The Weekly New Rewire is a survey of cyber-related or adjacent news stories that I read this week (or recently). Please leave a comment if you think I missed anything.

Editor Notes:

• I am increasingly thinking I should create a specific United Kingdom/EU section. If you would like me to do so, feel free to leave a comment.

• I am working to resolve some issues with my DNS and domain name, so if you have issues accessing Canadian Cyber in Context, you can always reach it at canadiancyber.substack.com

Leave a comment

Share

Canadian News

• Vancouver-based Hootsuite could receive up to $2.8 million USD for contract with US immigration enforcement (ICE)

• NGen is hosting the Canada Pavilion at Hannover Messe 2026.

  • Hannover Messe is one of the world’s largest industrial trade fairs that includes a lot of cyber security and emerging technologies.

• Prime Minister Carney forges new strategic partnership with the People’s Republic of China focused on energy, agri-food, and trade

  • Joint statement of the Canada-China Leaders’ Meeting

  • A few mentions of technology and exchanges including “digital content creators”

• Prime Minister Carney secures new partnership with Qatar to increase trade, investment, and defence cooperation

  • Prime Minister Mark Carney of Canada and Amir of Qatar His Highness Sheikh Tamim bin Hamad Al Thani commit to deepening bilateral engagement and economic cooperation

  • Among the bilateral agreements signed is a Memorandum of Understanding for Cooperation in the Field of Information Technology

• Military Cyber Security Operations Course officially begins in Manila, Philippines

  • Additional social media coverage: #1, #2

    

• Canada’s pension plan invested $416 million in Musk’s deepfake porn-generating AI

• Infrastructure failure and cybersecurity threats top list of risks for City of Calgary

• Data Privacy Week 2026: Prioritizing privacy by design

• Shared Services Canada hit with major layoffs among federal government layoffs

  • Digital services and cyber security are often one of the first to receive funding cuts regardless of if it is government or private sector.

  • Public service job cuts will be ‘minimal’ in procurement and contracting roles, says PSPC

• CSE breached law by directing actions at Canadian: report

  • The National Security and Intelligence Review Agency determined that CSIS providing a Canadian’s information to CSE to analyze for foreign intelligence was a breach of the law because CSE’s action still targeted a Canadian (via their information).
    
    This makes sense legally, but I worry about the potential gaps in Canadian intelligence this reveals. If I understand this right, theoretically what could have happened here is CSIS obtains a warrant on a Canadian that is spying on behalf of a foreign power, but because they are still a Canadian, CSE cannot use anything obtained from that individual to analyze the role of the foreign power involved because this would still involve CSE targeting a Canadian. Little is known about the case other than CSIS had a lawfully obtained warrant against the Canadian, which is allowed under CSIS’ mandate, so this is all speculative but does suggest that Canada’s intelligence services may have gaps in their cyber capabilities if they are unable to cooperate with CSE in such a manner.

• Experts say 6G networks still years away, but Canada’s already preparing for the technology of the future

  • Canada and a lot of Western countries learned the lessons of 5G where China strategically ensured that it had an advantage by putting a lot of investment into developing and formalizing 5G. This gave Chinese firms like Huawei an advantage by aligning industry to deploy 5G earlier than many Western telecom companies.

• Dominon Dynamics opening factory in Ottawa, Ontario Canada

  • Dominion Dynamics is a new Canadian defence firm focused on developing C4ISR/sensing technology for Canada’s North and Arctic.

• TikTok Is Now Collecting Even More Data About Its Users. Here Are the 3 Biggest Changes

  • “According to its new privacy policy, TikTok now collects more data on its users, including their precise location, after majority ownership officially switched to a group based in the US”

    I would normally put this in the US section, but it’s likely this affects Canada as well.

• Tanium and Computacenter Partner to Secure for Government of Canada’s Endpoint Visibility, Awareness and Security (EVAS) program

  • This is the program CSE/SSC will be using for better network visibility and identify where they need to deploy more of CSE’s sensors.

• Federal Court sets aside TikTok Canada shutdown order

• Government plans to bring forward online harms bill, AI minister says

Have your business and logo featured in Canadian Cyber in Context with a sponsorship.

Canada Cyber Watch

While not all attacks are reported or receive media attention, any notable or open-source cyber attacks on Canadian organizations and any relevant cyber threat intelligence to Canada will be posted here. I only list Canadian Centre for Cyber Security’s (CCCS) alerts here and not all advisories, follow the full feed here.

• Grubhub confirms hackers stole data in recent security breach

• Detailed Analysis of LockBit 5.0

  • “The update from LockBit 4.0 to 5.0 significantly enhances analysis evasion and attack efficiency.”

• New Phishing Campaign Targeting LastPass Customers

• Arctic Wolf Observes Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts

  • Threat actors are bypassing Single Sign-On (SSO) creating their own admin account for future access and stealing the device’s current configuration file. Fortinet patched the bug in December but now says the vulnerability continues to be exploited in the newer firmware.

• Cisco Unified Communications Products Remote Code Execution Vulnerability

• China-Linked APT Exploited Sitecore Zero-Day in Critical Infrastructure Intrusion

  • Focused on critical infrastructure in North America

• Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

• Alert - AL26-002 -Vulnerability affecting GNU Inetutils Telnetd - CVE-2026-24061

Research and Op-Eds

The Rudderless Management of Canadian Federal Cyber Security

Alexander Rudolph

·

Jan 20

Read full story

• Le Canada se voit-il vassal ou souverain? (Does Canada see itself as a vassal or a sovereign?)

  • Although not directly talking about cyber, information and communication technologies is at the heart of this discussion due to US dominance in this space.

• Center for Counter Digital Hate: Grok floods X with sexualized images of women and children

  • “Grok generated an estimated 3 million sexualized images, including 23,000 of children, based on our sampling.”

• Silverado Policy Accelerator: China’s Global Exports of Rare Earth Elements and Rare Earth Permanent Magnets

• Reflectiz: The State of Web Exposure 2026

  • According to the report, based on an analysis of 4,700 leading websites, 64% of third‑party applications access sensitive data without legitimate business justification

• Globe and Mail Opinion: Your e-mail to your co-worker might pass through the U.S. before returning

  • Byron Holland is the president and chief executive of the Canadian Internet Registration Authority, which manages the .CA domain.

United States News

• Microsoft Gave FBI Keys To Unlock Encrypted Data, Exposing Major Privacy Flaw

  • This needs to be a major wake up call for Canada. “A valid legal order” increasingly does not mean much in the United States, but American corporations are complying in advance.

• Anchorage PD Proactively Monitoring Third-Party Service Provider for Cybersecurity Incident

• Jordanian Man Admits Selling Unauthorized Access to Computer Networks of 50 Companies

• U.S. cyber chief nominee warns Congress of Chinese pre‑positioning in critical infrastructure

• China May Have Accessed U.S. Supercomputing Resources To Fuel Its Military Modernization Efforts

• United States National Defense Strategy 2026

  • There is very little on cyber, largely boilerplate stuff. The only thing that really stood out was what I included before. Department of Defense “will also develop other options to deter or degrade cyber threats to the U.S. Homeland.” Is very interesting and vague wording.

The United States is expected to release a National Cybersecurity Strategy in 2026, so we’ll hold out for that.

International News

• New Zealand: ManageMyHealth Breach Exposes 126K Users

• Germany: More storage, more monitoring, more hacking

  • Germany’s Federal Intelligence Service is seeking to develop more cyber capabilities to become more independent from the United States and allies.

• Georgia Probes How Russian Gas Purchase Details Appeared on Government Website

• X still allowing users to post sexualised images generated by Grok AI tool

• Brussels in move to bar Chinese suppliers from EU’s critical infrastructure

• Chinese AI Developers Say They Can’t Beat America Without Better Chips

  • The race for computing power will increasingly run into hardware bottlenecks. This is already affecting memory costs and the increasing politicization of chips and hardware amid the chip wars and will continue to increase tensions between China and the United States.

• Spanish power giant sparks breach probe amid claims of massive data grab

• Cyberattack on Iran state TV’s satellite transmission to broadcast exiled crown prince

• Television broadcasts hacked in Iran: ‘Continue your struggle. Freedom is closer than ever’

  • This is not to say it isn’t Iranian hackers, but Israel and the United States like to pretend to be hacktivists in Iran to target the government.

• Under Iran’s internet blackout, SpaceX’s Starlink is a lifeline — if it can stay online

• Everest ransomware gang said to be sitting on mountain of Under Armour data

• Parliament tells Dutch gov’t to keep DigiD data out of American hands

• Everest Ransomware Claims McDonalds India Breach Involving Customer Data

• Overrun with AI slop, cURL scraps bug bounties to ensure “intact mental health”

• Asking Grok to delete fake nudes may force victims to sue in Musk’s chosen court

• Cyberattack Targeting Poland’s Energy Grid Used a Wiper

• UK and China Set Up Forum on Cyberattacks to Lower Tensions

  • China is increasingly exhibiting an openness to communicate about cyber operations as part of its broader strategy.

Q&A

Every week, I will answer any questions that I receive through the Weekly News Rewire Slido here. Slido allows readers to anonymously submit questions and vote on those they would like answered.