), Japan (+350%), Canada (+14%), Australia (+250%), and Spain (+600%) all increased
The AI agent OpenClaw’s popularity has skyrocketed over recent weeks, but so have concerns about its cybersecurity risks. New findings reveal that roughly 73% of OpenClaw servers exposed this week remain publicly accessible to this day, creating a significant threat to users and an even greater risk to businesses — a single employee using OpenClaw could potentially expose sensitive information or corporate credentials.
openclaw.ai (formerly Clawdbot or Moltbot) is a self-hosted AI agent and assistant created by developer Peter Steinberger. Recently, it took the internet by storm with the promise of an AI agent that not only responds but also takes independent action — OpenClaw can instantly execute commands, such as scheduling meetings, editing files, or browsing the internet, among many other use cases.
Although deemed revolutionary by some users, OpenClaw’s functionalities come with a hefty cost — with extensive access to local and web-based applications, passwords, and other sensitive information, the responsibility of securing the environment in which the AI agent is deployed falls on the user, and failure to do so poses a high risk of leaking data to the open web. Labeled as a “hobby project” by its creators, OpenClaw doesn’t sugarcoat its cybersecurity risks and recommends that users who are not familiar with basic security and access control avoid the AI agent or seek guidance from professionals.
A senior threat intelligence researcher from NordStellar, a threat exposure management platform, analyzed findings from network observability tools that revealed about 21,000 (21,356) servers running OpenClaw or its prerequisites were accessible on the public internet this week.
As of Thursday, February 5th, nearly 16,000 (15,578) of those servers were still accessible, highlighting that not only does OpenClaw pose significant cybersecurity risks, but users are slow to take the necessary security measures to make these servers inaccessible, leaving them publicly exposed, and further illustrating that the majority of them lack the technical knowledge to mitigate the security risks of deploying OpenClaw.
And that’s only part of the story — a recently documented high severity vulnerability in OpenClaw allows an attacker to gain remote code execution just by tricking a user into clicking a single malicious link. Users have also been flocking to GitHub to report vulnerabilities. While not all of them have been validated, the number of identified security issues has been growing rapidly and has already surpassed 100 reports.
Having already garnered over145,000 GitHub stars and 20,000 forks, users are nevertheless quick to adopt the new agent. Andrius Buinovskis, a cybersecurity expert at NordLayer, a toggle-ready network security platform for businesses, warns that OpenClaw’s growing popularity should be a cause for concern among businesses.
“OpenClaw introduces significant security risks for users, but they’re even more dangerous for organizations. Businesses handle extremely sensitive data, and a single employee using OpenClaw could unknowingly jeopardize the organization’s security,” says Buinovskis.
He explains that the AI agent stores passwords, API keys, and OAuth tokens in plaintext — without encryption — so leaked corporate credentials will be easily accessible and usable by anyone who manages to get their hands on them. This sensitive data, along with chat history with the AI bot, is stored on a local web server that could accidentally be exposed to the public internet.
“With the ability to automate some everyday work tasks, it’s understandable why employees could be eager to deploy OpenClaw. The software is primarily designed for a more tech-savvy audience, such as developers and vibe-coders. However, the sheer number of exposed servers proves that even experienced users overlook basic security hygiene when a tool is easy to misconfigure,” says Buinovskis.
Mitigating OpenClaw security risks in a business environment
According to Buinovskis, while there are many cybersecurity concerns surrounding OpenClaw, businesses can take key preventive measures to mitigate some of the main risks. He highlights that full system access, autonomy, and complex setups are key risks security teams should keep in mind and aim to address.
“The first key objective is to mitigate the shadow IT problem OpenClaw poses for organizations by avoiding uncontrolled and decentralized deployments,” says Buinovskis. “This calls for clear policies surrounding approved software enforcement mechanisms, like endpoint detection, to prevent employees from running unapproved instances in the first place.”
He highlights that while OpenClaw is dangerous, security teams would benefit from getting ahead of the problem. Since employees might go rogue and use it anyway, it’s better for them to do so in a secure, controlled environment.
“In reality, even extensive cybersecurity awareness training does not guarantee that users will refrain from risky behaviour, despite knowing the threats that may follow. While it might seem counterintuitive, allowing employees who are interested in using OpenClaw to deploy it centrally would eliminate any risks that could arise from poor misconfiguration,” says Buinovskis.
He explains that centralized deployment provides a single point of control for security teams, allowing them to configure a single instance correctly rather than relying on numerous employees to do it right. This approach also establishes consistent security settings throughout — ensuring that authentication, firewalls, and encryption are applied, and allowing easier monitoring of logs and access attempts.
“Even if OpenClaw is deployed centrally, users still need a safe way to access it. For this, they need a secure, encrypted tunnel that they could access with authorization,” says Buinovskis. “Secure tunnels ensure that the server containing sensitive data is isolated from the public internet, and setting up a VPN or private network allows only authorized users to have access to OpenClaw.”
Bunovskis continues that creating remote access via secure tunnels prevents the server containing sensitive data from becoming publicly accessible, safeguarding it from attackers. This approach also encrypts the traffic, mitigating the risk of data exposure during transit.
Each year, the Super Bowl draws one of the largest live audiences of any global sporting event, with tens of thousands of spectators attending in person and more than 100 million viewers expected to watch worldwide. Beyond the game itself, the Super Bowl represents one of the most influential commercial and media stages in the world, with major brands investing in some of the most expensive advertising time of the year. The scale, visibility, and economic significance of the event make it an attractive target for threat actors seeking attention, disruption, or financial gain, underscoring the need for heightened security awareness.
Cybersecurity Considerations
At this time, Flashpoint has not observed any specific cyber threats targeting Super Bowl LX. Despite the absence of overt threats, it remains possible that threat actors may attempt to obtain personal information—including financial and credit card details—through scams, malware, phishing campaigns, or other opportunistic cyber activity.
High-profile events such as the Super Bowl have historically been leveraged as bait for cyber campaigns targeting fans and attendees rather than league infrastructure. In October 2024, the online store of the Green Bay Packers was hacked, exposing customers’ financial details. Previous incidents also include the February 2022 “BlackByte” ransomware attack that targeted the San Francisco 49ers in the lead-up to Super Bowl LVI.
Potential Physical Threats
Protests and Boycotts: Flashpoint analysts have identified online chatter promoting protests in the Bay Area in response to allegations that Immigration and Customs Enforcement (ICE) agents will conduct enforcement operations in and around Super Bowl LX. A planned protest is scheduled to take place near Levi’s Stadium on February 8, 2026, during game-day hours.
CloudSEK’s latest threat intelligence report details a growing cross-border cryptocurrency investment scam ecosystem leveraging social messaging platforms and fake regulatory credentials to defraud unsuspecting investors.
The report documents how scam networks are impersonating financial regulators, investment firms, and compliance authorities across regions, using platforms such as WhatsApp and Telegram to build trust, lure victims into fraudulent crypto schemes, and move funds across borders. Our researchers analysed the infrastructure, social engineering tactics, and operational patterns behind these scams, highlighting how they are evolving beyond isolated fraud cases into organised, repeatable crime models.
Key insights from the report include:
How fake regulatory identities and compliance documents are used to create legitimacy
The role of social messaging channels in scaling investor scams quickly across geographies
Indicators that link these operations to coordinated, cross-border fraud networks
Given the rising impact of crypto-related fraud on retail investors and the renewed regulatory focus on digital asset scams, we believe these findings may be relevant for your coverage on cybersecurity, financial crime, or consumer protection.
Posted in Commentary with tags Telus on February 5, 2026 by itnerd
TELUS today announced the successful deployment and commissioning of its nearly 125-kilometre submarine fibre optic cable connecting Sept-Îles to Sainte-Anne-des-Monts. This critical infrastructure, which was deployed and buried in the seabed of the St. Lawrence River in November and December 2025, provides essential redundancy to the telecommunications network serving communities east of Baie-Comeau. This major project was made possible through a joint investment of more than $20 million from TELUS and the Government of Canada.
The commissioning of this submarine infrastructure creates an essential backup route that will ensure the continuity of all telecommunications services in the event of failures or breaks on the main terrestrial network along Route 138 between Baie-Comeau and Sept-Îles. The cable offers massive bandwidth capacity, ultra-low latency and multi-decade durability, while ensuring physical redundancy as part of TELUS’s diverse route strategy.
A connectivity project anchored in responsible innovation
This major project was carried out following strict standards for the protection of marine wildlife and the environment. Several innovative initiatives were deployed.
During cable installation, the team relied on a detection system combining thermal imaging, AI and human intelligence to prevent collisions and reduce sound impacts on marine mammals—a first in Canada.
Environmental restoration work is planned for the spring and summer of 2026 to ensure the protection of the St. Lawrence River shorelines and to support the natural regrowth of resilient plants such as Sea Lyme-grass.
This initiative is part of TELUS’s commitment to connecting regions, supported by $70 billion in planned investments through 2029 allocated to infrastructure development, business expansion and spectrum licence acquisition.
A design-forward Valentine’s Day gift that lasts beyond February From Samsung
Posted in Commentary with tags Samsung on February 5, 2026 by itnerdAs Valentine’s Day approaches, there’s growing interest in design-forward gifts that add lasting value to the home, rather than novelty items tied to a single moment.
Samsung has few lifestyle-focused products that are a natural fit for Valentine’s Day gift guides centered on home, design, or everyday living , each standing on its own as a long-term upgrade.
The Frame TV
Music Frame Speaker
The Moving Style
Each one offers a more thoughtful alternative to traditional Valentine’s Day gifts, prioritizing design, everyday use, and longevity over seasonal novelty.
You can find out more details at Samsung.ca
Leave a comment »