April 2021

Klarrio is now offering its customers the opportunity to use EU-hosted infrastructure for their cloud needs selecting any of Exoscale’s data center locations. Combining Klarrio’s system integration expertise with Exoscale cloud infrastructure while adh…

Read More A1 Digital partners with Klarrio to provide big data and streaming solutions on EU cloud infrastructure

China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor A China-linked cyberespionage group targets a Russian defense contractor involved in designing nuclear submarines for the Russian Navy. Cybereason researchers reported that a China-linked APT group targets a Russian defense contractor involved in designing nuclear submarines for the Russian Navy. The state-sponsored hackers […]

The post China-linked APT uses a new backdoor in attacks at Russian defense contractor appeared first on Security Affairs.

Read More China-linked APT uses a new backdoor in attacks at Russian defense contractor

The City of Toronto says it suffered a “potential cyber breach” from a hack of data in its Accellion FTA file transfer server in January that may have involved the health information of individuals.

The post Toronto hit by ‘potential cyber breach’ from Accellion file transfer software first appeared on IT World Canada.

Read More Toronto hit by ‘potential cyber breach’ from Accellion file transfer software

With files from Alex Coop   As the province overhauls its data infrastructure, Ontario is putting the call out to public organizations and businesses to help it create a new provincial data authority. Ontario is putting extra focus on ensuring that information collected is “private, secure, anonymous and cannot identify people individually,” according to Finance […]

The post Ontario to create Data Authority to securely house provincial information first appeared on IT World Canada.

Read More Ontario to create Data Authority to securely house provincial information

UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. Researchers from FireEye’s Mandiant revealed that a sophisticated cybercrime gang tracked as UNC2447 has exploited a zero-day issue (CVE-2021-20016) in SonicWall Secure Mobile Access (SMA) devices, fixed earlier this year, before […]

The post UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed appeared first on Security Affairs.

Read More UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed

UNICC and Group-IB detected and took down a massive multistage scam campaign circulating online on April 7, World Health Day. Group-IB, a global threat hunting and adversary-centric cyber intelligence company that specializes in investigating hi-tech cybercrimes, and the United Nations International Computing Centre (UNICC), detected and took down a massive multistage scam campaign circulating online on April 7, World Health Day. […]

The post Saving World Health Day: UNICC and Group-IB take down scam campaign impersonating the World Health Organization appeared first on Security Affairs.

Read More Saving World Health Day: UNICC and Group-IB take down scam campaign impersonating the World Health Organization

Apple just patched a MacOS vulnerability that bypassed malware checks.

The flaw is akin to a front entrance that’s barred and bolted effectively, but with a cat door at the bottom that you can easily toss a bomb through. Apple mistakenly assumed that applications will always have certain specific attributes. Owens discovered that if he made an application that was really just a script—code that tells another program what do rather than doing it itself—and didn’t include a standard application metadata file called “info.plist,” he could silently run the app on any Mac. The operating system wouldn’t even give its most basic prompt: “This is an application downloaded from the Internet. Are you sure you want to open it?”…

Read More Serious MacOS Vulnerability Patched

Microsoft researchers are warning of major security vulnerabilities affecting OT and IoT devices and high-risks for businesses using them. Researchers from Microsoft’s Section 52 team recently uncovered several critical memory allocation flaws, collectively tracked as BadAlloc, affecting IoT and OT devices. The vulnerabilities could be exploited by attackers to bypass security controls to execute malicious […]

The post Microsoft warns of BadAlloc flaws in OT, IoT devices appeared first on Security Affairs.

Read More Microsoft warns of BadAlloc flaws in OT, IoT devices

This episode warns a new Linux backdoor has been discovered, reports how video game execs might not have good password security and urges QNAP users, again, to patch their devices

The post Cyber Security Today, April 30, 2021 – A Linux alert, negligent executives and another warning to QNAP users first appeared on IT World Canada.

Read More Cyber Security Today, April 30, 2021 – A Linux alert, negligent executives and another warning to QNAP users

Toronto is the next home for Netflix’s new headquarters, Facebook’s Q1 earnings exceed expectations despite all the controversy surrounding the social media giant, and an executive from Oracle had his Twitter account suspended after harassing a reporter. It’s all the tech news that’s popular right now. Welcome to Hashtag Trending! It’s Friday, April 30 and […]

The post Hashtag Trending, April 30, 2021 – Netflix picks Toronto, Facebook’s Q1 earnings; Oracle exec suspended on Twitter first appeared on IT World Canada.

Read More Hashtag Trending, April 30, 2021 – Netflix picks Toronto, Facebook’s Q1 earnings; Oracle exec suspended on Twitter

What. A. Week. Heaps of data breaches, heaps of law enforcement and gov stuff and somehow, I still found time to put even more IP addresses into the house courtesy of even more IoT. I’m not sure if the latter gives me a break from the more professional tech stuff

Read More Weekly Update 241

Code42 is introducing enhanced capabilities to the Code42 Incydr data risk detection and response product for identifying insider risk related to file uploads to unsanctioned websites. Incydr Browser Upload Detection is built to detect and alert securi…

Read More Code42 enhances Incydr to help identify insider risk related to file uploads to unsanctioned websites