Guest Post: TikTok Is Finally American. But Is It Actually Better for Its US Users?

Posted in Commentary with tags , on January 27, 2026 by itnerd

By Jurgita Lapienytė, Editor-in-Chief at Cybernews 

TikTok is finally a US-owned company. Initially, the executive order pushing for TikTok’s ownership change in the US was meant to protect users. However, short video platforms will now potentially collect even more user data than they did before.

The app will collect your exact location, AI interactions such as prompts or uploaded files, and information provided by third parties, essentially to serve you better-tailored ads.

The first executive order regarding the divestment of TikTok was signed by President Donald J. Trump back in 2020, with the reasoning that TikTok automatically captures “vast swaths” of information from its users that the Chinese Communist Party could eventually access and use against the US and its citizens.

It took nearly six years for the TikTok USDS Joint Venture LLC, in which a group of investors including Oracle holds stakes, to be established. And while the hypothetical danger that the Chinese government might have used collected data for espionage has been largely mitigated, a new reality presents itself. 

The data collected by TikTok, while theoretically safe from China’s ruling party, will now be extensively exploited to provide personalized experiences to users – all in favor of maximizing TikTok’s profits.

How many times have you bought something via an ad on social media? For many who aren’t opting out, ads are becoming more personalized and more targeted. Advertisers are able to serve you better ads because of this tracking. Knowing where you reside, how old you are, and what things you’re looking for online, they can serve you an offer you can’t refuse.

But tailored ads are nothing compared to the danger the excessive data collection policy by this now US-owned entity might pose to vulnerable groups in society, such as LGBTQ+ community and immigrants.

The data that TikTok collects includes information that the current US government could easily use against people: racial origin, religious beliefs, sexual orientation, mental health diagnoses, and immigration status, among others.

Given the charged political climate and Immigration and Customs Enforcement (ICE) operations resulting in casualties and detainees, such information might become yet another weapon against unarmed protesters.

So, while TikTok changing hands might be a good thing for national security, the app still poses significant privacy and security issues for its 180+ million users in the US.

ABOUT THE AUTHOR 

journalists and security experts dedicated to uncovering cyber threats through research, testing, and data-driven reporting. With a career spanning over 15 years, she has reported on major global events, including the 2008 financial crisis and the 2015 Paris terror attacks, and has driven transparency through investigative journalism. A passionate advocate for cybersecurity awareness and women in tech, Jurgita has interviewed leading cybersecurity figures and amplifies underrepresented voices in the industry. Recognized as the Cybersecurity Journalist of the Year and featured in Top Cyber News Magazine’s 40 Under 40 in Cybersecurity, she is a thought leader shaping the conversation around cybersecurity. Jurgita has been quoted internationally – by Metro UK,  The Epoch TimesExtra BladetComputer Bild, and more. Her team reports on proprietary research highlighted in such outlets as the BBC, Forbes, TechRadar, Daily Mail, Fox News, Yahoo, and much more.

ABOUT CYBERNEWS

Cybernews is a globally recognized independent media outlet where journalists and security experts debunk cyber by research, testing, and data. Founded in 2019 in response to rising concerns about online security, the site covers breaking news, conducts original investigations, and offers unique perspectives on the evolving digital security landscape. Through white-hat investigative techniques, Cybernews research team identifies and safely discloses cybersecurity threats and vulnerabilities, while the editorial team provides cybersecurity-related news, analysis, and opinions by industry insiders with complete independence. 

Leave a comment »

TELUS and RingCentral expand Business Connect with AI-powered features for Canadian businesses

Posted in Commentary with tags on January 27, 2026 by itnerd

TELUS and RingCentral, Inc. today announced they are expanding their partnership to bring advanced AI capabilities to TELUS Business Connect, a comprehensive cloud-based communication platform. With new AI capabilities that span both customer engagement and employee productivity, the platform will deliver intelligent automation that helps businesses work smarter and serve customers better.

Business Connect replaces traditional phone systems with a cloud-based business phone system that transforms how businesses connect and collaborate by bringing calls, messages, and meetings together on one unified platform. 

As businesses navigate increasing customer expectations and competitive pressures, AI-powered communications have become business-critical. The expanded Business Connect platform addresses this shift with AI features specifically designed for the realities of businesses, such as automating routine tasks, enhancing customer interactions, and delivering actionable insights without requiring technical expertise.

Business Connect’s AI-powered capabilities from RingCentral include:

  • AI Assistant (RingCentral AVA): Provides real-time assistance across interactions, turning every live conversation into action through context-aware guidance, automation, and insights
  • AI ReceptionistTM (RingCentral AIR): An AI phone agent that understands caller intent, answers common questions with personalized responses, schedules appointments, and transfers calls to the best destination, based upon context and directory
  • AI Insights (RingCentral ACE): Delivers data-driven sentiment analysis to help sales teams improve performance through intelligent coaching
  • AI Chat: Engages customers through real-time website messaging, enabling live support teams to instantly respond to common questions and focus on more complex conversations
  • AI Contact Centre (RingCX): An omnichannel contact center solution designed to improve customer service across 20+ digital channels as well as agent performance with AI-powered agent and supervisor assistance.

This comprehensive AI integration represents TELUS’ commitment to making enterprise-grade technology accessible and practical for businesses of all sizes. The expanded TELUS Business Connect platform with enhanced AI features will be available to customers in early 2026. For more information about TELUS Business Connect, visit telus.com/BusinessConnect.

Leave a comment »

LevelBlue and Fortra Launch Strategic Managed Services Partnership to Accelerate Cybersecurity Innovation

Posted in Commentary with tags on January 27, 2026 by itnerd

LevelBlue, the world’s largest pure-play provider of managed security services, today announced a strategic partnership with Fortra, a global leader in cybersecurity solutions. This collaboration integrates Fortra’s best-in-class solutions with LevelBlue’s elite managed services, delivering a comprehensive security offering designed to combat the evolving threat landscape.

The partnership marks a major milestone in LevelBlue’s mission to deliver world-class, proactive cybersecurity and secure what’s next for its clients, while also representing a significant step forward in Fortra’s evolution as a channel-first company focused on empowering resellers, service providers, and distributors to deliver its solutions.

As part of this long-term partnership, LevelBlue will acquire the managed services of Fortra’s Alert Logic Managed Detection and Response (MDR), Extended Detection and Response (XDR), and Web Application Firewall (WAF) solutions. LevelBlue’s expanded MDR platform, strengthened through recent acquisitions, will provide Alert Logic’s client base with access to a larger global footprint, broader threat telemetry, and accelerated detection and response across complex environments. In parallel, Fortra will become one of LevelBlue’s leading cybersecurity partners, making its best-in-class software and platforms available to LevelBlue’s global client base.

Fortra’s technologies complement and extend LevelBlue’s existing strengths across data security, brand protection, email security, and offensive security, adding additional depth, optionality, and specialization for LevelBlue clients. Together, LevelBlue and Fortra will provide clients with greater choice, broader coverage across the attack surface, and improved security outcomes, all delivered through LevelBlue’s managed services model.

This partnership further reinforces LevelBlue’s position as the global pure-play leader in MDR and managed cybersecurity services, while underscoring Fortra’s role as a global leader in cybersecurity software and solutions. Following the launch of Fortra’s new partner program, Fortra Protect, last year, the partnership with LevelBlue further illustrates Fortra’s commitment to work with the world’s best service providers and channel experts to serve cyber clients.

LevelBlue, an innovator in cloud-based, AI-driven managed security services, continues to expand its leadership as the world’s largest pure-play MSSP, offering one of the most comprehensive portfolios spanning managed security, offensive security, incident response, threat intelligence, and MDR. This scale and breadth enables clients and partners to accelerate threat detection, streamline security operations, reduce cyber risk, and continuously mature their cybersecurity posture, now with even more choice and value through Fortra’s complementary technologies.

Santander served as the exclusive financial advisor to LevelBlue in this transaction and Stephens served as the exclusive financial advisor to Fortra/Alert Logic.

Leave a comment »

AI tools linked to 37 unsafe or violent incidents in 2025

Posted in Commentary with tags on January 27, 2026 by itnerd

Cybernews analyzed AI incidents and found that 37 AI incidents involving violent and unsafe content were reported in 2025, some of which resulted in loss of life. As more people turn to AI chatbots for advice and emotional support, there have been multiple cases in which these chatbots provided dangerous, life-threatening advice.

Examples from reported incidents:

  • One widely reported case involved 16-year-old Adam Raine, who died by suicide after ChatGPT allegedly encouraged his suicidal thoughts instead of urging him to get support.
  • An IT professional tested a chatbot called Nomi and found that, when prompted, it can encourage users to commit murder, providing detailed instructions on how to commit the act.

Recent Cybernews research has shown that popular LLMs do, in fact, provide self-harm advice if prompted correctly, indicating that current guardrails in popular chatbots are far from enough. 

For more information, you can find the full research here

Leave a comment »

Age Assurance’s Shared Future: Persona, Incode and Veratad Boost OpenAge Initiative Momentum

Posted in Commentary with tags on January 27, 2026 by itnerd

OpenAge today announced that Persona, Incode and Veratad have joined the OpenAge Initiative, adding further momentum to the industry’s move toward privacy-preserving, interoperable age assurance as foundational trust infrastructure.

Their participation builds on recent commitments from Meta and Socure, along with broad adoption across k-ID clients and reflects a growing consensus across platforms and identity providers that age assurance is becoming a baseline operational requirement, not a bespoke or jurisdiction-specific feature.

Launched in late 2025, the OpenAge Initiative brings together platforms, identity providers, and trust infrastructure partners to establish a user-centric, privacy-first framework for age assurance that works across services, jurisdictions, and regulatory regimes. The Free Speech Coalition (FSC) recently announced its support for the OpenAge Initiative and AgeKey, as a privacy-preserving and low-friction approach to meeting age-assurance requirements without compromising user anonymity or security.

At the centre of the initiative are AgeKeys, a reusable age credential that allows individuals to verify their age once with a participating provider and reuse that age signal across services that accept AgeKeys. Designed around open standards and double-anonymity principles, AgeKeys minimise data exposure, eliminate repeated verification, and support consistent protections for minors while preserving adult privacy.

Persona and Incode bring configurable age assurance and identity verification used by global platforms, while Veratad supports privacy-preserving, risk-based age and identity assurance through its global orchestration capabilities. Their participation expands the ecosystem of providers able to support OpenAge-aligned implementations.

AgeKeys have already been used millions of times across participating services, significantly reducing friction compared to traditional age-verification methods while strengthening privacy protections. The OpenAge Initiative remains open to platforms, identity providers, and ecosystem partners committed to advancing interoperable, privacy-preserving age assurance globally.

Leave a comment »

Mantas emerges from stealth with funding round to insure cloud downtime with parametric coverage

Posted in Commentary with tags on January 27, 2026 by itnerd

Cloud infrastructure has become the backbone of modern business. Yet when cloud services fail, the financial consequences are often immediate and severe, while protection remains limited or nonexistent. Mantas was founded on the belief that cloud downtime is no longer a technical inconvenience, but a material business risk that should be measured, priced, and insured. Today, the company announced its launch from stealth alongside a seed funding round to introduce parametric insurance for cloud outages.  

The round totals $1.77 million and includes participation from Nuwa Capital, Suhail Ventures, Plus VC, OQAL Angel Syndicate, and strategic angel investors. The capital will support product development, risk modeling, and early customer deployments across the MENA region and North America.

The launch comes as reliance on hyperscale cloud infrastructure continues to accelerate, particularly in regions undergoing rapid digital transformation. Businesses now operate on always-on platforms where even minutes of downtime can halt transactions, disrupt operations, and erode customer trust. Traditional approaches to managing this risk rely on SLAs, legal contracts, and resilience engineering, all of which offer limited financial certainty when failures occur. Mantas takes a different approach by applying parametric insurance to cloud outages, enabling automatic payouts triggered by verified outage data rather than lengthy claims processes.

Mantas provides tailored cloud outage insurance combined with real-time cloud risk monitoring. Its coverage is designed for digital-first companies whose revenues and operations depend on continuous cloud availability, including fintechs, airlines, e-commerce platforms, SaaS providers, and regulated enterprises. When predefined outage conditions are met, payouts trigger automatically, providing fast and transparent liquidity that allows businesses to respond, recover, and protect customer trust. Beyond coverage, Mantas also delivers risk intelligence to help companies understand their exposure and strengthen infrastructure decisions before failures occur.

The idea for Mantas originated from a firsthand experience with cloud failure. Founder and CEO Basil Mimi encountered a widespread outage while trying to place a food order, only to watch the disruption escalate into significant losses and public fallout for the business involved. As a software engineer, the incident highlighted a blind spot in how cloud risk was being managed. While outages were measurable and predictable, the financial risk remained largely uninsured. Discovering parametric insurance models used in sectors like agriculture and weather provided the missing piece and became the foundation for Mantas.

The need for this shift is becoming increasingly apparent as cloud adoption concentrates risk across a small number of critical platforms. In North America, cloud outages are increasingly systemic rather than isolated incidents. In the Middle East, governments and enterprises are scaling cloud infrastructure at record speed as they leapfrog into cloud-first operations. In both regions, financial protection has lagged behind technological reliance, creating structural exposure across digital-first industries.

Mantas plans to expand its platform alongside the evolving use of cloud and AI infrastructure. As architectures become more interconnected and failures increasingly cascade across services, the company aims to extend coverage across emerging digital risks while strengthening its real-time monitoring and risk intelligence. The long-term vision is to ensure businesses are never left financially exposed as their technology stacks and dependencies evolve.

Leave a comment »

Wise among the first PSPs to join Payments Canada as a member 

Posted in Commentary with tags on January 27, 2026 by itnerd

Wise has become one of the first Payment Services Providers (PSPs) to be granted membership to Payments Canada. This milestone will enable Wise to deepen its service offering for Canadian customers, further establishing the company as a key financial player in Canada.

As a member of Payments Canada, Wise is now eligible to apply to participate in Canada’s national payment systems including the Automated Clearing Settlement System, Lynx and the forthcoming Real-Time Rail. Once a participant, Wise will be able to speed up transfer times and reduce costs for people and businesses moving money internationally in and out of Canada.

Canada is actively enhancing its payments modernization efforts, which included the federal government’s recent legislative changes that opened Payments Canada membership to non-bank (PSPs) for the first time. This decision places Canada among a group of G20 economies that have acted on commitments to improve cross-border payments. According to Wise’s 2025 G20 Report, Canada now joins a select group of eight G20 member nations that currently offer direct access to payment systems to non-bank payment service providers. 

The next major milestone in Canada’s payments modernization journey will be the launch of its new instant payment system, the Real-Time Rail (RTR). As a member, Wise can now apply to connect to the RTR to offer customers even faster, lower-cost, more transparent and convenient international payment services for customers in Canada and globally.

Wise believes that moving money should be instant, low-cost and fair for everyone. Over 15 years, we’ve developed Wise’s global infrastructure so that moving and managing money internationally is as seamless, fast and affordable for our customers as possible. This network now includes direct access to domestic payment systems in eight markets including the UK, Europe, Hungary, Australia, Singapore, Japan, Brazil and the Philippines. Wise’s membership to Payments Canada is an important next step in strengthening this unique global network, which enables Wise to deliver 74 per cent of payments instantly (in less than 20 seconds)1 at an average cost of just 0.52 per cent per transaction2

Wise continues to see strong growth in Canada, with active customers increasing by more than 30 per cent in FY25 alone. At a time when affordability is top of mind, Canada’s modernization efforts allow Wise to better serve its consumer and business customers worldwide, passing on cost savings directly and delivering on its vision of money without borders for everyone. 

1  Transaction speed depends on individual circumstances and may not be available for all transactions.

2 Please see https://wise.com/ca/pricing/ for more information. 

Leave a comment »

Healthcare Ransomware: 2025 stats on attacks, ransoms, and data breaches

Posted in Commentary with tags on January 27, 2026 by itnerd

Last year saw a recorded 445 ransomware attacks on hospitals, clinics, and other direct care providers. An additional 191 attacks hit businesses operating within the healthcare sector. When comparing these figures from 2025 to those noted in 2024, attacks on healthcare providers remained about the same, while attacks on healthcare businesses increased by 25 percent. 

Interestingly, the average ransomware demand decreased significantly in 2025 for both healthcare providers (down 84%) and healthcare businesses (down 92%). 

Rebecca Moody, Head of Data Research at Comparitech, provided the following comment on the overall findings: 

“The fact that attacks on healthcare providers appeared to plateau last year while attacks increased overall is positive, but now is not the time to get complacent or take this for granted. As our recent report highlights, healthcare providers are still a dominant focus for hackers because of the amount of disruption these attacks can cause and the amount of sensitive data they have on file. Healthcare providers are also facing increasing pressure via attacks on third parties. Whether it’s the medical billing service they use or their IT provider, healthcare organizations’ systems are only as robust as the third parties they’re using.

2025’s statistics also demonstrate the increased speed and volume of attacks from ransomware groups. As they turn to the likes of AI and Ransomware-as-a-Service (RaaS) to scale up their operations, gangs are constantly evolving to ensure they’re maximizing their output. This perhaps goes some way to explaining why we’ve seen such a reduction in the average ransom amount, too. Larger volumes = lower ransoms. Equally, by issuing these lower demands, hackers are likely increasing their chances of securing a ransom payment.”

You can read more here: https://www.comparitech.com/news/healthcare-ransomware-roundup-2025-stats-on-attacks-ransoms-and-data-breaches/

Leave a comment »

The CISA Puts Out New Post-Quantum Cryptography Guidance

Posted in Commentary with tags on January 26, 2026 by itnerd

The CISA has put out new guidance identifies product categories where post-quantum cryptography (PQC) is now considered “widely available” and explicitly advises agencies to procure only PQC-capable products in those categories going forward. The update covers cloud services, endpoint security, collaboration software, and web infrastructure, while signaling that networking, identity, and core infrastructure products are close behind.

You can look at the guidance from the CISA here: https://www.cisa.gov/resources-tools/resources/product-categories-technologies-use-post-quantum-cryptography-standards

Peter Bentley, COO of Patero, a post-quantum cryptography company working with federal agencies, critical infrastructure operators, and defense-adjacent environments, shared his perspective below.

On the “so what” of CISA’s PQC product categories list: “CISA’s new product categories list is less about theory and more about signaling where federal buying power is heading. It tells agencies and vendors alike: these are the technology lanes where post-quantum readiness will matter first. While it isn’t a mandate on its own, it functions as a procurement signal with real compliance gravity—and that makes it a market-shaping lever.”

On what agencies and vendors should not misunderstand: “The biggest mistake would be treating this as a future-dated checklist. Once categories are named, they tend to show up quickly in acquisition language, evaluation criteria, and security reviews. Vendors that wait for a formal mandate risk discovering that they’re already behind the curve when procurements begin to prefer PQC-capable solutions.”

On the biggest technical and operational trap: “The hardest part isn’t selecting a post-quantum algorithm—it’s knowing where cryptography actually lives. Most organizations don’t have a complete cryptographic inventory, and many products weren’t designed for crypto agility. Without that visibility, and arguably developing an Cryptographic Discovery and Inventory best practice, ‘PQC-enabled’ becomes a marketing label instead of a verifiable capability, especially in hybrid or mixed-vendor environments.” Patero provides a comprehensive easy to use tool to establish cryptographic visibility and best practices. 

On hybrid deployments and false confidence: “Hybrid approaches are often necessary, but they’re also where programs stumble. If hybrid cryptography isn’t implemented cleanly—with clear boundaries, validation evidence, and a migration path—it can add complexity without delivering real quantum resilience. Buyers will increasingly look past buzzwords and ask what’s actually protected, where, and for how long.”

On what CISA should do next: “To make this list actionable, CISA should pair categories with minimum capability profiles—what functions must be quantum-safe, what evidence buyers should request, and how claims should be validated. That would turn a useful taxonomy into a procurement-ready tool agencies can apply consistently.”

On what industry must do now: “Vendors should assume the window for ‘we’re watching PQC’ is closing. The companies that stay eligible for federal business will be the ones that can show cryptographic inventories, interoperable hybrid deployments, and a credible roadmap—not just algorithm support. Post-quantum readiness is moving from R&D into go-to-market reality.”

Leave a comment »

OVHcloud acquires Seald to strengthen its data security strategy

Posted in Commentary with tags on January 26, 2026 by itnerd

OVHcloud announces the acquisition of Seald, a French company focused on end-to-end encryption technologies. This is a major step forward in OVHcloud’s strategy to offer a trusted Cloud, combining security and regulatory compliance for the most critical use cases. With Seald, OVHcloud can integrate a cutting-edge technical building block for securing data through a “zero knowledge” model. 

Through this model, content is encrypted before being sent and can only be deciphered by the final receiving users on their devices. Neither the hoster, the editor, nor a system administrator can access this information. 

Encryption technology made simple for web apps and mobiles
The SDK developed by Seald benefits from the CSPN security visa delivered by the ANSSI, the French Cybersecurity Agency. It allows for quick integration of end-to-end encryption in web apps and mobile apps, with no expertise in advanced encryption required. The solutions allow for the management of access rights, encryption key rotation, multi-device management, and secure retrieval of private keys.

Reinforcing OVHcloud’s commitment to securing customer data
Through this acquisition, OVHcloud can natively integrate end-to-end encryption into its catalogue, complementing existing security propositions (Secret Manager, KMS, HSM) to offer a complete protection chain, from the backend to the user terminal. 

This acquisition will allow organisations:

  • To design a differentiating technological offering to answer high-sensitivity use cases,
  • To enrich and accelerate the development of ultra-secure solutions aimed at businesses and public organisations. 

Leave a comment »

« Older Entries
Newer Entries »