From 2025 to 2026: Identity Security Insights and Priorities 

Posted in Commentary with tags on December 17, 2025 by itnerd

Specops Software analysts have published an analysis on the evolution of identity and password security in 2025, and the outlook for 2026. 

The piece highlights several major shifts seen over the past year:

  • Identity and access management is now being treated as an organization-wide business risk, not just an IT issue
  • Third-party access and supply-chain relationships have emerged as one of the most significant identity threat vectors
  • Regulatory pressure is increasing around MFA and supplier security, particularly in data-heavy sectors like healthcare
  • Passwordless authentication is advancing, but operational realities mean passwords are unlikely to disappear in 2026
  • Cybersecurity culture and user training are increasingly critical as AI-driven social engineering accelerates

For full details, please see the analysis here: https://specopssoft.com/blog/identity-security-insights-priorities-2026/

Leave a comment »

Samsung Serves Up Some Great Deals For The Holidays

Posted in Commentary with tags on December 17, 2025 by itnerd

As Boxing Week nears, I’m sharing some deals from Samsung that you can shop for before and after the holidays alike. This is a good time to pick up a few favourites at a lower price while they last:

ModelOfferPromo PeriodMain Features
Galaxy Tab S10 LiteSave $180Dec 17 – Jan 8S Pen Included256GB Storage (expandable to 2TB)Galaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy Z Flip7Save $213Dec 17 – Dec 1200MP cameraSlim designExpansive unfolding screenGalaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy Z Fold7Save $400Dec 17 – Jan 1200MP cameraSlim designExpansive unfolding screenGalaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy S25 EdgeSave $279Dec 17 – Jan 1200MP cameraSlim designGalaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy S25 UltraSave $269Dec 17 – Jan 1S Pen included200MP camera100x space zoomLong lasting batteryGalaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy S25+Save $239Dec 17 – Jan 1Snapdragon 8 EliteLong lasting batteryGalaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)
Galaxy S25Save $249Dec 17 – Jan 1200MP cameraSlim designGalaxy AI (Gemini, Circle to Search, Solve Math, Handwriting Help, Object Eraser, Generative Edit)

For the full list of current Samsung deals check out Samsung.com/ca.

Leave a comment »

Nikon Releases New Firmware Update 5.30 for Z 9 Flagship Professional Mirrorless Camera

Posted in Commentary with tags on December 16, 2025 by itnerd

Today, Nikon Canada Inc. is pleased to announce the release of firmware version 5.3 for the full-frame/FX-format flagship mirrorless camera, the Nikon Z 9. This free firmware is now available for download and adds improvements across the board to further enhance the capabilities of Nikon’s top-of-the-line mirrorless camera.

The new firmware adds multiple focus enhancements, starting with a significant improvement in subject acquisition, tracking and stability for fast-moving subjects such as athletes. The advanced subject detection created with Nikon’s deep learning technology now works in other focus modes, making it easier to track the intended subject reliably in either single point or dynamic AF modes. Subject detection can now quickly be toggled on/off using a custom function button, if desired. The firmware also adds a new in-camera focus limiter, which allows the user to restrict the focus range to specific distances.

Improvements have also been made in the Auto Capture function, with a new AF standby position, and other operability and performance updates like face detection. The Z 9 now gives users the ultimate and most intelligent remote camera setup, without the need for any third-party triggering devices. This offers an extreme advantage for those shooting wildlife or professional sports with limited access.

Firmware version 5.3 adds support for Flexible Colour Picture Control that allows users to easily craft their own unique looks using NX Studio, Nikon’s image browsing, processing, and editing desktop software. This new feature offers greater creative freedom by enabling intuitive adjustments to parameters such as colour hue, brightness, and contrast using tools like Colour Blender and Colour Grading. Settings configured in NX Studio can then be saved to a memory card and loaded onto the camera as Custom Picture Controls for shooting.

These settings are reflected in the live view display, allowing users to preview results in real time, reducing the need for post-processing.

Additional Improvements to Operability and Functionality

  • Focusing is now possible with the maximum aperture in live view.
  • A magnification option of [400%] has been added to [Zoom on/off] available for Custom Settings.
  • Use of an external microphone (wired/wireless) is now possible when recording voice memos.
  • Extended the dimensions of focus areas available with [Wide-area AF (C1)] and [Wide-area AF (C2)] AF-area modes.
  • Added [Flat Monochrome] and [Deep Tone Monochrome] Picture Controls. 
  • Added [USB streaming (UVC/UAC)] to [USB] in the [NETWORK MENU]. 
  • Changed the specifications for uninterrupted video output to HDMI devices such as external monitors when recording ended.
  • The headphone volume level can now be adjusted in the “i” menu during video recording.

Z 9 owners can visit the Nikon download centre to get the new firmware for free. Nikon will continuously meet users’ needs through firmware updates that expand the functionality of its cameras.

Leave a comment »

New SantaStealer malware steals data from browsers, crypto wallets 

Posted in Commentary with tags on December 16, 2025 by itnerd

Santa apparently doesn’t just bring presents. I say that because a new malware-as-a-service information stealer named SantaStealer is being advertised on Telegram and hacker forums as operating in memory to avoid file-based detection.

Commenting on this is Ensar Seker, CISO at SOCRadar:

“SantaStealer is another reminder of how the threat landscape is evolving into a criminal SaaS economy. What’s particularly concerning is the move toward memory-only operations; this significantly lowers the detection footprint, bypassing traditional AV and EDR tools. The pricing tiers and marketing model mimic legitimate software services, further lowering the barrier to entry for cybercriminals. Attribution to a Russian-speaking developer, rebranding from BluelineStealer, and the use of Telegram for distribution all point to an increasingly professionalized cybercrime ecosystem. Organizations should prioritize behavioral monitoring and memory analysis as part of their defense-in-depth strategy.”

This is yet another case of the bad guys evolving faster than the good guys being able to keep up. That’s something that needs to change, and quickly.

Leave a comment »

RegScale Donates Open-Source OSCAL Hub to the OSCAL Foundation

Posted in Commentary with tags on December 16, 2025 by itnerd

 RegScale, the leader in Continuous Controls Monitoring (CCM), today launched the OSCAL Hub, an open-source industry platform that will help accelerate the approval of security authorizations (Authority to Operate (ATO) for government regulators, federal agencies, cloud service providers, and other organizations using the Open Security Controls Assessment Language (OSCAL) standardized framework for information systems. The OSCAL Hub was unveiled this week at OSCAL Plugfest, a hands-on event bringing together OSCAL practitioners, industry, regulators, and the broader community to collaborate on real-world technical challenges and workstreams.  

Federal agencies and contractors spend thousands of hours on manual compliance work. As cyber threats to national security escalate in speed and sophistication, the need to automate cybersecurity risk management has become a priority across the public and private sectors to speed innovative technology solutions into production to support government missions and citizen services.  

To meet this mission need, the OSCAL Hub was created as a free, open-source, and comprehensive platform for security compliance teams working with OSCAL documents. It enables government regulators and any Authorizing Officials to review and approve packages, and industry technology providers to submit their Risk Management Framework (RMF) documents in an OSCAL format—resulting in up to 85 percent time savings, due to machine-readable artifacts that can be reviewed and audited with automated approaches. 

RegScale also announced today that it is donating the OSCAL Hub source code as both free and open source to the OSCAL Foundation to advance the use of the application in the community, across both commercial and federal applications.  

The OSCAL Hub features templates and visual tools and can be run as a modern web application for supporting simple, rapid, and robust authorization processes and content sharing.  It can be deployed to Google Cloud, Azure, AWS, locally, or even as a command line tool inside of customer data pipelines. The OSCAL Hub allows: 

  • Federal Agencies to maintain RMF packages and their associated ATOs 
  • Technology vendors to share component definitions for easy ingestion into their OSCAL tooling 
  • Regulators to publish and share OSCAL catalogs and profiles that can serve as a foundation for modern GRC tooling 
  • Security Engineers to validate OSCAL in CI/CD pipelines, convert between formats automatically, and integrate into workflows via REST APIs 
  • AOs to review validated packages and track conditions of approval and Plans of Action and Milestones (POAMs) over time 

Learn more about the OSCAL Hub here or access the Hub in this link.  

Leave a comment »

ESET Threat Report: AI-driven attacks on the rise; NFC threats increase and evolve in sophistication

Posted in Commentary with tags on December 16, 2025 by itnerd

ESET Research has released its latest Threat Report, which summarizes threat landscape trends seen in ESET telemetry and from the perspective of both ESET threat detection and research experts, from June through November 2025.  AI-powered malware moved from theory to reality in H2 2025, as ESET discovered PromptLock – the first known AI-driven ransomware, capable of generating malicious scripts on the fly. While AI is still mainly used for crafting convincing phishing and scam content, PromptLock – and the handful of other AI-driven threats identified to this day – signal a new era of threats. 

On the ransomware scene, victim numbers surpassed 2024 totals well before year’s end, with ESET Research projections pointing to a 40% year-over-year increase. Akira and Qilin now dominate the ransomware-as-a-service market, while low-profile newcomer Warlock introduced innovative evasion techniques. EDR killers continued to proliferate, highlighting that endpoint detection and response tools remain a significant obstacle for ransomware operators.

On the mobile platform, NFC threats continued to grow in scale and sophistication, with an 87% increase in ESET telemetry and several notable upgrades and campaigns observed in H2 2025. NGate  – a pioneer among NFC threats, first discovered by ESET– received an upgrade in the form of contact stealing, likely laying the groundwork for future attacks. RatOn, entirely new malware on the NFC fraud scene, brought a rare fusion of remote access trojan (RAT) capabilities and NFC relay attacks, showing cybercriminals’ determination to pursue new attack avenues. RatOn was distributed through fake Google Play pages and ads mimicking an adult version of TikTok, and a digital bank ID service.  PhantomCard – new NGate-based malware adapted to the Brazilian market – was seen in multiple campaigns in Brazil in H2 2025.

Furthermore, after its global disruption in May, the Lumma Stealer infostealer managed to briefly resurface – twice – but its glory days are most likely over. Detections plummeted by 86% in H2 2025 compared to the first half of the year, and a significant distribution vector of Lumma Stealer – the HTML/FakeCaptcha trojan, used in ClickFix attacks – nearly vanished from ESET telemetry.

Meanwhile, CloudEyE, also known as GuLoader, surged into prominence, skyrocketing almost thirtyfold according to ESET telemetry. Distributed via malicious email campaigns, this malware-as-a-service downloader and cryptor is used to deploy other malware, including ransomware, as well as infostealer juggernauts such as Rescoms, Formbook, and Agent Tesla. Poland was most affected by this threat, with 32% of CloudEyE attack attempts in H2 2025 detected here.

For more information, check out the ESET Threat Report H2 2025 on WeLiveSecurity.com

Leave a comment »

Guest Post –  From Autonomous AI to Personal Health Data Snatching: Cyber Threats That Will Define 2026

Posted in Commentary with tags on December 16, 2025 by itnerd

This year, even the biggest corporations and governmental institutions, including the US, were not immune to hacks. According to Cyble’s latest Global Cybersecurity Report 2025, almost 15,000 incidents related to data breaches and leaks were reported.

2026 will be marked with even more breaches, as AI tools enable hackers to target thousands with a single click, cybersecurity experts warn.

​Looking back in 2025, one of the biggest hacks happened to the Australian airline Quantas. Hackers exposed data of 5 million customers, including names, birth dates, email addresses, and a few months ago started selling it on the dark web. There were many more similar cases involving companies like Oracle, Volvo, and SK Telecom, which led to data leaks or frozen business operations.

​In the summer, security researchers uncovered the biggest data breach in history that exposed 16 billion passwords, including those from Apple, Facebook, Google, Telegram, and many more. Some attacks affected governmental institutions, where, recently, the US Congressional Budget Office was hacked. According to Cyble’s report, government institutions were the Top 3 in the overall threat activity.

​Cybercriminals also targeted users directly. Recently, more than 120,000 cameras were hacked for so-called “sexploitation” footage in South Korea.

​According to experts at Planet VPN, a free virtual private network (VPN) provider, this year, a significant portion of attacks were amplified by AI tools. Konstantin Levinzon, co-founder and CEO of the company, says this trend will pose even bigger risks in 2026.

​”Even though AI improves our daily lives and strengthens cybersecurity, it is also widely used by hackers. Now, even those without technical expertise can buy tools on the dark web that target thousands of users with a single click. The rise of AI-powered tools will amplify all kinds of attacks, including phishing scams, ransomware, and exploiting vulnerabilities, and can even create attacks on its own,” Levinzon says.

Prediction 1: AI cybercriminals

Up until now, AI has been just a tool for cybercriminals, allowing them to organise and speed up attacks, he says. However, with rising agentic AI capabilities, AI will inevitably start attacking autonomously.

In its recent report, Anthropic has already described a hacking campaign that carried out around 80-90% part of the operation on its own using the company’s Claude tools.

“AI tools will scan for weaknesses and exploit zero-day flaws – security gaps that are unknown to vendors – without a human touching a keyboard. As our homes, workplaces, and infrastructure are increasingly run by AI, any security gap becomes a potential attack vector. We will almost certainly see such autonomous attacks next year,” Levinzon says.

Prediction 2: Hyper-realistic deepfakes

Deepfakes – AI-generated fake videos, audio files, or images used to impersonate people – are becoming a headache for banks and other businesses, as they allow bypassing online verification. Recently, an insurance company, sensing a lucrative opportunity, even started offering coverage for incidents where AI deepfakes cause reputational harm for companies.

Individual users are also at risk, Levinzon emphasizes. The FBI has recently warned users that criminals are generating fake images of kidnapping and using them for scams. According to Levinzon, the real rising threat is fake video-generated content.

“In 2025, video generators such as OpenAI’s Sora showed how easy it is to create highly realistic videos, and cybercriminals will use them to their advantage. As a result, banks and other financial institutions will likely take precautions to enhance their security measures to protect video verification processes. Regulations will likely follow quickly. For users, this may mean additional steps to confirm their identity,” he says.

Prediction 3: Digital body snatching

​Millions of smartwatches, rings, AI wearables, and even new mattresses come equipped with large amounts of sensors that collect everything – from your location, to heart rate data, and stress levels. As the number of these sensors increases, they become attractive targets for cybercriminals, experts say.

​According to Levinzon, once hackers get access to a smartwatch or any device, they can exfiltrate data easily, especially if the devices are not purely secured. Such data can also be gathered via cloud or app data leaks, exploiting Bluetooth attacks, and more.

​”Potential wearable hacks, deepfakes, and autonomous AI systems mean that next year, users will need to take extra steps and security measures. Aside from staying vigilant, we also recommend enabling two-factor authentication, updating software regularly, and using a VPN, which adds an essential layer of defence against hackers,” Levinzon says.

Leave a comment »

kini mobile partners with TELUS to launch Pinoy Plans for Filipino-Canadian market

Posted in Commentary with tags on December 16, 2025 by itnerd

kini mobile has partnered with TELUS to launch Made for Pinoys, new 5G-powered prepaid mobile plans for the Filipino-Canadian market. Built on TELUS’ award-winning 5G network, these cost effective plans allow customers to maintain both Philippine and Canadian mobile services on a single device, while addressing the unique connectivity needs of Filipino residents, international students, temporary foreign workers and  travelers who spend time in both countries.

Built around the everyday needs of Filipinos who work, live, study or travel in Canada, the plans help kababayans stay closely connected to home with family and friends, giving them a sense of home while building their lives in Canada. 

The prepaid kini Pinoy Plans offer full control with no contracts, credit checks, or billing surprises. Key features include:

  • 1 plan, 2 numbers: Maintain both Philippine and Canadian numbers
  • Free international calls and texts: International long distance calls to 20 destinations including the Philippines, plus unlimited SMS/MMS
  • GCash cashbacks: Earn GCash cashback every time when you hit the spending goal
  • Data appreciation rewards: Bonus data and exclusive perks for loyal customers
  • Pinoy customer support: Filipino representatives who understand your needs

The kini Pinoy Plans powered by TELUS are now available as both eSIM and Physical SIM through kini mobile’s retail locations in Canada, www.kinimobile.com, and with its partner agencies and retailers in the Philippines. 

Leave a comment »

700Credit data breach impacts 5.8 million vehicle dealership customers

Posted in Commentary with tags on December 16, 2025 by itnerd

700Credit, a U.S.-based financial services and fintech company, will begin to notify more than 5.8 million people that their personal information has been exposed in a data breach incident. The data breach occurred after a threat actor breached a third-party API. 

Paul Bischoff, Consumer Privacy Advocate at Comparitech had this to say: 

“Car dealerships collect a lot of sensitive personal information when someone buys a car, especially if they finance it.  In the wrong hands, that info could easily be used to open up other lines of credit in car buyers’ names. Sign up for the free credit monitoring that 700Credit is offering and keep an eye on your credit report to be safe.

What’s notable is that 700Credit says this attack occurred through one of its partners, which had access to an API that granted access to customer info. This underlines why vendors like 700Credit can’t take security for granted even when dealing with its own customers. If one of those customers is compromised, they shouldn’t be able to access data from other client accounts as hackers did in this attack.”

Chris Hauk, Consumer Privacy Champion at Pixel Privacy adds this:

“Any individuals affected by the breach need to stay alert for any new accounts being opened up in their name. The information stolen includes four of the basic bits of information you need to open a new account. If at all possible, I would definitely take advantage of the credit monitoring and identity protection being offered to victims.”

This highlights the threat posed by supply chain attacks. Because the bad guys don’t have to pwn you directly in order for you to get pwned.

1 Comment »

Critical Local Privilege Escalation Uncovered in JumpCloud Agent

Posted in Commentary with tags on December 16, 2025 by itnerd

Researchers have uncovered a critical vulnerability in the JumpCloud Remote Assist for Windows agent that allows low-privileged local users to exploit insecure file operations—arbitrary file write/delete—performed by the agent running as NT AUTHORITY\SYSTEM within the user’s temporary directory. This vulnerability is immediately exploitable to achieve Local Privilege Escalation (LPE) or cause a Denial of Service (DoS).

More details can be found here: https://xmcyber.com/blog/jumpshot-xm-cyber-uncovers-critical-local-privilege-escalation-cve-2025-34352-in-jumpcloud-agent/

Jim Routh, Chief Trust Officer at Saviynt, commented:

“This vulnerability is “eye candy” for threat actors as it offers an approach to obtain privileged access over MS Windows devices at scale covering over 180,000 enterprises. Threat actors prefer to use privileged access capabilities, given the flexibility for using administrative access to change system configurations and monetize the data harvested with a low probability of detection. 

Enterprises have an opportunity to upgrade their privileged user management (PAM) system capabilities beyond password vaulting to include continuous validation of activity compared with an established pattern that operates in real time. Continuous validation capabilities can be built or bought as products today. Most PAM providers don’t offer continuous validation yet, but will in the near future. A mature PAM capability will reduce the risk of this threat tactic and vulnerability having a significant impact on an enterprise.” 

This highlights the need to keep up with threats like these. Because until a PAM solution does some sort of continuous validation that can be trusted, humans will have to make sure that this isn’t an avenue that the bad guys can use to get into an organization.

Leave a comment »

« Older Entries
Newer Entries »