The IT Nerd

Canada’s first innovation hub dedicated to accessibility startups and technologies is launching its flagship location today in Toronto today. With the support of HP Inc., the Access to Success (ATS) Innovation Hub will bring together entrepreneurs, corporations, international networks and government agencies to accelerate connection and unlock new pathways for capital, procurement and technology adoption. 

Located on Toronto’s waterfront at 130 Queens Quay East, the ATS Innovation Hub offers a shared environment that fosters the exchange of ideas, partnerships and problem solving. The hub unites innovators developing solutions across disability sectors including mobility, sensory, cognitive, neurodiversity, and mental health; and thematic areas such as the Future of Work, Active Mobility, Aging in Place and more. With the backing of HP, participants have access to integrated workstations equipped with laptops, monitors, docking stations, printers, and essential workplace technology. This robust infrastructure helps reduce technology access barriers and enables users to focus on building and scaling impactful accessibility solutions. 

The hub will not only drive innovation but also support policy dialogue, promote accessibility technologies, build capital partnerships, and strengthen procurement pathways to speed up market entry in Canada and internationally. It shows how public-private collaborations can boost inclusive innovation and deliver expandable benefits for people with disabilities. 

Representing the first major initiative in an expanded partnership with HP, this launch supports HP’s global mission to accelerate the Future of Work for 150 million people by 2030. The effort began in 2024, when Access to Success was selected for the HP’s Accelerator. Following the success of that program, Access to Success and HP established a long-term strategic partnership focused on expanding accessibility training, advancing inclusive technology standards, and equipping people with disabilities with the skills needed to thrive in the Future of Work. 

For more information, visit accesstosuccess.ca 

Today, at HP Imagine 2026, the company launched HP TPM Guard – the first hardware solution to stop physical TPM bus attacks, delivering the world’s first business notebook to prevent physical-access attacks that defeat BitLocker drive encryption. HP also announced enhancements to its HP Wolf Security PC portfolio and brought quantum resistance to a broader range of HP printers.

Closing the BitLocker Security Gap with HP TPM Guard

PCs are at the center of modern, hybrid work, storing vast amounts of sensitive information – from confidential documents and credentials to customer and employee data. With the rise of AI applications processing voice, video and screenshots, the volume of sensitive data held on PCs is only increasing.

BitLocker has been widely used by enterprises to protect this data if PCs are lost or stolen, but vulnerabilities uncovered in recent years can enable an attacker with physical access to a device to bypass BitLocker and extract the data. Commonly referred to as “TPM bus attacks”, this technique relies on attackers intercepting communication between the certified Trusted Platform Module (TPM) and CPU, and can be performed in under a minute, using just $20 of hardware with minimal training. 

HP TPM Guard protects against this threat by introducing an encrypted link between the TPM and CPU, preventing interception and probing attacks. The TPM is cryptographically bound to the device, rendering it inoperable if removed or tampered with – closing this industry wide security gap, without adding complexity for IT teams.

HP TPM Guard is the latest in a long series of security innovations to come out of the HP Security Lab over the last 20 years. HP proactively identifies emerging threats, creates solutions for HP products, and then works with industry standards bodies to ultimately raise the bar for the whole IT ecosystem. With this in mind, HP has already submitted a proposal to the Trusted Computing Group to contribute TPM Guard technology as an industry standard.

To read about the engineering behind HP TPM Guard please visit this blog.

New HP Wolf Security Capabilities to Reduce Cost and Risk for Businesses

HP is also strengthening security across its commercial PC portfolio by announcing new HP Wolf Security capabilities. They are focused on increasing the synergy between Workforce Experience Platform (WXP), HP Wolf Security, and the enterprise architecture to reduce operational overhead and cyber-risk. These new capabilities include:

• Wolf Controller / WXP Integration to lower risk and operational friction
• Next Gen Wolf Connect cellular card to deliver better accuracy with less power consumption
• Broader Sure Recover platform support at lower cost
• Centralized security log collection on the Wolf Controller

Quantum Resistance – The Future of Print Security

Experts predict that the possibility of a quantum computer breaking existing asymmetric cryptography is up to 34% by 2034 driving the urgency for quantum-resistant protections. With printers increasingly targeted as an entry point into networks, HP is expanding quantum-resistant cryptography to a wider range of devices:

• New HP LaserJet Pro 4000/4100 Series: The world’s first SMB printers with quantum-resistant protection alongside tamper-resistant toner chips, firmware, and packaging. HP Workforce Experience Platform, and optional HP Security Manager, also enable streamlined security compliance and fleet-wide device management under one umbrella.
• New HP LaserJet Enterprise 5000/6000 Series: The world’s first enterprise printers shipped from the factory with protection against quantum computer-based attacks^[iv],reducing the risk of exposure. The series is also powered by HP Wolf Enterprise to detect, isolate, and automatically recover from cyberattacks and features the only printers with zero-day threat detection and recovery during memory code execution.

The HP LaserJet Enterprise 5000/6000 Series will also feature Automated Guided Redaction, which detects and removes sensitive information, such as personal data or financial details, helping organizations support compliance requirements without adding extra review steps for IT.

More information on today’s news at HP Imagine can be found here

As CES 2026 concludes in Las Vegas today, here’s a recap HP’s presence at the show along with a few highlights. From AI-powered PCs to gaming and everyday computing, HP announced a range of updates focused on how AI is showing up more meaningfully across work and life. 

• Shaping the future of work: HP introduced a new generation of AI-powered PCs and devices, including the industry’s first AI PC built directly into a keyboard, alongside refreshed EliteBook and OmniBook portfolios designed for hybrid, AI-intensive workflows. 
• Reimagining the desk: HP unveiled new desk-centric products at CES, including the EliteBoard G1a Next-Gen AI PC, the world’s first full PC built into a keyboard, and the HP Series 7 Pro 4K Monitor with Neo:LED display technology, designed to support more flexible and visually immersive work setups. 
• Driving intelligent work forward: From Microsoft Copilot integration at the printer to enhanced IT management and recovery tools, HP expanded its AI ecosystem to help simplify workflows and improve the employee experience.  
• The future of play: HP unified OMEN and HyperX under a single gaming vision, introducing new hardware and experiences built to deliver uncompromised performance for gamers and creators. 
• Powering everyday life: HP announced updates across its consumer and creative portfolio, including new OmniBook notebooks, the OmniStudio X 27 All-in-One desktop, refreshed Chromebook models, and expanded software experiences, reinforcing its focus on AI-enabled devices designed to support how people live, work and create every day. 

HP today issued its latest Threat Insights Report, revealing how attackers are refining campaigns with professional-looking animations and purchasable malware services. HP Threat Researchers warn that these campaigns mix convincing visuals, well known hosting platforms like Discord, and regularly updated malware kits to evade detection by users and detection tools. The report provides an analysis of real-world cyberattacks, helping organizations keep up with the latest techniques cybercriminals use to evade detection and breach PCs in the fast-changing cybercrime landscape. Based on the millions of endpoints running HP Wolf Security, notable campaigns identified by the HP Threat Research Team include:

• DLL sideloading slips past endpoint security scanners: Attackers impersonating the Colombian Prosecutor’s Office emailed fake legal warnings to targets. The lure directs users to a fake government website, which displays a slick auto-scroll animation guiding targets to a “one-time password”, tricking them into opening the malicious password-protected archive file.
  • The file – once opened – launches a folder that includes a hidden, maliciously modified dynamic link library (DLL). This installs PureRAT malware in the background, giving attackers full control of a victim’s device. The samples were highly evasive. On average, only 4 per cent of related samples were detected by anti-virus tools.
• Fake Adobe update installs remote access tool: A fake Adobe-branded PDF redirects users to a fraudulent site that pretends to update their PDF reader software. A staged animation shows a spoofed installation bar that mimics Adobe. This tricks users into downloading a modified ScreenConnect executable – a legitimate remote access tool – which connects back to attacker-controlled servers, so they can hijack the compromised device.
• Discord malware dodges Windows 11 defences: Threat actors hosted their payload on Discord to avoid building their own infrastructure and piggybacked off the positive domain reputation of Discord. Before deployment, the malware patches Windows 11’s Memory Integrity protection to bypass this security feature. The infection chain then delivers Phantom Stealer, a subscription-based infostealer sold on the hacking marketplaces with ready-made credential and financial theft features that update frequently to evade modern security tools.

Alongside the report, the HP Threat Research Team has published a blog analyzing the threat of session cookie hijacking attacks, the use of stolen credentials in intrusions and the proliferation of infostealer malware. Rather than stealing passwords or bypassing multi-factor authentication (MFA), attackers are hijacking the cookies that prove a user is already logged in, giving them instant access to sensitive systems. HP analysis of publicly reported attack data found that over half (57%) of the top malware families in Q3 2025 were information stealers, a type of malware that typically has cookie theft capabilities.By isolating threats that have evaded detection tools on PCs – but still allowing malware to detonate safely inside secure containers – HP Wolf Security has insight into the latest techniques used by cybercriminals. To date, HP Wolf Security customers have clicked on over 55 billion email attachments, web pages, and downloaded files with no reported breaches.The report, which examines data from July – September 2025, details how cybercriminals continue to diversify attack methods to bypass security tools that rely on detection, such as:

• At least 11% of email threats identified by HP Sure Click bypassed one or more email gateway scanners.
• Archive files were the most popular delivery type (45%), seeing a 5% point rise over Q2, with attackers increasingly using malicious .tar and .z archive files to target users.
• In Q3, 11% of threats stopped by HP Wolf Security were PDF files, growing 3% points over the previous quarter.

Please visit the Threat Research blog to view the report.

Attackers will accelerate their investments in cookie theft

Ian Pratt, HP Global Head of Personal Systems Security

Generalized MFA deployment will accelerate threat actors’ switch to stealing cookies and tokens instead of passwords. This means threat actors will need to act swiftly from time of theft, utilizing the stolen cookie before it expires to insert backdoors that then grant them persistent access. Online marketplaces will expand to enable this with rapid trading and exploitation.

Defenses against cookie and token theft are not mature and are inconvenient for users. This means that we will see attacks involving such theft becoming increasingly commonplace. This is particularly serious for privileged users such as sysadmins, who frequently use web browsers to access high value administrative web sites, such as EntraID, InTune, or AWS web portals, where cookie theft creates an easy path to a catastrophic enterprise breach.

Issuing sysadmins with a second PC, a Privileged Access Workstation (PAW), is today’s recommended best practice, but is far from universally implemented, and there are plenty of examples where PAWs themselves have become compromised.

For critical applications, enterprises are going to need to look toward additional layers of defense, such as strong isolation and application security posture attestation.

Cybercriminal Groups Will Rely on AI Agents to Automate Reconnaissance and Target
Organizations

Alex Holland, Principal Threat Researcher in the HP Security Lab

“In 2026, we expect to see organized crime groups automate workflows and outsource more tasks using AI agents in their attacks, especially preparatory tasks like researching victims to target. Beyond this, rapid improvements in large language models and agentic AI systems are expanding their role in the attack lifecycle. Threat actors will no longer limit their AI use to basic automation or phishing content creation. They will also start using AI to assist with complex tasks like vulnerability discovery.

“AI assistance will help threat actors to scale their operations, making campaigns more efficient by reducing the resources and skills attackers need to breach targets.

“Against a barrage of AI-assisted attacks, even the best detection tools will miss some threats. Instead, organizations need to ensure threats can be contained, isolated and remediated, safeguarding their fleets, maximizing uptime and ultimately securing the future of work.”

Physical Attacks on Devices Will Become Cheaper and Easier for Cybercriminals

Boris Balacheff, Chief Technologist for Security Research and Head of the HP Security Lab

“Hybrid work is accelerating the commoditization of attacks enabled by physical access to devices. This is because devices are more exposed as employees are more mobile and distributed, and the tools needed for device tampering become increasingly accessible and affordable. Next year, IT leaders should anticipate this will continue, with easy-to-use exploitation kits and investment by threat actors into new physical attack techniques. In response, security auditors will increasingly focus on how organizations deploy best practices to protect data and device integrity across their fleets of devices.

“Employees today work in cafés, bars, hotels, and conference centers across the globe, using shared infrastructure and peripherals, and giving threat actors ample opportunity to tamper with a device when its owner steps away. With physical tampering, threat actors can seek to exfiltrate data, grasp control of compromised devices to gain broader access to enterprise networks, and even mount destructive attacks to brick devices that are not designed with self-healing built in from the ground up.

“To ensure the Future of Work is secure, organizations will need to prioritize hardware with security and resilience built in at every level. They will need to look for device security capabilities to help protect hardware and firmware integrity, as well as data security, from physical attacks, and learn to integrate hardware-level authentication and attestation into their zero-trust architecture strategies.”

Organizations will Finally Take Notice of IoT, Edge, and Print Security After a String of Attacks

Steve Inch, Global Senior Print Security Strategist at HP Inc.

“After a year of high-profile attacks against connected devices, organizations will finally prioritize security for devices at the network edge. For example, security vulnerabilities allowed for remote takeovers of printers, highlighting the risks of leaving printers unprotected.

“For too long, printers have been the lowest priority on every security team’s list. Many organizations lack basic visibility and control over print infrastructure. This creates security blind spots – from exploitation attempts to insider threats, outdated firmware, malicious updates and misconfigurations, such as open ports or unchanged default credentials.

“These security gaps give threat actors a potential launchpad to not only compromise a printer and the data it holds but also other devices on the network. In the year ahead, organizations and governments will demand that endpoint devices like printers come with continuous and active system monitoring throughout their lifecycle.

“To defend the Future of Work, organizations need to secure their complete device ecosystem, including their printers. They should prioritize the ability to automate print fleet security compliance and automatically assess fleet firmware vulnerability status, minimizing IT overhead in 2026.”

Quantum Resistance will Become a Vendor Requirement

Thalia Laing, Principal Cryptographer at HP Security Lab

“A year on from the introduction of new NIST standards for quantum-resistant asymmetric cryptography, public sector and critical infrastructure companies are going to accelerate planning and vendor engagements to chart a path towards migration. This process will reveal the scale of the challenge: with NIST intending to deprecate RSA-2048 by 2030 and all RSA and Elliptic Curve Cryptography by 2035, many vendors are likely to seize the opportunity to move directly from RSA 2048 to quantum resistant algorithms, particularly in critical industries and long-life systems, such as hardware.

With ongoing advances in quantum computing, the prospect of a quantum computer capable of breaking asymmetric cryptography within a decade is becoming increasingly plausible. The US government’s decision to set a quantum-resistance deadline of 2027 for new National Security System devices signals this urgency.

“To become quantum resilient, organizations must start by preparing their long-lived hardware, including their printers and PCs. With a typical commercial PC refresh averaging at just over 4 years and an even longer lifespan for office-class commercial printers – devices procured in 2026 have the potential to be in use within the timeframe of a cryptographically relevant quantum computer.

“From 2026 onwards, quantum resilience will increasingly influence hardware procurement decisions. This will increase pressure on device manufacturers to future-proof their devices by embedding quantum resistant cryptography into their products, while pushing for the protection of long-life data. By embedding quantum resilience now, organizations can maintain trust in the
technologies shaping the Future of Work.”

The Spotlight draws over Identity, Provenance, and Persistent Control

Peter Blanchard, Document Workflow Security Strategy Principal at HP Inc.

“In 2026, we’ll see efforts within enterprise security shift from fragmented identity frameworks and perimeter-based controls to a unified, data-centric model. Today’s zero-trust implementations often create complexity and fatigue, with identity scattered across users, apps, and devices. This fragmentation leads to blind spots, inconsistent enforcement, and poor user experience. The next phase will prioritize consolidation: centralized identity orchestration that simplifies access, strengthens governance, and reduces operational risk.

At the same time, we’ll see security move from focusing on point of entry, to managing the custody of data throughout its lifecycle. Organizations will need visibility into where data originates, how it is used, and who has access – even after it leaves their boundaries. Identity and policy will travel with the data, embedded through persistent controls, telemetry, and rich metadata. Dynamic permissions such as ‘can I share this?’ will evolve into continuous oversight, ensuring compliance online and offline.

Provenance and lifecycle control will become critical in the age of AI, where transparency and trust are non-negotiable. By embedding identity, custody, and governance controls into the core of digital ecosystems, organizations will achieve stronger, adaptive security that protects without adding friction, safeguarding the Future of Work.”

As AI adoption accelerates across Canadian workplaces, a new study from HP Canada reveals that most organizations are discovering that productivity isn’t just about the tools they have but about how effectively teams can use them.

The survey of 501 Canadian business leaders demonstrates strong enthusiasm for AI, but inconsistent integration, uneven training, and a lack of role-specific applications are creating friction in day-to-day workflows.

• 92% of leaders using AI say it saves time, but many admit that time often goes underleveraged. Without clear guidance on how to apply AI-supported efficiencies, teams default back to routine work instead of higher-value tasks like problem solving, strategy, or innovation.
• 89% of leaders say their company provides the tools employees need to be productive, over half (54%) remain uncertain about its impact
• 72% believe productivity would rise with more role-relevant AI tools
• 55% say their company is behind when it comes to adopting modern technology and innovation
• 49% say “productivity” has become more of a buzzword than a real outcome

You can read more here: https://www.newswire.ca/news-releases/beyond-the-buzzword-hp-uncovers-what-really-drives-productivity-in-canadian-businesses-836159531.html

HP Wolf Security just released its September Threat Insights Report highlightinig how attackers are modifying and improving old techniques to bypass detection and fool users.

By chaining living-off-the-land (LOTL) tools, using advanced visual deception to boost phishing success, and hiding malware in less obvious file types, like images, attackers are sharpening their edge.

Notable campaigns highlighted in the report include:

• Fake Adobe Reader invoices – ultra-realistic upload screens (see image below) – including a fake loading bar – used to hide a reverse shell inside a small SVG image, giving attackers remote access to user devices.
• Malware Hidden in Image Pixels – malicious code embedded in pixel data of Microsoft Compiled HTML Help files, with PowerShell and CMD used to execute and then delete evidence.
• Resurgent Lumma Stealer – spreading through IMG archive attachments, using LOTL and image-based delivery to bypass filters despite a law-enforcement crackdown earlier this year.

The report is here and there is a blog post as well for your reading pleasure.

As hybrid work becomes the norm in Canada, a growing tech disconnect is fueling employee frustration and burnout. With an explosion of new devices and digital tools, two-thirds of employees report they regularly struggle with workplace tech yet only half feel adequately supported by their IT teams.

This gap is taking a toll on productivity and morale, not just for frontline staff but also for the IT professionals tasked with holding it all together. As Canadian businesses push to modernize, the message is clear: improving the digital employee experience is no longer optional.

HP’s Workforce Experience Platform (WXP) is more than just IT support, it’s a strategic solution that streamlines workflows, resolves issues before they surface, and helps teams thrive in a complex, always-on world.

Some key ways WXP helps IT and security teams reshape the modern workplace:

• AI Sentiment Analysis: WXP now includes AI capabilities to assess and improve employee experience by analyzing sentiment data, allowing IT teams to identify and address issues before they impact productivity.
• Smarter Insights, Less Guesswork: Integration with Vyopta allows businesses to monitor and optimize collaboration environments with integrated insights into video and telephone endpoints, enhancing user satisfaction and performance.
• Fleet Explorer: A new AI-powered tool that uses natural language processing to help IT managers quickly access fleet data. Instead of sifting through reports, they can ask questions like “Which devices had the highest memory over-utilization in the past 30 days?” and get instant insights—enabling faster issue resolution before employee performance is affected.

To learn more about the HP Workforce Experience Platform, visit here.

New research from HP Wolf Security reveals that printer platform security – firmware and hardware protection – is being neglected, exposing organizations to security threats that can exfiltrate critical data and hijack devices.

Printers are now smart, connected devices storing sensitive data and operating on long refresh cycles. If left unsecured, they become long-term entry points for data breaches and firmware-based attacks.

The global study, based on 800+ ITSDMs, shows only 36% of IT and security decision-makers apply printer firmware updates promptly, even though IT teams spend an average of 3.5 hours per printer each month managing security issues.

The report also found security gaps across the other stages of the printer’s lifecycle, including:

• Supplier Selection & Onboarding: Just 38% of ITSDMs say procurement, IT, and security teams collaborate on printer security standards, with 60% warning that lack of collaboration increases risk.
• Remediation: 70% of ITSDMs are now more worried about offline print risks, like sensitive documents being printed or mishandled by employees.
• Decommissioning: 86% of ITSDMs say data security concerns block printer reuse or recycling, even as approximately eighty printers per organization sit idle or near end-of-life.

The link to the live report from HP is here: https://www.hp.com/content/dam/sites/garage-press/press/press-kits/2025/hp-wolf-security-study-reveals-gaps-in-print-security-leaving-devices-vulnerable-to-risk/Print%20Lifecycle%20Short%20Report.pdf

This week at InfoComm 2025, HP Inc. unveiled HP Dimension with Google Beam (formerly Project Starline), an AI-powered, true-to-life 3D video communications solution designed to take virtual collaboration to the next level. HP Dimension with Google Beam delivers a deeply immersive experience that replicates the feeling of being in-person, with no headsets, glasses, or wearables required.
 
Developed in partnership with Google, HP Dimension with Google Beam is designed to transform the future of workplace communications by combining breakthrough 3D imaging, natural eye contact, spatial audio, and adaptive lighting into an elegant solution for small meeting spaces.

Taking Virtual Collaboration to the Next Dimension

As organizations with distributed workforces embrace the new world of work, a critical gap has emerged between virtual and in-person communication. While video conferencing tools have enabled teams to stay in touch across time zones, they often fall short in replicating the in-person experience. 

Today, 73% of knowledge workers say they want to feel more connected to their coworkers.

HP Dimension with Google Beam is designed to establish deeper, more meaningful connections. It uses six cameras and state of the art AI to create a true-to-life 3D video of each participant, displayed on a special light field display with realistic size, depth, color, and eye contact. Testing, has shown a measurable impact compared to traditional video calls, with participants who used the solution for meetings reporting: 

• A 28% increase in memory recall
• Up to 39% more non-verbal behaviors displayed
• At least 14% increase in focus on the meeting partner

These findings translate to faster alignment, more meaningful exchanges, and better business outcomes based on the authenticity of each interaction. HP Dimension with Google Beam brings depth, clarity, empathy, and subtlety to virtual meetings to help redefine collaboration and bring people together, no matter how far apart they are.

HP Dimension with Google Beam will provide a native Zoom Rooms or Google Meet experience and support three functions: 3D immersive one-on-one communications, 2D traditional group meetings, and meeting interoperability with cloud-based video services such as Teams and Webex.

HP Dimension with Google Beam is Designed for the Future of Work

HP Dimension with Google Beam represents the culmination of HP’s ongoing investment in innovation to create a culture with more immersive and authentic collaboration experiences designed for the Future of Work. HP and Google are taking this technology into the enterprise, to deliver deeper, more authentic human connection and communication.

HP Poly Studio A2 Audio Solutions: Precision Audio for Modern Collaboration

 

HP Poly Studio A2 Audio Solutions are purpose-built to deliver next-generation audio and more immersive meeting experiences with simplified deployment. Designed for seamless integration with the latest generation Poly Studio video solutions, the HP Poly Studio A2 system enables plug-and-play scalability in rooms of all sizes, and delivers clear, rich audio pickup so even participants that are farthest away in large meeting spaces are always heard clearly. 

The HP Poly Studio A2 Table Microphone features crystal-clear audio pickup, daisy-chain scalability for up to eight microphones, and clean cable management within a discreet, magnetic mount. The system offers premium performance at a fraction of the cost of traditional pro-AV installations.
 
The microphones connect to the HP Poly Studio A2 Audio Bridge, which enables simple scalability⁷ and high-fidelity audio for up to 32 synchronized input channels (up to 8 table microphones total, each one with four microphones). Seamlessly connect to any next-gen Poly Studio video system over a single Ethernet cable, which unlocks the full power of advanced audio intelligence with NoiseBlockAI technology for enhanced communication. 
 

Pricing and availability

• HP Dimension with Google Beam will be available to select customers starting in late 2025, for $24,999. Google Beam license will be sold separately.
• The HP Poly Studio A2 Audio Bridge will be available to order in June 2025 and begin shipping in September of 2025 for $549.
• The HP Poly Studio A2 Table Microphone will be available to order in June 2025 and begin shipping in September of 2025 for $329.