Archive for the Commentary Category

« Older Entries
Newer Entries »

LevelBlue and Fortra Launch Strategic Managed Services Partnership to Accelerate Cybersecurity Innovation

Posted in Commentary with tags on January 27, 2026 by itnerd

LevelBlue, the world’s largest pure-play provider of managed security services, today announced a strategic partnership with Fortra, a global leader in cybersecurity solutions. This collaboration integrates Fortra’s best-in-class solutions with LevelBlue’s elite managed services, delivering a comprehensive security offering designed to combat the evolving threat landscape.

The partnership marks a major milestone in LevelBlue’s mission to deliver world-class, proactive cybersecurity and secure what’s next for its clients, while also representing a significant step forward in Fortra’s evolution as a channel-first company focused on empowering resellers, service providers, and distributors to deliver its solutions.

As part of this long-term partnership, LevelBlue will acquire the managed services of Fortra’s Alert Logic Managed Detection and Response (MDR), Extended Detection and Response (XDR), and Web Application Firewall (WAF) solutions. LevelBlue’s expanded MDR platform, strengthened through recent acquisitions, will provide Alert Logic’s client base with access to a larger global footprint, broader threat telemetry, and accelerated detection and response across complex environments. In parallel, Fortra will become one of LevelBlue’s leading cybersecurity partners, making its best-in-class software and platforms available to LevelBlue’s global client base.

Fortra’s technologies complement and extend LevelBlue’s existing strengths across data security, brand protection, email security, and offensive security, adding additional depth, optionality, and specialization for LevelBlue clients. Together, LevelBlue and Fortra will provide clients with greater choice, broader coverage across the attack surface, and improved security outcomes, all delivered through LevelBlue’s managed services model.

This partnership further reinforces LevelBlue’s position as the global pure-play leader in MDR and managed cybersecurity services, while underscoring Fortra’s role as a global leader in cybersecurity software and solutions. Following the launch of Fortra’s new partner program, Fortra Protect, last year, the partnership with LevelBlue further illustrates Fortra’s commitment to work with the world’s best service providers and channel experts to serve cyber clients.

LevelBlue, an innovator in cloud-based, AI-driven managed security services, continues to expand its leadership as the world’s largest pure-play MSSP, offering one of the most comprehensive portfolios spanning managed security, offensive security, incident response, threat intelligence, and MDR. This scale and breadth enables clients and partners to accelerate threat detection, streamline security operations, reduce cyber risk, and continuously mature their cybersecurity posture, now with even more choice and value through Fortra’s complementary technologies.

Santander served as the exclusive financial advisor to LevelBlue in this transaction and Stephens served as the exclusive financial advisor to Fortra/Alert Logic.

Leave a comment »

AI tools linked to 37 unsafe or violent incidents in 2025

Posted in Commentary with tags on January 27, 2026 by itnerd

Cybernews analyzed AI incidents and found that 37 AI incidents involving violent and unsafe content were reported in 2025, some of which resulted in loss of life. As more people turn to AI chatbots for advice and emotional support, there have been multiple cases in which these chatbots provided dangerous, life-threatening advice.

Examples from reported incidents:

  • One widely reported case involved 16-year-old Adam Raine, who died by suicide after ChatGPT allegedly encouraged his suicidal thoughts instead of urging him to get support.
  • An IT professional tested a chatbot called Nomi and found that, when prompted, it can encourage users to commit murder, providing detailed instructions on how to commit the act.

Recent Cybernews research has shown that popular LLMs do, in fact, provide self-harm advice if prompted correctly, indicating that current guardrails in popular chatbots are far from enough. 

For more information, you can find the full research here

Leave a comment »

Age Assurance’s Shared Future: Persona, Incode and Veratad Boost OpenAge Initiative Momentum

Posted in Commentary with tags on January 27, 2026 by itnerd

OpenAge today announced that Persona, Incode and Veratad have joined the OpenAge Initiative, adding further momentum to the industry’s move toward privacy-preserving, interoperable age assurance as foundational trust infrastructure.

Their participation builds on recent commitments from Meta and Socure, along with broad adoption across k-ID clients and reflects a growing consensus across platforms and identity providers that age assurance is becoming a baseline operational requirement, not a bespoke or jurisdiction-specific feature.

Launched in late 2025, the OpenAge Initiative brings together platforms, identity providers, and trust infrastructure partners to establish a user-centric, privacy-first framework for age assurance that works across services, jurisdictions, and regulatory regimes. The Free Speech Coalition (FSC) recently announced its support for the OpenAge Initiative and AgeKey, as a privacy-preserving and low-friction approach to meeting age-assurance requirements without compromising user anonymity or security.

At the centre of the initiative are AgeKeys, a reusable age credential that allows individuals to verify their age once with a participating provider and reuse that age signal across services that accept AgeKeys. Designed around open standards and double-anonymity principles, AgeKeys minimise data exposure, eliminate repeated verification, and support consistent protections for minors while preserving adult privacy.

Persona and Incode bring configurable age assurance and identity verification used by global platforms, while Veratad supports privacy-preserving, risk-based age and identity assurance through its global orchestration capabilities. Their participation expands the ecosystem of providers able to support OpenAge-aligned implementations.

AgeKeys have already been used millions of times across participating services, significantly reducing friction compared to traditional age-verification methods while strengthening privacy protections. The OpenAge Initiative remains open to platforms, identity providers, and ecosystem partners committed to advancing interoperable, privacy-preserving age assurance globally.

Leave a comment »

Mantas emerges from stealth with funding round to insure cloud downtime with parametric coverage

Posted in Commentary with tags on January 27, 2026 by itnerd

Cloud infrastructure has become the backbone of modern business. Yet when cloud services fail, the financial consequences are often immediate and severe, while protection remains limited or nonexistent. Mantas was founded on the belief that cloud downtime is no longer a technical inconvenience, but a material business risk that should be measured, priced, and insured. Today, the company announced its launch from stealth alongside a seed funding round to introduce parametric insurance for cloud outages.  

The round totals $1.77 million and includes participation from Nuwa Capital, Suhail Ventures, Plus VC, OQAL Angel Syndicate, and strategic angel investors. The capital will support product development, risk modeling, and early customer deployments across the MENA region and North America.

The launch comes as reliance on hyperscale cloud infrastructure continues to accelerate, particularly in regions undergoing rapid digital transformation. Businesses now operate on always-on platforms where even minutes of downtime can halt transactions, disrupt operations, and erode customer trust. Traditional approaches to managing this risk rely on SLAs, legal contracts, and resilience engineering, all of which offer limited financial certainty when failures occur. Mantas takes a different approach by applying parametric insurance to cloud outages, enabling automatic payouts triggered by verified outage data rather than lengthy claims processes.

Mantas provides tailored cloud outage insurance combined with real-time cloud risk monitoring. Its coverage is designed for digital-first companies whose revenues and operations depend on continuous cloud availability, including fintechs, airlines, e-commerce platforms, SaaS providers, and regulated enterprises. When predefined outage conditions are met, payouts trigger automatically, providing fast and transparent liquidity that allows businesses to respond, recover, and protect customer trust. Beyond coverage, Mantas also delivers risk intelligence to help companies understand their exposure and strengthen infrastructure decisions before failures occur.

The idea for Mantas originated from a firsthand experience with cloud failure. Founder and CEO Basil Mimi encountered a widespread outage while trying to place a food order, only to watch the disruption escalate into significant losses and public fallout for the business involved. As a software engineer, the incident highlighted a blind spot in how cloud risk was being managed. While outages were measurable and predictable, the financial risk remained largely uninsured. Discovering parametric insurance models used in sectors like agriculture and weather provided the missing piece and became the foundation for Mantas.

The need for this shift is becoming increasingly apparent as cloud adoption concentrates risk across a small number of critical platforms. In North America, cloud outages are increasingly systemic rather than isolated incidents. In the Middle East, governments and enterprises are scaling cloud infrastructure at record speed as they leapfrog into cloud-first operations. In both regions, financial protection has lagged behind technological reliance, creating structural exposure across digital-first industries.

Mantas plans to expand its platform alongside the evolving use of cloud and AI infrastructure. As architectures become more interconnected and failures increasingly cascade across services, the company aims to extend coverage across emerging digital risks while strengthening its real-time monitoring and risk intelligence. The long-term vision is to ensure businesses are never left financially exposed as their technology stacks and dependencies evolve.

Leave a comment »

Wise among the first PSPs to join Payments Canada as a member 

Posted in Commentary with tags on January 27, 2026 by itnerd

Wise has become one of the first Payment Services Providers (PSPs) to be granted membership to Payments Canada. This milestone will enable Wise to deepen its service offering for Canadian customers, further establishing the company as a key financial player in Canada.

As a member of Payments Canada, Wise is now eligible to apply to participate in Canada’s national payment systems including the Automated Clearing Settlement System, Lynx and the forthcoming Real-Time Rail. Once a participant, Wise will be able to speed up transfer times and reduce costs for people and businesses moving money internationally in and out of Canada.

Canada is actively enhancing its payments modernization efforts, which included the federal government’s recent legislative changes that opened Payments Canada membership to non-bank (PSPs) for the first time. This decision places Canada among a group of G20 economies that have acted on commitments to improve cross-border payments. According to Wise’s 2025 G20 Report, Canada now joins a select group of eight G20 member nations that currently offer direct access to payment systems to non-bank payment service providers. 

The next major milestone in Canada’s payments modernization journey will be the launch of its new instant payment system, the Real-Time Rail (RTR). As a member, Wise can now apply to connect to the RTR to offer customers even faster, lower-cost, more transparent and convenient international payment services for customers in Canada and globally.

Wise believes that moving money should be instant, low-cost and fair for everyone. Over 15 years, we’ve developed Wise’s global infrastructure so that moving and managing money internationally is as seamless, fast and affordable for our customers as possible. This network now includes direct access to domestic payment systems in eight markets including the UK, Europe, Hungary, Australia, Singapore, Japan, Brazil and the Philippines. Wise’s membership to Payments Canada is an important next step in strengthening this unique global network, which enables Wise to deliver 74 per cent of payments instantly (in less than 20 seconds)1 at an average cost of just 0.52 per cent per transaction2

Wise continues to see strong growth in Canada, with active customers increasing by more than 30 per cent in FY25 alone. At a time when affordability is top of mind, Canada’s modernization efforts allow Wise to better serve its consumer and business customers worldwide, passing on cost savings directly and delivering on its vision of money without borders for everyone. 

1  Transaction speed depends on individual circumstances and may not be available for all transactions.

2 Please see https://wise.com/ca/pricing/ for more information. 

Leave a comment »

Healthcare Ransomware: 2025 stats on attacks, ransoms, and data breaches

Posted in Commentary with tags on January 27, 2026 by itnerd

Last year saw a recorded 445 ransomware attacks on hospitals, clinics, and other direct care providers. An additional 191 attacks hit businesses operating within the healthcare sector. When comparing these figures from 2025 to those noted in 2024, attacks on healthcare providers remained about the same, while attacks on healthcare businesses increased by 25 percent. 

Interestingly, the average ransomware demand decreased significantly in 2025 for both healthcare providers (down 84%) and healthcare businesses (down 92%). 

Rebecca Moody, Head of Data Research at Comparitech, provided the following comment on the overall findings: 

“The fact that attacks on healthcare providers appeared to plateau last year while attacks increased overall is positive, but now is not the time to get complacent or take this for granted. As our recent report highlights, healthcare providers are still a dominant focus for hackers because of the amount of disruption these attacks can cause and the amount of sensitive data they have on file. Healthcare providers are also facing increasing pressure via attacks on third parties. Whether it’s the medical billing service they use or their IT provider, healthcare organizations’ systems are only as robust as the third parties they’re using.

2025’s statistics also demonstrate the increased speed and volume of attacks from ransomware groups. As they turn to the likes of AI and Ransomware-as-a-Service (RaaS) to scale up their operations, gangs are constantly evolving to ensure they’re maximizing their output. This perhaps goes some way to explaining why we’ve seen such a reduction in the average ransom amount, too. Larger volumes = lower ransoms. Equally, by issuing these lower demands, hackers are likely increasing their chances of securing a ransom payment.”

You can read more here: https://www.comparitech.com/news/healthcare-ransomware-roundup-2025-stats-on-attacks-ransoms-and-data-breaches/

Leave a comment »

The CISA Puts Out New Post-Quantum Cryptography Guidance

Posted in Commentary with tags on January 26, 2026 by itnerd

The CISA has put out new guidance identifies product categories where post-quantum cryptography (PQC) is now considered “widely available” and explicitly advises agencies to procure only PQC-capable products in those categories going forward. The update covers cloud services, endpoint security, collaboration software, and web infrastructure, while signaling that networking, identity, and core infrastructure products are close behind.

You can look at the guidance from the CISA here: https://www.cisa.gov/resources-tools/resources/product-categories-technologies-use-post-quantum-cryptography-standards

Peter Bentley, COO of Patero, a post-quantum cryptography company working with federal agencies, critical infrastructure operators, and defense-adjacent environments, shared his perspective below.

On the “so what” of CISA’s PQC product categories list: “CISA’s new product categories list is less about theory and more about signaling where federal buying power is heading. It tells agencies and vendors alike: these are the technology lanes where post-quantum readiness will matter first. While it isn’t a mandate on its own, it functions as a procurement signal with real compliance gravity—and that makes it a market-shaping lever.”

On what agencies and vendors should not misunderstand: “The biggest mistake would be treating this as a future-dated checklist. Once categories are named, they tend to show up quickly in acquisition language, evaluation criteria, and security reviews. Vendors that wait for a formal mandate risk discovering that they’re already behind the curve when procurements begin to prefer PQC-capable solutions.”

On the biggest technical and operational trap: “The hardest part isn’t selecting a post-quantum algorithm—it’s knowing where cryptography actually lives. Most organizations don’t have a complete cryptographic inventory, and many products weren’t designed for crypto agility. Without that visibility, and arguably developing an Cryptographic Discovery and Inventory best practice, ‘PQC-enabled’ becomes a marketing label instead of a verifiable capability, especially in hybrid or mixed-vendor environments.” Patero provides a comprehensive easy to use tool to establish cryptographic visibility and best practices. 

On hybrid deployments and false confidence: “Hybrid approaches are often necessary, but they’re also where programs stumble. If hybrid cryptography isn’t implemented cleanly—with clear boundaries, validation evidence, and a migration path—it can add complexity without delivering real quantum resilience. Buyers will increasingly look past buzzwords and ask what’s actually protected, where, and for how long.”

On what CISA should do next: “To make this list actionable, CISA should pair categories with minimum capability profiles—what functions must be quantum-safe, what evidence buyers should request, and how claims should be validated. That would turn a useful taxonomy into a procurement-ready tool agencies can apply consistently.”

On what industry must do now: “Vendors should assume the window for ‘we’re watching PQC’ is closing. The companies that stay eligible for federal business will be the ones that can show cryptographic inventories, interoperable hybrid deployments, and a credible roadmap—not just algorithm support. Post-quantum readiness is moving from R&D into go-to-market reality.”

Leave a comment »

OVHcloud acquires Seald to strengthen its data security strategy

Posted in Commentary with tags on January 26, 2026 by itnerd

OVHcloud announces the acquisition of Seald, a French company focused on end-to-end encryption technologies. This is a major step forward in OVHcloud’s strategy to offer a trusted Cloud, combining security and regulatory compliance for the most critical use cases. With Seald, OVHcloud can integrate a cutting-edge technical building block for securing data through a “zero knowledge” model. 

Through this model, content is encrypted before being sent and can only be deciphered by the final receiving users on their devices. Neither the hoster, the editor, nor a system administrator can access this information. 

Encryption technology made simple for web apps and mobiles
The SDK developed by Seald benefits from the CSPN security visa delivered by the ANSSI, the French Cybersecurity Agency. It allows for quick integration of end-to-end encryption in web apps and mobile apps, with no expertise in advanced encryption required. The solutions allow for the management of access rights, encryption key rotation, multi-device management, and secure retrieval of private keys.

Reinforcing OVHcloud’s commitment to securing customer data
Through this acquisition, OVHcloud can natively integrate end-to-end encryption into its catalogue, complementing existing security propositions (Secret Manager, KMS, HSM) to offer a complete protection chain, from the backend to the user terminal. 

This acquisition will allow organisations:

  • To design a differentiating technological offering to answer high-sensitivity use cases,
  • To enrich and accelerate the development of ultra-secure solutions aimed at businesses and public organisations. 

Leave a comment »

The SOCRadar U.S. Threat Landscape Report 2026 Is Out

Posted in Commentary with tags on January 26, 2026 by itnerd

SOCRadar’s just released its U.S. Threat Landscape Report 2026 which highlights the most targeted industries, how threat actors monetize stolen data and access, and how ransomware, phishing, and DDoS attacks continue to pressure U.S. organizations.

Key highlights include: 

  • Top Targeted Sectors: Finance and Insurance leads dark web targeting at 14.39%, followed by Information Services (10.19%) and Public Administration (9.79%), showing sustained focus on high-trust and high-value data sectors.
  • U.S.-Only Targeting Dominates: 88.3% of threats focus exclusively on U.S. entities, while cross-border campaigns remain limited.
  • Monetization Drives Underground Activity: Selling accounts for 70.76% of posts and sharing adds 23.56%, confirming a strong underground market dynamic.
  • Data and Access Are the Main Commodities: Data-related threats represent 61.53%, while access sales reach 29.31%, reinforcing the role of initial access brokers.
  • Ransomware Remains Fragmented: Qilin, Akira, and PLAY together represent 33% of ransomware activity, while smaller groups make up the majority.
  • Phishing Hits High-Trust Targets: Public Administration accounts for 24.08% of phishing attacks, followed by Information Services at 19.45%.
  • HTTPS Makes Phishing Harder to Spot: 77.9% of phishing pages use HTTPS, reducing users’ ability to identify malicious sites.
  • DDoS Volume and Scale Are Severe: 1,036,378 DDoS attacks were recorded, with peak bandwidth reaching 1,475.67 Gbps and average attack duration around 59 minutes.

You can read the report here: https://socradar.io/resources/report/u-s-threat-landscape-report-2026/?utm_campaign=16185902-GatedContent_Country-Reports_Global_0725&utm_source=website&utm_medium=reportspage&utm_term=countryreports&utm_content=US26

Leave a comment »

ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025

Posted in Commentary with tags on January 26, 2026 by itnerd

The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper

In late 2025, Poland’s energy system faced what has been described as the “largest cyberattack” targeting the country in years. ESET Research has now found that the attack was the work of the notorious Russia-aligned APT group Sandworm.

“Based on our analysis of the malware and associated TTPs, we attribute the attack to the Russia-aligned Sandworm APT with medium confidence due to a strong overlap with numerous previous Sandworm wiper activity we analyzed,” said ESET researchers. “We’re not aware of any successful disruption occurring as a result of this attack,” they added.

Sandworm has a long history of disruptive cyberattacks, especially on Ukraine’s critical infrastructure. Meanwhile, the attack on Poland’s power grid in the last week of December involved data-wiping malware that ESET has now analyzed and named DynoWiper. ESET security solutions detect DynoWiper as Win32/KillFiles.NMO.

While details regarding the intended impact continue to be investigated, ESET researchers have highlighted the fact that the coordinated attack occurred on the 10th anniversary of the Sandworm-orchestrated attack against the Ukrainian power grid, which resulted in the first ever malware-facilitated blackout. Back in December 2015, Sandworm used the BlackEnergy malware to gain access to critical systems at several electrical substations, leaving around 230,000 people without electricity for several hours.

Fast forward a decade and Sandworm continues to target entities operating in various critical infrastructure sectors, especially in Ukraine. In their latest APT Activity Report, covering April to September 2025, ESET researchers noted that they spotted Sandworm conducting wiper attacks against targets in Ukraine on a regular basis.

Leave a comment »

« Older Entries
Newer Entries »