Wise among the first PSPs to join Payments Canada as a member 

Posted in Commentary with tags on January 27, 2026 by itnerd

Wise has become one of the first Payment Services Providers (PSPs) to be granted membership to Payments Canada. This milestone will enable Wise to deepen its service offering for Canadian customers, further establishing the company as a key financial player in Canada.

As a member of Payments Canada, Wise is now eligible to apply to participate in Canada’s national payment systems including the Automated Clearing Settlement System, Lynx and the forthcoming Real-Time Rail. Once a participant, Wise will be able to speed up transfer times and reduce costs for people and businesses moving money internationally in and out of Canada.

Canada is actively enhancing its payments modernization efforts, which included the federal government’s recent legislative changes that opened Payments Canada membership to non-bank (PSPs) for the first time. This decision places Canada among a group of G20 economies that have acted on commitments to improve cross-border payments. According to Wise’s 2025 G20 Report, Canada now joins a select group of eight G20 member nations that currently offer direct access to payment systems to non-bank payment service providers. 

The next major milestone in Canada’s payments modernization journey will be the launch of its new instant payment system, the Real-Time Rail (RTR). As a member, Wise can now apply to connect to the RTR to offer customers even faster, lower-cost, more transparent and convenient international payment services for customers in Canada and globally.

Wise believes that moving money should be instant, low-cost and fair for everyone. Over 15 years, we’ve developed Wise’s global infrastructure so that moving and managing money internationally is as seamless, fast and affordable for our customers as possible. This network now includes direct access to domestic payment systems in eight markets including the UK, Europe, Hungary, Australia, Singapore, Japan, Brazil and the Philippines. Wise’s membership to Payments Canada is an important next step in strengthening this unique global network, which enables Wise to deliver 74 per cent of payments instantly (in less than 20 seconds)1 at an average cost of just 0.52 per cent per transaction2

Wise continues to see strong growth in Canada, with active customers increasing by more than 30 per cent in FY25 alone. At a time when affordability is top of mind, Canada’s modernization efforts allow Wise to better serve its consumer and business customers worldwide, passing on cost savings directly and delivering on its vision of money without borders for everyone. 

1  Transaction speed depends on individual circumstances and may not be available for all transactions.

2 Please see https://wise.com/ca/pricing/ for more information. 

Leave a comment »

Healthcare Ransomware: 2025 stats on attacks, ransoms, and data breaches

Posted in Commentary with tags on January 27, 2026 by itnerd

Last year saw a recorded 445 ransomware attacks on hospitals, clinics, and other direct care providers. An additional 191 attacks hit businesses operating within the healthcare sector. When comparing these figures from 2025 to those noted in 2024, attacks on healthcare providers remained about the same, while attacks on healthcare businesses increased by 25 percent. 

Interestingly, the average ransomware demand decreased significantly in 2025 for both healthcare providers (down 84%) and healthcare businesses (down 92%). 

Rebecca Moody, Head of Data Research at Comparitech, provided the following comment on the overall findings: 

“The fact that attacks on healthcare providers appeared to plateau last year while attacks increased overall is positive, but now is not the time to get complacent or take this for granted. As our recent report highlights, healthcare providers are still a dominant focus for hackers because of the amount of disruption these attacks can cause and the amount of sensitive data they have on file. Healthcare providers are also facing increasing pressure via attacks on third parties. Whether it’s the medical billing service they use or their IT provider, healthcare organizations’ systems are only as robust as the third parties they’re using.

2025’s statistics also demonstrate the increased speed and volume of attacks from ransomware groups. As they turn to the likes of AI and Ransomware-as-a-Service (RaaS) to scale up their operations, gangs are constantly evolving to ensure they’re maximizing their output. This perhaps goes some way to explaining why we’ve seen such a reduction in the average ransom amount, too. Larger volumes = lower ransoms. Equally, by issuing these lower demands, hackers are likely increasing their chances of securing a ransom payment.”

You can read more here: https://www.comparitech.com/news/healthcare-ransomware-roundup-2025-stats-on-attacks-ransoms-and-data-breaches/

Leave a comment »

The CISA Puts Out New Post-Quantum Cryptography Guidance

Posted in Commentary with tags on January 26, 2026 by itnerd

The CISA has put out new guidance identifies product categories where post-quantum cryptography (PQC) is now considered “widely available” and explicitly advises agencies to procure only PQC-capable products in those categories going forward. The update covers cloud services, endpoint security, collaboration software, and web infrastructure, while signaling that networking, identity, and core infrastructure products are close behind.

You can look at the guidance from the CISA here: https://www.cisa.gov/resources-tools/resources/product-categories-technologies-use-post-quantum-cryptography-standards

Peter Bentley, COO of Patero, a post-quantum cryptography company working with federal agencies, critical infrastructure operators, and defense-adjacent environments, shared his perspective below.

On the “so what” of CISA’s PQC product categories list: “CISA’s new product categories list is less about theory and more about signaling where federal buying power is heading. It tells agencies and vendors alike: these are the technology lanes where post-quantum readiness will matter first. While it isn’t a mandate on its own, it functions as a procurement signal with real compliance gravity—and that makes it a market-shaping lever.”

On what agencies and vendors should not misunderstand: “The biggest mistake would be treating this as a future-dated checklist. Once categories are named, they tend to show up quickly in acquisition language, evaluation criteria, and security reviews. Vendors that wait for a formal mandate risk discovering that they’re already behind the curve when procurements begin to prefer PQC-capable solutions.”

On the biggest technical and operational trap: “The hardest part isn’t selecting a post-quantum algorithm—it’s knowing where cryptography actually lives. Most organizations don’t have a complete cryptographic inventory, and many products weren’t designed for crypto agility. Without that visibility, and arguably developing an Cryptographic Discovery and Inventory best practice, ‘PQC-enabled’ becomes a marketing label instead of a verifiable capability, especially in hybrid or mixed-vendor environments.” Patero provides a comprehensive easy to use tool to establish cryptographic visibility and best practices. 

On hybrid deployments and false confidence: “Hybrid approaches are often necessary, but they’re also where programs stumble. If hybrid cryptography isn’t implemented cleanly—with clear boundaries, validation evidence, and a migration path—it can add complexity without delivering real quantum resilience. Buyers will increasingly look past buzzwords and ask what’s actually protected, where, and for how long.”

On what CISA should do next: “To make this list actionable, CISA should pair categories with minimum capability profiles—what functions must be quantum-safe, what evidence buyers should request, and how claims should be validated. That would turn a useful taxonomy into a procurement-ready tool agencies can apply consistently.”

On what industry must do now: “Vendors should assume the window for ‘we’re watching PQC’ is closing. The companies that stay eligible for federal business will be the ones that can show cryptographic inventories, interoperable hybrid deployments, and a credible roadmap—not just algorithm support. Post-quantum readiness is moving from R&D into go-to-market reality.”

Leave a comment »

OVHcloud acquires Seald to strengthen its data security strategy

Posted in Commentary with tags on January 26, 2026 by itnerd

OVHcloud announces the acquisition of Seald, a French company focused on end-to-end encryption technologies. This is a major step forward in OVHcloud’s strategy to offer a trusted Cloud, combining security and regulatory compliance for the most critical use cases. With Seald, OVHcloud can integrate a cutting-edge technical building block for securing data through a “zero knowledge” model. 

Through this model, content is encrypted before being sent and can only be deciphered by the final receiving users on their devices. Neither the hoster, the editor, nor a system administrator can access this information. 

Encryption technology made simple for web apps and mobiles
The SDK developed by Seald benefits from the CSPN security visa delivered by the ANSSI, the French Cybersecurity Agency. It allows for quick integration of end-to-end encryption in web apps and mobile apps, with no expertise in advanced encryption required. The solutions allow for the management of access rights, encryption key rotation, multi-device management, and secure retrieval of private keys.

Reinforcing OVHcloud’s commitment to securing customer data
Through this acquisition, OVHcloud can natively integrate end-to-end encryption into its catalogue, complementing existing security propositions (Secret Manager, KMS, HSM) to offer a complete protection chain, from the backend to the user terminal. 

This acquisition will allow organisations:

  • To design a differentiating technological offering to answer high-sensitivity use cases,
  • To enrich and accelerate the development of ultra-secure solutions aimed at businesses and public organisations. 

Leave a comment »

The SOCRadar U.S. Threat Landscape Report 2026 Is Out

Posted in Commentary with tags on January 26, 2026 by itnerd

SOCRadar’s just released its U.S. Threat Landscape Report 2026 which highlights the most targeted industries, how threat actors monetize stolen data and access, and how ransomware, phishing, and DDoS attacks continue to pressure U.S. organizations.

Key highlights include: 

  • Top Targeted Sectors: Finance and Insurance leads dark web targeting at 14.39%, followed by Information Services (10.19%) and Public Administration (9.79%), showing sustained focus on high-trust and high-value data sectors.
  • U.S.-Only Targeting Dominates: 88.3% of threats focus exclusively on U.S. entities, while cross-border campaigns remain limited.
  • Monetization Drives Underground Activity: Selling accounts for 70.76% of posts and sharing adds 23.56%, confirming a strong underground market dynamic.
  • Data and Access Are the Main Commodities: Data-related threats represent 61.53%, while access sales reach 29.31%, reinforcing the role of initial access brokers.
  • Ransomware Remains Fragmented: Qilin, Akira, and PLAY together represent 33% of ransomware activity, while smaller groups make up the majority.
  • Phishing Hits High-Trust Targets: Public Administration accounts for 24.08% of phishing attacks, followed by Information Services at 19.45%.
  • HTTPS Makes Phishing Harder to Spot: 77.9% of phishing pages use HTTPS, reducing users’ ability to identify malicious sites.
  • DDoS Volume and Scale Are Severe: 1,036,378 DDoS attacks were recorded, with peak bandwidth reaching 1,475.67 Gbps and average attack duration around 59 minutes.

You can read the report here: https://socradar.io/resources/report/u-s-threat-landscape-report-2026/?utm_campaign=16185902-GatedContent_Country-Reports_Global_0725&utm_source=website&utm_medium=reportspage&utm_term=countryreports&utm_content=US26

Leave a comment »

ESET Research: Sandworm behind cyberattack on Poland’s power grid in late 2025

Posted in Commentary with tags on January 26, 2026 by itnerd

The attack involved data-wiping malware that ESET researchers have now analyzed and named DynoWiper

In late 2025, Poland’s energy system faced what has been described as the “largest cyberattack” targeting the country in years. ESET Research has now found that the attack was the work of the notorious Russia-aligned APT group Sandworm.

“Based on our analysis of the malware and associated TTPs, we attribute the attack to the Russia-aligned Sandworm APT with medium confidence due to a strong overlap with numerous previous Sandworm wiper activity we analyzed,” said ESET researchers. “We’re not aware of any successful disruption occurring as a result of this attack,” they added.

Sandworm has a long history of disruptive cyberattacks, especially on Ukraine’s critical infrastructure. Meanwhile, the attack on Poland’s power grid in the last week of December involved data-wiping malware that ESET has now analyzed and named DynoWiper. ESET security solutions detect DynoWiper as Win32/KillFiles.NMO.

While details regarding the intended impact continue to be investigated, ESET researchers have highlighted the fact that the coordinated attack occurred on the 10th anniversary of the Sandworm-orchestrated attack against the Ukrainian power grid, which resulted in the first ever malware-facilitated blackout. Back in December 2015, Sandworm used the BlackEnergy malware to gain access to critical systems at several electrical substations, leaving around 230,000 people without electricity for several hours.

Fast forward a decade and Sandworm continues to target entities operating in various critical infrastructure sectors, especially in Ukraine. In their latest APT Activity Report, covering April to September 2025, ESET researchers noted that they spotted Sandworm conducting wiper attacks against targets in Ukraine on a regular basis.

Leave a comment »

Forward Edge-AI Appoints Alan R. Seid as Vice President of International Sales

Posted in Commentary with tags on January 26, 2026 by itnerd

Forward Edge-AI today announced the appointment of Alan R. Seid as Vice President of International Sales, reinforcing the company’s focus on disciplined international growth across allied governments, public-sector partners, and strategic commercial markets.

Seid brings decades of experience spanning government leadership, international negotiation, and technology-driven economic development. He served in the House of Delegates of Palau from 1989 to 2000 and later in the Senate of Palau. He also served as President of the Asia Pacific Parliamentary Union, where he built enduring relationships with senior government and business leaders across the region.

Following his legislative service, Seid has remained active in large-scale infrastructure, digital finance, and technology initiatives throughout the Pacific and Asia. His work has included advancing digital financial systems, supporting blockchain adoption, and advising on sustainable development and climate resilience programs with regional and international stakeholders.

As Vice President of International Sales, Seid will lead Forward Edge-AI’s global market strategy, focusing on government, defense-adjacent, and critical infrastructure opportunities. He will oversee strategic partnerships and market entry efforts in priority regions, including the Pacific Islands, Southeast Asia, and Europe.

For more information about Forward Edge-AI and its solutions, please visit forwardedge.ai.

Leave a comment »

Data Privacy Week: Warnings for Consumers & Organizations That Are Being Targeted 

Posted in Commentary with tags on January 26, 2026 by itnerd

It’s Data Privacy Week, the National Cybersecurity Alliance’s annual international initiative to empower people and businesses to respect privacy, safeguard data and enable trust.

NCA warns consumers: “Your online activity creates a treasure trove of data – from your interests and purchases to your online behaviors, and it is collected by websites, apps, devices, services, and companies all around the globe, and can even include information about your physical self, like health data”

This is to share timely, helpful data privacy and litigation/risk advice and cautions for consumers and the retail, financial, healthcare, entertainment and personal services organizations targeting them from three data privacy, cybersecurity and AI experts.

Consumer Advice: Are Your Security Apps Are Putting You At Risk?

Ifrah Arif, Product Manager at PureVPN, a leader in personal cybersecurity and data privacy protections, warns: “We rely on an array of data privacy and security apps: VPNs, password managers, ad blockers, dark web monitors and more. They can conflict with one another, failing the user just when they’re needed most.”

“Non-integrated security tools from different vendors can actually drive ‘alert storms’ that put sensitive info at risk.

“Notification storms typically arise when someone’s using incompatible, non-integrated password managers, VPNs, dark web monitors, trackers, ad blockers and other security tools from differing vendors. The storm arises when tools roll out uncoordinated alerts and notifications to get the user’s attention. One tool mistakes another tool’s attempt to do its job as a threat, and sends users alerts. The resulting ‘alert fatigue’ often drives users to close their VPN or password manager, opening their devices to threats and exposing themselves to data theft and fraud.

The recent study The Cost of Fragmentation: Measuring Time, Spend and Risk in Personal Cybersecurity Tool Stacks,” found that 44% of users receive overlapping alerts, and 38% of those receiving overlapping alerts say they ignore them.

That’s why it’s important to use an integrated suite of security tools – a single unified platform. That way, instead of juggling multiple apps competing for your attention and overriding one another, you get a single, intelligent alert stream and a single place to act on it.

B2Cs, Be Aware:  That Popular Web Visitor Tracking Tech You’re Using? It May Be Illegal.

Ian Cohen, CEO and Founder at Lokker, said: “Data Privacy Week 2026 marks a watershed moment: plaintiffs’ attorneys and regulators are no longer asking whether organizations have compliant policies. They’re demanding proof of how data is processed in practice.”

The finalization of California’s Risk Assessment and Cybersecurity Audit regulations and the CCPA (mandates and penalties now in place as of January 1st) foreshadow regulatory trends to come.

Tracking Technologies and Data Privacy

“The popular tracking technologies companies use to personalize visitors’ experiences have emerged as the primary enforcement focal point. Their widespread deployment, reliance on third parties, and tendency to change without notice place them squarely within the definition of high-risk processing.”

Cohen notes that litigation and enforcement measures will put the spotlight on whether organizations can demonstrate visibility into and control of these tracking technologies.

Why this matters:  

  • 78% of sites deploy session replay tools that courts are treating as wiretap violations, and
  • 49.2% of S&P 500 companies include the Meta Pixel despite its status as a frequent litigation target.

Cohen notes: “Risk exists regardless of whether consent banners are present or policies are well-drafted. The convergence of private rights of action, operational regulatory mandates, and California’s expanding pen registry framework, through CIPA enforcement and class action activities, creates an environment in which technical privacy missteps can become costly litigated events overnight if neglected or mismanaged.

“To protect themselves and their customers, organizations need continuous visibility, defensible documentation, and clear remediation capabilities.

“Moving from static representations to operational proof isn’t optional anymore. It’s the foundation of modern privacy compliance.”

Michael Bell, CEO and co-Founder of AI implementation and cybersecurity firm Suzu Labs, confirms the problem.

“For businesses with websites (i.e. virtually every business), privacy compliance is moving from documentation theater to operational proof. The regulatory environment no longer accepts “we have a policy” as sufficient. Regulators and plaintiffs now ask ‘can you prove what actually happens?’ ” Bell said.

The 92.7% Problem: “Nearly all websites load third-party trackers before user consent is given. That’s not a configuration problem at the margins. That’s an industry-wide failure of the consent model as implemented. The banner exists. The policy exists. The trackers fire anyway,” he warned.

“This is exactly the gap between stated controls and actual controls that creates legal exposure. When plaintiffs’ attorneys or regulators examine what’s technically happening versus what disclosures claim, they find daylight. That daylight becomes litigation. There’s No grace period – the CCPA came into effect January 1.”

UPDATE: I have a pair of additional comments:

Andrew Costis, Manager of the Adversary Research Team at AttackIQ:

“Data has never been more under fire than it is currently. With the introduction of AI into cybercriminal activity, the number of attack surfaces has increased dramatically, as well as the number of exploitable vulnerabilities. If organizations don’t know exactly where their sensitive data lives or how it could be accessed, with or without authorization, they’re flying blind with their security defenses.

The emulation of adversarial attack tactics and techniques is paramount to the security of an organization’s data. Validating defenses against realistic attack paths protects data proactively by not only determining where the exploitable vulnerabilities lie, but also revealing which security controls actually prevent data exfiltration. Organizations need to take away the pathways to internal systems and data before attackers can find them and exploit them.

That being said, it’s important not to overlook the basics of cybersecurity hygiene and the backbone they provide for security defenses. Maintaining up-to-date software and applying distributed patches is a key first layer of protection for both individuals and organizations. Additionally, the use of strong, unique passwords and implementation of multi-factor authentication adds multiple layers of defense, making it harder for attackers to steal data, even if a set of credentials is already exposed.”

Ross Filipek, CISO at Corsica Technologies:

“In today’s environment where data is constantly moving between clouds, partners, and internal systems, modern platforms are forced to handle increasingly complex data flows across EDI, ERP, and CRM connections. With this comes greater risk, as with more systems to secure comes more potential attack surfaces, as well as more opportunities for sensitive customer or organizational data to be exposed.

Organizations need a platform that can offer visibility into data movement to maintain control and accountability over shared data. Prioritization of real-time monitoring and proactive issue resolution can help organizations detect anomalous behavior or unauthorized access before threat actors can fully infiltrate systems. These capabilities can transform a company’s infrastructure into a defensive layer that actively increases and supports data privacy, instead of standing by and watching as attackers march right to the core of a company’s network.”

UPDATE #2: Here’s another comment that just came in from Karl Bagci, Head of Information Security, Exclaimer:

  • “Email is a key target for cyber threats, which makes data privacy an everyday operational issue, not just a security concern. In regulated industries, email governance is one of the clearest signals of data protection maturity. All it takes is one unhinged email to expose risk, no matter how strong the underlying controls, audits, or certifications may be. Data Privacy Day is a reminder for organizations to embed governance into everyday communication, as this is what turns compliance from a best-effort activity into something enforceable, auditable, and sustainable.”
  • “Most data privacy failures don’t start with a breach or a sophisticated cyber-attack. They begin with everyday communication that isn’t governed, where information is shared quickly and repeatedly without consistent controls. If data protection policies don’t hold up in routine email, then those policies exist on paper rather than in practice. Data Privacy Day reminds us to adopt secure practices and protect sensitive information in every communication.”
  • “Data protection isn’t a policy document or a once-a-year compliance exercise. It’s an operational discipline that shows up in every external message an organization sends. The small details, the

Leave a comment »

Guest Post – The Pentagon’s Grok Problem: When AI Confidently Gets It Wrong

Posted in Commentary with tags on January 26, 2026 by itnerd

By Jurgita Lapienytė, Editor-in-Chief at Cybernews 

The Pentagon is adopting Elon Musk’s GrokAI chatbot, and it creates real risks. One of them is humans blindly following its flawed advice into disaster, not robots rebelling.

However, the Pentagon integrating Grok still carries real risks, just to mention a few.

Every new AI access point plugged into defence networks is another door for attackers to try to trick, poison or break. 

Note that xAI’s safety team is small compared to its competitors, meaning there are simply fewer resources to deal with the immense attack perimeter that every AI application represents these days.

Now, imagine officials feeding Grok military information for analysis. What might seem like a way to make processes more effective at first might turn into a cybersecurity nightmare. Statesmen should be trained on how to handle sensitive information and digital tools, but after the Signal scandal, when the Trump administration accidentally texted a journalist its war plans, we aren’t that naive anymore, are we?

Threat actors, including nation-state hackers, knowing that the Pentagon is actively using Grok, might be only more eager to break it via hacks, prompt injections, or supply chain flaws. It might be turned into a giant surveillance tool of the Pentagon.

What is more, Grok, as many other large language models (LLMs), can produce factually incorrect answers with confidence. The tool has already produced hateful and plainly wrong replies in public, spewing out racist content, promoting posts glorifying Hitler, let alone the undressing scandal with minors allegedly involved.

Is that really the tool that can be trusted by the Pentagon? At least the way it works now?

ABOUT THE AUTHOR 

Jurgita Lapienytė is the Editor-in-Chief at Cybernews, where she leads a team of journalists and security experts dedicated to uncovering cyber threats through research, testing, and data-driven reporting. With a career spanning over 15 years, she has reported on major global events, including the 2008 financial crisis and the 2015 Paris terror attacks, and has driven transparency through investigative journalism. A passionate advocate for cybersecurity awareness and women in tech, Jurgita has interviewed leading cybersecurity figures and amplifies underrepresented voices in the industry. Recognized as the Cybersecurity Journalist of the Year and featured in Top Cyber News Magazine’s 40 Under 40 in Cybersecurity, she is a thought leader shaping the conversation around cybersecurity. Jurgita has been quoted internationally – by Metro UK,  The Epoch TimesExtra BladetComputer Bild, and more. Her team reports on proprietary research highlighted in such outlets as the BBC, Forbes, TechRadar, Daily Mail, Fox News, Yahoo, and much more.

ABOUT CYBERNEWS

Cybernews is a globally recognized independent media outlet where journalists and security experts debunk cyber by research, testing, and data. Founded in 2019 in response to rising concerns about online security, the site covers breaking news, conducts original investigations, and offers unique perspectives on the evolving digital security landscape. Through white-hat investigative techniques, Cybernews research team identifies and safely discloses cybersecurity threats and vulnerabilities, while the editorial team provides cybersecurity-related news, analysis, and opinions by industry insiders with complete independence. 

Leave a comment »

THREAT RESEARCH: Czechia Under Coordinated DDoS Assault

Posted in Commentary with tags on January 26, 2026 by itnerd

Today, SOCRadar threat researchers published their findings on the identification of an intensive coordinated DDoS campaign conducted by pro-Russian threat actor, NoName057(16). Between the period of January 19 to 25, there were 5,095 recorded attack entries, overwhelmingly against Czech infrastructure. 

During the seven-day analysis period, the campaign demonstrated unprecedented scale and operational intensity, with daily target list updates distributed through Telegram channels. The campaign’s primary geographic focus on Czechia represents an escalation in NoName057(16)’s strategy of applying sustained pressure on NATO’s eastern flank members and key supporters of Ukraine.

Key findings include: 

  1. More than half of the attacks hit government services (53%).
  2. Critical infrastructure targeted included aviation, railways, and public transport (19.7% of attacks).
  3. Czechia saw 3,803 of the 5,095 attacks. 
  4. NoName057(16) deployed a sophisticated multi-vector attack strategy, combining transport-layer and application-layer attacks. 
  5. The findings indicate that there was a deliberate targeting of encrypted web services including government citizen portals. 
  6. The most targeted host domain was for the Czech National Police. 

For full details, the analysis can be found here: https://socradar.io/blog/ddos-threat-intelligence-czechia-26-jan26/

Leave a comment »

« Older Entries
Newer Entries »