Spring forward with these must-have tech essentials from Samsung

Posted in Commentary with tags on March 30, 2026 by itnerd

Spring is a natural moment to refresh the devices Canadians rely on every day. Samsung’s latest Galaxy lineup introduces updated AI capabilities, performance upgrades, and deeper ecosystem integration across mobile, audio, wearables, and PC. 

Here are a few standout devices, each defined by the core innovations driving them: 

  • For AI-powered mobile experiences, Galaxy S26 Series (Starting at $1,249.99 CAD) 
    Including Galaxy S26, S26+, and S26 Ultra, the latest S series is powered by Snapdragon® 8 Elite Gen 5 (3nm) and introduces expanded on-device AI. Features like Now Nudge enable context-aware assistance, Notification Intelligence prioritizes key alerts, and Circle to Search 3.0 supports multi-object recognition. Privacy Screen adds pixel-level display protection, while Nightography Video enhances low-light capture. 
  • For AI productivity and PC performance, Galaxy Book6 Series (Starting at $1,449.99 CAD) 
    Including Galaxy Book6 and Galaxy Book6 Pro, the lineup combines Intel® Core™ Ultra processors with AI-driven productivity tools. The Pro model features a high-resolution AMOLED display with HDR support and variable refresh rate, alongside extended battery life and seamless continuity across Galaxy devices. 
  • For advanced audio and intelligent controls, Galaxy Buds4 Series (Starting at $249.99 CAD) 
    Including Galaxy Buds4 and Galaxy Buds4 Pro, the series introduces upgraded 2-way speakers (Pro), 24-bit Hi-Fi sound, and adaptive noise control. AI integrations enable voice access to Gemini, Bixby, and Perplexity, with new head gesture controls offering hands-free call management. 
  • For health tracking and wearable performance, Galaxy Watch8 Series (Starting at $499.99 CAD) 
    Including Galaxy Watch8 (40mm/44mm) and Galaxy Watch8 Classic (46mm), the series features a new 3nm chipset, expanded storage, and enhanced sensor capabilities. Updates include improved sleep analysis, activity tracking, and gesture controls, with the Classic model adding a rotating bezel and quick-access button. 
  • For device protection and lifecycle value, Samsung Care+ 
    Samsung Care+ provides coverage with unlimited repairs using Samsung-certified parts, free device replacement for loss, and worldwide repair support. Designed to maintain device performance and value over time, it offers an alternative to traditional carrier insurance with broader global coverage. 

For a limited time, until April 2, Canadian customers can access launch offers including 25% off Samsung Care+ for Galaxy S26 Ultra and 15% off across Galaxy S26 and S26+, Galaxy Buds4 series, and Galaxy Book6 series

More details are available at samsung.com/ca . 

Leave a comment »

TELUS launches SmartEnergy for Good across Ontario

Posted in Commentary with tags on March 30, 2026 by itnerd

TELUS is expanding its Connecting for Good programming, which builds stronger and healthier communities across Canada by ensuring no citizen is left behind and has access to world-leading technology, to now include TELUS SmartEnergy for Good. A first-of-its-kind initiative in Canada, TELUS SmartEnergy for Good is designed to advance energy equity by providing vulnerable households with access to smart energy technology at a subsidized monthly service cost. The first phase of SmartEnergy for Good has launched in Ontario, equipping eligible low-income households with the tools and technology they need to reduce energy consumption, lower their utility bills, and contribute to Canada’s climate targets.

The program is open to qualifying low-income Ontario residents, including seniors, families, and youth aging out of government care. Through TELUS SmartEnergy for Good, qualifying customers will receive a subsidized comprehensive SmartHome Energy management package  including: a monthly TELUS SmartEnergy subscription, a smart thermostat rental, two energy monitoring plugs, and professional installation.

TELUS SmartEnergy is a subscription-based energy management solution helping Canadians save money on their energy bills and reduce their environmental footprint. Subscribers can save up to 15 per cent on energy bills by, among other things, automating temperature settings and powering down unused devices, while monitoring usage through personalized insights in the app.

Beyond subsidizing SmartHome technology, the initiative educates households on energy cost reduction while supporting Ontario’s emission reduction targets by reducing grid strain during peak demand. As part of its environmental commitment, TELUS will plant four trees per year on behalf of each participating household, contributing to carbon sequestration and climate resilience.

TELUS plans to bring SmartEnergy for Good to additional provinces across Canada later this year. To learn more, visit telus.com/smartenergyforgood.

Leave a comment »

The Director Of The FBI Has Had His Email Pwned By Iranian Hackers

Posted in Commentary with tags , , on March 30, 2026 by itnerd

The Iranian hacker group Handala has claimed another victim. After pwning this company, Handala has now apparently pwned the personal email account of FBI director Kash Patel. Cybernews suggests that this is in revenge for the FBI taking down the group’s leak site.

“Today, once again, the world witnessed the collapse of America’s so-called security legends. While the FBI proudly seized our domains and immediately announced a $10 million reward for the heads of Handala Hack members, we decided to respond to this ridiculous show in a way that will be remembered forever,” the group wrote on its new leak site.

“All personal and confidential information of Kash Patel, including emails, conversations, documents, and even classified files, is now available for public download” Handala claimed, also boasting about the alleged “get” on its now 42nd Telegram channel.

The posted samples include nine personal photos of Patel and an alleged resume belonging to the FBI head.

The FBI has basically admitted that this is real, and if you’re Patel or the FBI, this has to be highly embarrassing. But honestly, I think that’s the least of their problems. Handala is clearly on a rampage and I fully expect to see more pwnage from this group over the coming weeks seeing as they are an Iran aligned group and will likely want to “flex” for those in the Iranian regime who back them.

Leave a comment »

Rogers & Fido Have Been Pwned

Posted in Commentary with tags , , on March 30, 2026 by itnerd

Over the weekend it came to light that Canadian telco Rogers and their flanker brand Fido have been pwned and customer data is out there. I first saw this here:

But Cybernews saw a lot more that should scare any current or former Rogers customer.

Attackers posted an ad on a mostly Russian-speaking hacker forum, alleging the database for sale belongs to Rogers Communications, a Canadian media behemoth providing wireless, cable, and internet services.

The ad supposedly includes three Rogers’ Active Directory (AD) databases: users, groups, and devices. Organizations use AD to connect users with network resources. Typically, AD includes critical data on the company’s environment, for example, what users can do and what devices operate within the system.

And:

Data samples of the three AD databases included in the ad, and seen by Cybernews, contain customer names and surnames, phone numbers, email addresses, locations, company names, account launch date, user device operating systems, user roles, device security status, and other sensitive data points.

While the sampled attackers provided don’t include employee data, the Cybernews researcher team believes the AD could also host information on the company’s employees that use Rogers’ network resources, as this type of data is usually included in AD databases.

Threat actors put a $14,000 price tag on the three databases mentioned in the ad. The ad doesn’t specify the size of the database or the number of the company’s users it exposed.

The harm that this could cause is huge. Now the company is downplaying the extent of this pwnage based on this comment from the company:

“Through proactive monitoring, we identified that business contact information, such as work email addresses and phone numbers, for Rogers employees was posted on the dark web. No personal details, including banking information, social insurance numbers or passwords, were accessed or posted. Our investigation also indicates no customer information was accessed or posted,” Rogers told Cybernews.

The thing is that all of this information can be used to launch attacks on all who are affected. And Rogers in their statement doesn’t say how long the threat actors had access to their systems. The cynic in me says that it could be years as I have personally had a threat actor use very specific information to attempt to execute a social engineering attack on my wife and I which I posted a story about here. And that incident was in 2023. So I would not be shocked that when all the details are made public that the threat actors were inside Rogers systems for at least that long. But I am free to be proven wrong on that front. All Rogers has to do is to post what happened, how long it has been happening and what they will do to stop it from happening in the future. It will be interesting to see if Rogers actually does that, or simply tries to sweep this under the nearest rug and hope that this goes away.

Leave a comment »

A Perspective On Russia linked threat actors targeting Signal, WhatsApp and Telegram From Detectify

Posted in Commentary with tags on March 27, 2026 by itnerd

Following up on the recent news of Russia linked threat actors targeting Signal, WhatsApp and Telegram Fredrik Almroth, co-founder and Security Researcher at appsec security firm Detectify serves up some perspective on how messaging apps and personal devices are becoming an increasingly important part of the real attack surface.

“The broader lesson is that organizations should stop treating secure messaging as a silver bullet. Strong encryption matters, but it does not protect you if the endpoint is compromised or the account itself is hijacked. What makes this trend so concerning is that it blurs the line between consumer technology and resilience infrastructure. Messaging apps, smartphones, and linked devices are now woven into how governments, companies, and critical sectors actually function – often adopted at a velocity that traditional security struggles to match.

Modern defense is no longer just about protecting official systems, but about protecting the communications reality people actually operate in. The attack point is often not the ‘secure bunker,’ but the phone in someone’s pocket. From an attacker’s perspective, these channels are attractive precisely because they are trusted, ubiquitous, and often far less visible to defenders than formal enterprise systems. If hostile actors can reach decision-makers, staff, or even suppliers through trusted channels, they can bypass a surprising amount of traditional security.

Often, they do not need to break encryption at all. They just need to compromise the device, hijack the account, abuse a linked-device workflow, or trick the user at the right moment. This is why the communications layer around sensitive institutions is now part of the real attack surface.

In practice, that means paying far more attention to mobile-device hygiene for executives and other high-risk personnel. You don’t just need to secure the network, but also improve the communications habits around your it. Smart attackers will always go for the points of least resistance.You can spend millions hardening formal systems, but if your most sensitive conversations are happening on poorly governed devices and trusted consumer apps, that’s where they’ll go.”

Leave a comment »

NCSC urges industry to secure “vibe coding” as AI-generated software adoption accelerates

Posted in Commentary with tags on March 27, 2026 by itnerd

This week at the RSA Conference, the UK’s National Cyber Security Centre (NCSC) CEO Richard Horne called on the cybersecurity community to develop safeguards around “vibe coding” as adoption of AI-assisted development tools continues to grow and presents both opportunities and risks.

Horne stated that while AI-generated code could help reduce vulnerabilities if implemented securely, it also has the potential to introduce or propagate weaknesses if not properly designed and reviewed. The NCSC emphasized that AI development tools must be secure by design and trained to avoid generating insecure code, as part of a broader effort to improve software security outcomes.

The agency also noted that the rapid growth of AI-assisted development is expected to drive wider adoption of “vibe coding,” making it critical for security professionals to establish controls and best practices early. The NCSC said the industry has both the opportunity and responsibility to ensure that AI-driven software development results in more secure systems over time.

   “To combat this “multi-dimensional” threat, our collective approach to defending our societies must match that, likening cyber defense to a full court press in basketball, where “collective pressure from all actions together” can have greatest impact,” Horne said.

Rajeev Raghunarayan, Head of GTM, Averlon had this to say:

   “Richard Horne is right to flag vibe coding as a security concern. The deeper risk is what it does to the underlying environment. More AI-generated code means more updates, more dependencies, and faster change across systems that security teams are still struggling to keep pace with.

   “The challenge isn’t just whether AI generates insecure code. Environments no longer stay stable long enough to evaluate risk the way teams operated traditionally through point-in-time scans, static prioritization, and backlog-driven remediation. Security must move at the same pace as the introduced changes, meaning it must evaluate and address risk as it happens, not weeks or months later.”

Ryan McCurdy, VP of Marketing, Liquibase adds this comment:

   “AI compresses the time between idea and production, raising the stakes for change control. When database changes reach production without policy enforcement, approvals, drift detection, and auditability, companies multiply risk with every release. The consequences show up in outages, compliance exposure, slower incident response, and inconsistent data that weakens execution across the business.

   “Leaders who govern change well can scale AI with more control, protect business-critical operations, and accelerate transformation without increasing operational risk.”

Michael Bell, Founder & CEO, Suzu Labs follows with this comment:

   “The NCSC’s Richard Horne is right that the cybersecurity community needs to get ahead of vibe coding rather than fight adoption. The commandments his team published at RSA this week are all individually correct. Secure model defaults. AI code reviews. Deterministic guardrails. Secure hosting. But treating them as a checklist misses how security actually works. No single control catches everything.

   “Vibe coding security needs to be defense in depth. Security checks at the model layer, at pre-commit, at the build pipeline, at deployment, and at runtime. Each layer catches what the previous one missed. We’ve already seen what happens when security depends on one check. When researchers examined vibe-coded applications, 10% of apps on one platform had the exact same security misconfiguration, and broader research shows only 10.5% of AI-generated code is secure even when 61% is functionally correct.

   “The NCSC’s CTO imagined a future where AI code ends up more locked down than any SaaS product ever was. That’s achievable. But only if we build layered security infrastructure to match the speed of AI-assisted development. One check at one stage is a half-court trap. The adversary gets around it. Defense in depth is the full court press.”

There a dangers in terms of using AI to write code. Organizations need to be aware of that and take the right mitigations before something really bad happens. And I do mean really bad.

Leave a comment »

Google Warns Q-Day Now Coming in 2029

Posted in Commentary with tags on March 27, 2026 by itnerd

Google has issued a new warning urging companies that they should now prepare for Q-Day in 2029:

As a pioneer in both quantum and PQC, it’s our responsibility to lead by example and share an ambitious timeline. By doing this, we hope to provide the clarity and urgency needed to accelerate digital transitions not only for Google, but also across the industry.

Quantum computers will pose a significant threat to current cryptographic standards, and specifically to encryption and digital signatures. The threat to encryption is relevant today with store-now-decrypt-later attacks, while digital signatures are a future threat that require the transition to PQC prior to a Cryptographically Relevant Quantum Computer (CRQC). That’s why we’ve adjusted our threat model to prioritize PQC migration for authentication services — an important component of online security and digital signature migrations. We recommend that other engineering teams follow suit.

The full statement can be found here: https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/

Lieutenant General Ross Coffman (U.S. Army, Ret.) who currently serves as President of Forward Edge-AI, provided the following comment:

“I am elated by Google’s announcement. We’ve been saying it for two years. The shot clock has started. We don’t know when, but we know Q-Day is coming. It’s time to get ready.” 

This is a real threat that organizations need to prepare for. And preparations need to begin today because 2029 seems like a long time. But it isn’t/

Leave a comment »

DH2i to Host Live Webinar “High Availability, Simplified: What’s New in DxEnterprise v26 & DxOperator v2”

Posted in Commentary with tags on March 26, 2026 by itnerd

DH2i today announced it will host a live webinar titled, “High Availability, Simplified: What’s New in DxEnterprise v26 & DxOperator v2.” This demo-driven event is intended to provide IT teams with a practical, real-world look at how to simplify and strengthen Microsoft SQL Server high availability across increasingly complex, multi-platform environments.

When: April 16 at 12:00 pm Eastern Time / 9:00 am Pacific Time

What: IT teams are under pressure to support more platforms, protect against increasingly diverse security threats, and fulfill higher uptime expectations for SQL Server – and they are often forced to do it with a complex patchwork of platform-limited solutions.

DH2i has unveiled the latest iteration of its high availability software and SQL Server operator for Kubernetes with DxEnterprise v26 and DxOperator v2. This all-in-one software solution introduces brand new capabilities and enhancements to simplify HA management for your most critical workloads, ensure robust network security against modern threats, and streamline cluster management across Windows, Linux, containers, and the cloud.

Join DH2i for this fast-paced session where they will walk through how its latest software release easily layers right on top of any mix of existing infrastructure to enable:

  • SQL Server K8s scale-up AND scale-down automation
  • Granular database-level monitoring with more predictable and reliable failover
  • Seamless integration with K8s StatefulSets for streamlined pod management
  • Optimized security & performance for heterogeneous environments

Featured Speaker: Sasindu Wickramasingha Gamachchige, Sr. Technical Engineer, DH2i 

Sasindu Wickramasingha Gamachchige is DH2i’s behind-the-scenes superhero. By day, a Sr. Technical Support Engineer, by night… still a Sr. Technical Support Engineer (because high availability never sleeps). Armed with deep expertise in complex IT environments and superhuman troubleshooting instincts, he protects mission-critical systems from chaos and downtime. Gamachchige brings calm confidence to even the most stubborn clusters. 

Learn more and register herehttps://dh2i.com/webinar-simplified-high-availability-solution/ 

1 Comment »

Chinese Hackers Plant Digital Sleeper Cells in Telecom Backbone

Posted in Commentary with tags on March 26, 2026 by itnerd

Researchers at Rapid 7 have uncovered evidence of an advanced China-nexus threat actor, Red Menshen, placing stealthy digital sleeper cells in telecommunications networks to carry out high-level espionage, including against government networks.

Rapid 7 has a blog post on this here: https://www.rapid7.com/blog/post/tr-bpfdoor-telecom-networks-sleeper-cells-threat-research-report/

Lieutenant General Ross Coffman (U.S. Army, Ret.) who currently serves as President of Forward Edge-AI, provided the following comment:

“Chinese hackers caught deep in the backbone of telecommunications infrastructure are doing so for high-level espionage.

Anyone that’s surprised by this news should be embarrassed. This is not the end nor the beginning. We’re in a fight to protect our data. PWC technologies that protect data inflight need to be deployed across verticals to protect the US and the free world against China and other malicious actors.”

This shows how far threat actors are willing to go to execute whatever plans that they have. This is crafty and stealthy and dangerous. Defenders should bear that in mind.

Leave a comment »

AI Infrastructure Emerges as Cyber War Target Says CloudSEK

Posted in Commentary with tags on March 26, 2026 by itnerd

Cybersecurity firm CloudSEK has published research showing that the infrastructure organisations use to train and deploy AI systems is dangerously exposed. The report focuses on MLOps platforms, the operational backbone of modern AI, and finds that leaked credentials and misconfigured deployments are handing adversaries quiet, persistent access to systems that were never designed with security in mind.

The timing matters. After US and Israeli forces struck Iranian nuclear and military sites on February 28, 2026, Iranian APT groups, including MuddyWater, APT34, APT33, and APT35 showed clear signs of heightened activity. But CloudSEK’s analysts note that the footholds these groups hold inside Western defence, financial, and aviation networks were not built in response to that escalation. They were built before it.

What CloudSEK Found

In a 72-hour scan of public GitHub repositories and internet-facing infrastructure, the research team identified:

  • Over 100 exposed credential instances tied to platforms including ClearML, MLflow, Kubeflow, Metaflow, ZenML, and Weights & Biases. Keys were hardcoded directly into source files, configuration scripts, and environment files that were left public.
  • More than 80 MLOps deployments are sitting open on the public internet with weak or no authentication. Basic scanning tools like Shodan and FOFA were enough to find them.
  • Multiple platforms where anyone could create an account, walk into the dashboard, browse active projects, pull model artifacts, and access connected cloud storage credentials with no barriers at all.
     

None of this required exploiting a software vulnerability. It used the same interfaces that engineers use every day.

Why MLOps Platforms Are Worth Targeting

MLOps platforms coordinate everything in an AI operation: training pipelines, model storage, cloud integrations, and execution agents that run around the clock. Getting inside one of these platforms gives an attacker far more than a data breach. It gives them four things:Dataset exfiltration: training data typically contains surveillance feeds, telemetry, and behavioural analytics. Studying it tells an adversary exactly what signals a model trusts and where its blind spots are.

Model theft: downloaded model files can be analysed offline to reverse-engineer the decision logic behind AI systems used in targeting, surveillance, or autonomous operations. Training data poisoning: with write access to a pipeline, adversaries can subtly corrupt retraining inputs. The model degrades over time, with no forensic trace and no security alert. Execution environment abuse: MLOps workers trust instructions from the control plane. Attackers can use that trust to run arbitrary code inside the compute infrastructure connected to sensitive internal networks.

A Multi-Actor Threat Landscape

The MLOps threat does not sit with Iran alone. North Korea’s Lazarus Group and TraderTraitor have spent years hiding malicious packages inside npm and PyPI ecosystems, quietly compromising developer infrastructure at scale. Chinese APT groups have a direct strategic interest in understanding how Western militaries use AI-assisted decision-making. Russia, too, has been watching.

Proxy groups add further complexity. Hamas-affiliated MOLERATS, Hezbollah-linked operators, and Houthi-aligned actors have all been documented running cyber operations in parallel with kinetic activity, often targeting the same organisations their backers have in their sights.

The report’s sharpest point is about intent. These actors do not need to destroy an AI system. They need to make it unreliable. A targeting model whose thresholds shift through poisoned retraining data, an anomaly detector tuned to ignore a specific pattern: that is battlefield sabotage. It leaves no forensic trace, triggers no security alert, and has no obvious point of attribution.

The Security Gap No One Is Talking About

The core problem is not a software bug. It is a maturity gap. CI/CD systems and cloud IAM services have been hardened through more than a decade of real-world attack exposure. Most MLOps platforms have not. They were built to speed up model development, and security was rarely part of the original brief.

One finding stands out. Cloud storage credentials for AWS S3, Google Cloud Storage, and Azure Blob are routinely stored inside MLOps platform interfaces in a form that can simply be retrieved. Anyone who gets into the platform gets the keys to the cloud storage too. One breach becomes two.

What Organisations Should Do Now

CloudSEK lays out four immediate steps:

  • Stop hardcoding credentials. API keys, access tokens, and cloud credentials have no place in source code or config files. Use a dedicated secrets manager and rotate regularly.
  • Take MLOps platforms off the public internet. Enforce authentication, segment networks, and switch off open self-registration on any externally accessible instance.
  • Drop static cloud storage keys in favour of short-lived, role-based credentials. It limits how far a compromise can spread.
  • Treat MLOps like the critical infrastructure it is. Monitor access to datasets, models, and pipelines with the same rigour applied to CI/CD systems and cloud control planes.
     

Note on Responsible Disclosure

This research was conducted using publicly accessible information. All validation was performed passively, with no modifications made to any systems, pipelines, datasets, or models. All sensitive details, including credential values and organizational identifiers, have been redacted.

For More Details, Read The Full Report

Leave a comment »

« Older Entries
Newer Entries »