Spirent Communications released its 5G outlook report, based on analysis and takeaways from over 600 global 5G engagements in 2020. The report provides insights from across the 5G eco-system on the current status of 5G, illustrating the accelerated tim…Read More 5G experimentation and security grows in govt, military sectors
Organizations are overwhelmed by the choice of cyber security tools in the market. They need to balance prioritizing and remediating vulnerabilities with managing their secure configurations. What’s more, many organizations are using hybrid clouds wher…Read More Using Strategic Choices to Ensure Continuous and Effective Cyber Security
Guardicore released IPCDump, a new open source tool for tracing interprocess communication on Linux. The tool covers most interprocess communication (IPC) mechanisms, including pipes, fifos, signals, Unix sockets, loopback-based networking, and pseudot…Read More IPCDump: Open-source tool for tracing interprocess communication on Linux
Sentropy announced its first consumer product – and third product overall – Sentropy Protect, which enables Twitter users to proactively identify and protect themselves from abusive Twitter accounts. Built upon its world-class abuse detection technolog…Read More Sentropy Protect helps tackle online hate and harassment from abusive Twitter accounts
Sonrai Security announced significant new functionality designed to automate prevention of data breaches in public cloud deployments for its Sonrai Dig platform. Supporting leading public cloud databases in combination with advanced behavioral modeling…Read More Sonrai Dig offers automated prevention of data breaches in public cloud deployments
Flaw leaves millions of IT, OT, and IoT devices vulnerable to attack.Read More High-Severity Vulnerabilities Discovered in Multiple Embedded TCP/IP Stacks
SIEM, we need to talk! Albert Einstein once said, “We cannot solve our problems with the same thinking we used when we created them”. Security vendors have spent the last two decades providing more of the same orchestration, detection, and response capabilities, while promising different results. And as the old adage goes, doing the same thing over and over again whilst […]Read More XDR – Please Explain?
Microsoft is releasing new versions of Windows 10 on a set schedule – and just as regularly retiring older versions from support. Here are all the dates you need to know about.Read More Windows 10 update (and retirement) calendar: Mark these dates
Stories about computer security tend to go viral when they bridge the vast divide between geeks and luddites, and this week’s news about a hacker who tried to poison a Florida town’s water supply was understandably front-page material. But for security nerds who’ve been warning about this sort of thing for ages, the most surprising aspect of the incident seems to be that we learned about it at all.Read More What’s most interesting about the Florida water system hack? That we heard about it at all.
Most enterprise IT groups were set up to manage devices that, for the most part, were located inside company walls. Yes, support also had to extend to traveling users with the occasional problems ‒ but that was the exception, not the rule. Today, wi…Read More BrandPost: Partnering for Success in the New Normal: Why IT Needs Help Protecting Remote Devices
Analysts who anticipate the SASE market will expand by more than a factor of five before 2025 explain reasons behind the surge.Read More SASE Surge: Why the Market Is Poised to Grow
SAP released seven new security notes on February 2021 Security Patch Day, including a Hot News note for a critical issue affecting SAP Commerce. SAP released seven new security notes on February 2021 Security Patch Day and updated six previously released notes. The new security notes include a Hot News note that addresses a critical vulnerability, tracked as CVE-2021-21477, […]
The post SAP addresses a critical flaw in SAP Commerce Product appeared first on Security Affairs.Read More SAP addresses a critical flaw in SAP Commerce Product
The critical SAP cybersecurity flaw could allow for the compromise of an application used by e-commerce businesses.Read More SAP Commerce Critical Security Bug Allows RCE
The ransomware gang behind the hack of CD Projekt Red may be asking for $1 million opening bids for the company’s valuable data.Read More Hacker Sets Alleged Auction for Witcher 3 Source Code
The company expects to launch its first satellite in two years.
The post Telesat contracts Thales Alenia Space to build satellite broadband first appeared on IT World Canada.
Patch early, patch often. In fact, patch now if you haven’t already. Here’s why.Read More Patch now to stop hackers blindly crashing your Windows computers
Speaking at Technicity West, a digital conference that brought together some of the brightest technology leaders in Western Canada on February 9, 2021, Mayor Nenshi reminded his audience just how quickly COVID-19 overturned our world.
The post Calgary …
Cloud network security firm iboss has appointed former BlackBerry chief product architect Eric Cornelius as its chief product officer.
The post Former BlackBerry exec joins network security firm iboss first appeared on IT World Canada.
Tenable enters into $98m definitive agreement to acquire Activity Directory security startupRead More Tenable Announces Intent to Acquire Alsid
Antivirus firm Emsisoft discloses a data breach, a third-party had access to a publicly exposed database containing technical logs. The anti-malware solutions provider Emsisoft disclosed last week a data breach. The company revealed that a third-party had accessed a publicly exposed database containing technical logs. The root cause of the incident was a misconfiguration of […]
The post Anti-malware firm Emsisoft accidentally exposes internal DB appeared first on Security Affairs.Read More Anti-malware firm Emsisoft accidentally exposes internal DB
Researchers at Google and Stanford analyzed a 1.2 billion malicious emails to find out what makes users likely to get attacked. 2FA wasn’t a big factor.Read More Hybrid, Older Users Most-Targeted by Gmail Attackers
This month’s relatively humble bundle of security updates fixes 56 vulnerabilities, including a zero-day bug and 11 flaws rated as critical
The post Microsoft patches actively exploited Windows kernel flaw appeared first on WeLiveSecurity
If you work from home, you’re probably busier than ever these days. These 10 Mac tips should help you get more done faster.How to combine files into a PDF with Preview
So, you’ve got two or more different PDF documents and you want to combine them a…
Speaking at Technicity West, Surrey Mayor McCallum stressed the importance of Surrey’s commitment to citizen experience, technology adoption, and partnerships – especially during a global pandemic.
The post Prepared to pivot – tips from Surrey, B.C. fi…
Those who are committed to adopting the concept have the opportunity to make a larger business case for it across the organization, working with executive leaders to implement a zero-trust framework across the entire enterprise.Read More Zero Trust in the Real World
In light of the current pandemic, our healthcare industry has been challenged like never before. Healthcare workers heroically stepped up to the plate, caring for those in need, while the industry itself digitally transformed to keep up with the influx…Read More 75% of Apps in the Healthcare Industry Have a Security Vulnerability
21 of the 24 dating apps examined were tagged with the “*Privacy Not Included” warning label.Read More Mozilla privacy report on dating apps singles out Grindr for serious security lapses
Edmonton is using data to determine how much greenhouse gas it avoids emitting by having staff work remotely every day.
The post Taking advantage of data in a changing economy: Edmonton, Alberta first appeared on IT World Canada.
Need to get up to speed on the latest features in Excel? Wrestling with an old version of Word? Looking to get more out of Windows 10? Computerworld’s cheat sheets are easy-to-use guides to help you navigate Microsoft’s core productivity apps.Here’s…Read More Microsoft cheat sheets: Dive into Windows and Office apps
Addressing a virtual audience at Technicity West, Winnipeg Mayor Bowman highlighted some of the city’s projects around the use of open data
The post Harnessing open data and IoT keys for growth, says Winnipeg mayor first appeared on IT World Canada.
Malware designed to steal log-in information saved in browsers has infected 16 million computers and swiped credentials for up to 174,800 accounts.Read More NordVPN puts the price tag of stolen streaming subscriptions at $38 million
Valentine’s Day is nearly upon us – and as couples and singletons alike gear up for a day that’s traditionally all about sharing, when it comes to our digital identities, might we be sharing too much, and how can we protect ourselves? With data showing that past, present and possibly even future lovers are willing […]
The post Why it’s Best to Stick to Sharing Chocolates and Flowers this Valentine’s Day appeared first on McAfee Blogs.Read More Why it’s Best to Stick to Sharing Chocolates and Flowers this Valentine’s Day
Malicious Valentine’s Day-themed phishing campaigns are up 29% from last year, according to Check Point Research.Read More Love is in the air—and cybercriminals are taking advantage
In mid-October, Microsoft announced the availability of Windows 10 version 20H2, known as the October 2020 Update. But the launch of a major Windows 10 update isn’t the end of a process — it’s really just the beginning. As soon as one of Microsoft’s…Read More Windows 10: A guide to the updates
Microsoft never sleeps. In addition to its steady releases of major and minor updates to the current version of Windows 10, the company frequently rolls out public preview builds to members of its Windows Insider Program, allowing them to test out —…Read More Windows 10 Insider Previews: A guide to the builds
The gaming firm CD Projekt Red, which developed popular games like Cyberpunk 2077 and The Witcher, has disclosed a ransomware attack. The gaming firm CD Projekt Red, which developed popular games like Cyberpunk 2077 and The Witcher series, has suffered a ransomware attack. The company confirmed the security breach with a series of messages on […]
The post CD Projekt Red game maker discloses ransomware attack appeared first on Security Affairs.Read More CD Projekt Red game maker discloses ransomware attack
Novel supply chain attack allows researcher to hack internal systems of major companiesRead More Researcher Hacks Apple and Microsoft
Office 365 and Microsoft 365 subscribers always have the latest version of Microsoft Office — currently Office 2019. They also get more frequent software updates than those who have purchased Office 2019 without a subscription, which means subscribe…Read More Office 365: A guide to the updates
New Yorker stole intimate images from social media accounts and traded themRead More Hacker Admits Stealing College Girls’ Nude Snaps
Intel is warning on security bugs across its graphics drivers, server boards, compute modules and modems.Read More Intel Squashes High-Severity Graphics Driver Flaws
When she’s not perfecting her lock-picking skills, Angel Grant is busy building a diverse team who have the right attributes for the dynamic world of technology. In this edition of our podcast series, Angel explains that since your …
As a Google-identified attack reveals, security teams need to look beyond VPNs and network infrastructure to the channels where social engineering takes place.Read More Multivector Attacks Demand Security Controls at the Messaging Level
Microsoft has recently released the patched vulnerabilities roll which includes 56 system and operating system vulnerabilities and security updates for Windows 10. The complete patching list includes over 1000 items, 300 of them having been flagged as …Read More Patch Tuesday (February 2021): Microsoft Patches 56 Windows Vulnerabilities, including a Window Zero-Day Vulnerability
In a corporate context, an asset is part and parcel of a company’s financial worth. Assets hold economic value and future benefits, as they have the ability to generate cash flow. For this reason, IT asset management, or ITAM for short, is quintessenti…Read More Everything You Need to Know About IT Asset Management
The Code42 2021 Data Exposure Report highlights the need to adopt a new approach to data security and invest in modern Insider Risk technology.Read More The time for Insider Risk Management is now: Code42 2021 Data Exposure Report Reveals a Perfect Storm
Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.
Based on the company’s data, among last year’s top earners, there were groups like Ryuk, Maz…
Today’s podcast reports on a global phishing service shut by police in Ukraine, fake proof of virus vaccination cards offered for sale, a video game developer hit by ransomware and the latest Microsoft security updates
The post Cyber Security Today – P…
Apple has rolled out a fix for a critical sudo vulnerability in macOS Big Sur, Catalina, and Mojave that could allow unauthenticated local users to gain root-level privileges on the system.
“A local attacker may be able to elevate their privileges,” Ap…
In what’s a novel supply chain attack, a security researcher managed to breach over 35 major companies’ internal systems, including that of Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber, and achieve remote code execution.
2020 has initiated a sea change into the way organisations of all shapes and sizes approaches business. The new normal is here to stay for a while even after the pandemic subsides and remote and anywhere operations will remain the new norm for companies across the world. To meet the new needs of remote consumers […]
The post Safeguard your Business: Top Resolutions to Help Enhance your Cybersecurity appeared first on CyberDB.Read More Safeguard your Business: Top Resolutions to Help Enhance your Cybersecurity
A previously known Windows remote access Trojan (RAT) with credential-stealing capabilities has now expanded its scope to set its sights on users of Android devices to further the attacker’s espionage motives.
“The developers of LodaRAT have added Andr…
Understanding is the first step to combating Phishing: Types, Methodology & Prevention Tips According to the 2019 Data Breach Investigations Report (DBIR) by Verizon, phishing is the leading cause of data breaches. The data also shows us that phishing is also widely utilized for cyber espionage with more than three-quarters of all known incidents involving […]
The post Understanding is the first step to combating Phishing: Types, Methodology & Prevention Tips appeared first on CyberDB.Read More Understanding is the first step to combating Phishing: Types, Methodology & Prevention Tips
A new breach analysis from CI Security found that cybercriminals are going after medical billing and insurance companies.Read More 177% increase: Hackers grabbed 21.3 million healthcare records in the second half of 2020
While it’s logical to assume seniors would be primary targets, a new report revealed that millennials were actually the most targeted demographic group of the more than 50 billion spam calls made in 2020.Read More Hit block caller: 75% of Americans were targeted by scammers
Need to create and share a presentation? If so, you probably turn to the most popular presentation application in the world, Microsoft PowerPoint for Windows.Microsoft sells Office under two models: Individuals and businesses can pay for the softwar…Read More PowerPoint for Microsoft 365 cheat sheet
This download accompanies our story PowerPoint for Microsoft 365 cheat sheet. See that article for detailed information on how to get the most out of PowerPoint for Microsoft 365/Office 365 in Windows.To read this article in full, please click here(Ins…Read More PowerPoint for Microsoft 365 cheat sheet: Ribbon quick reference
Facebook toughens up on COVID-19 false claims, the digital currency Dogecoin is skyrocketing, and we take a look at an AI that shows which ads motivated people to buy products.
The post Hashtag Trending – Facebook expands false claims policy; Dogecoin …
Adobe released security patches for 50 flaws affecting six products, including a zero-day flaw in Reader that has been exploited in the wild. Adobe has released security updates that address 50 vulnerabilities affecting its Adobe Acrobat, Magento, Photoshop, Animate, Illustrator, and Dreamweaver products. Adobe fixed 23 CVEs in Adobe Reader, 17 of which have been rated […]
The post Adobe fixes a buffer overflow issue in Reader which is exploited in the wild appeared first on Security Affairs.Read More Adobe fixes a buffer overflow issue in Reader which is exploited in the wild
When hosting a video conference, make sure you password protect the conference so only authorized individuals can join. If there are any strangers or people who you do not recongize on the call, remove them.Read More Hosting a Video Conference
This blog provides a list of upcoming and archived talks in the webcast series.Read More [email protected] Schedule
This blog provides information about the new SANS ICS webcast series aims to equipping security professionals and control system engineers with the security awareness, work-specific knowledge, and resources they need to secure automation and control sy…Read More SANS ICS & Dragos host webcast series to strengthen the Industrial Control Systems Community
This blog provides resources related to healthcare security.Read More SANS Healthcare Security Resources
Microsoft today rolled out updates to plug at least 56 security holes in its Windows operating systems and other software. One of the bugs is already being actively exploited, and six of them were publicized prior to today, potentially giving attackers a head start in figuring out how to exploit the flaws.Read More Microsoft Patch Tuesday, February 2021 Edition
The intrusion also shows how redundancy and detection can minimize damage and reduce impact to the population.Read More Florida Water Utility Hack Highlights Risks to Critical Infrastructure
Today’s VERT Alert addresses Microsoft’s February 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-928 on Wednesday, February 10th. In-The-Wild & Disclosed CVEs CVE-2021-1732 A vulnerabi…Read More VERT Threat Alert: February 2021 Patch Tuesday Analysis
Microsoft February 2021 Patch Tuesday addresses 56 vulnerabilities, including a flaw that is known to be actively exploited in the wild. Microsoft February 2021 Patch Tuesday security updates address 56 CVEs in multiple products, including Windows components, .NET Framework, Azure IoT, Azure Kubernetes Service, Microsoft Edge for Android, Exchange Server, Office and Office Services and […]Read More Microsoft February 2021 Patch Tuesday fixes 56 bugs, including an actively exploited Windows zero-day
The two will join forces to accelerate digital transformation in key industries.
The post Telus and Google Cloud ink 10-year collaboration deal first appeared on IT World Canada.
Microsoft’s monthly security fixes addressed a Win32k zero-day, six publicly known flaws, and three bugs in the Windows TCP/IP stack.Read More Microsoft Fixes Windows Zero-Day in Patch Tuesday Rollout
Microsoft last week gave the green light for Windows 10 2004, signaling to commercial customers that the May 2020 feature upgrade is now reliable enough for them to widely deploy.”Windows 10, version 2004 is designated for broad deployment,” Microso…Read More Microsoft issues green light for Windows 10 2004. (But what’s the point?)
Genetic testing company with 10 million customers’ data has ‘huge cybersecurity implications’The genetic testing company 23andMe will go public through a partnership with a firm backed by the billionaire Richard Branson, in a deal that has raised fresh…Read More Fears over DNA privacy as 23andMe goes public in deal with Richard Branson
An international operation conducted by Ukraine’s police, along with the US and Australia peers, shut down the world’s largest phishing Service U-Admin. Last week, an international operation conducted by Ukraine’s police, along with the US and Australian authorities, lead to the shut down of the world’s phishing framework U-Admin. The National Police and its Main […]
The post Ukraine’s police arrested the author of the U-Admin phishing kit appeared first on Security Affairs.Read More Ukraine’s police arrested the author of the U-Admin phishing kit
The supply chain attack that Trojanized a SolarWinds update to infect and spy on the IT management platform’s customer base continues to be analyzed. Early reports have called the methods highly sophisticated and the actors highly trained. We do know that IP addresses, a command and control server and a malicious product update file were […]
The post Essential Threat Intelligence: Importance of Fundamentals in Identifying IOCs appeared first on Webroot Blog.Read More Essential Threat Intelligence: Importance of Fundamentals in Identifying IOCs
Beware pseudo-geeks bearing ‘gifts’.Read More Beware of technical “experts” bombarding you with bug reports
All users of Plex Media Server are urged to apply the hotfix, which directs their servers to respond to UDP requests only from the local network and not the public internet.Read More Plex patches media server bug potentially exploited by DDoS attackers
A Canadian expert wasn’t surprised to hear about the attack through a remote desktop application
The post Cyberattack on Florida water treatment plant raises alarms in Canada first appeared on IT World Canada.Read More Cyberattack on Florida water treatment plant raises alarms in Canada
The concept of a trail of breadcrumbs in the offensive security community is nothing new; for many years, researchers on both sides of the ethical spectrum have followed the compass based on industry-wide security findings, often leading to groundbreaking discoveries in both legacy and modern codebases alike. This happened in countless instances, from Java to […]
The post Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows’ Network Stack appeared first on McAfee Blogs.Read More Researchers Follow the Breadcrumbs: The Latest Vulnerabilities in Windows’ Network Stack
Faced with tight budgets and limited resources, municipalities are being forced to do more with less. A panel of experts at Technicity West share tips on how to find partners in a work-from-home world
The post Technicity West: Experts urge municipaliti…
Cloud-based big data platform boosts extended detection and response (XDR) offering.Read More SentinelOne Buys Data Analytics Company Scalyr
The challenges of remote work have been amplified for every industry during the COVID-19 pandemic, and the public sector is no different. At Technicity West, a panel of experts discussed these issues and how they’ve changed the way people work.
Municipalities are being forced to rethink how they develop and rollout internet infrastructure across municipalities now that public spaces like libraries and rec centres are no longer the Wi-Fi hotspots they used to be.
The post Technicity West: Citi…
Team members from different backgrounds, genders, ethnicities, and neurological abilities are best equipped to tackle today’s security challenges.Read More How Neurodiversity Can Strengthen Cybersecurity Defense
An attacker hacked into a Florida city’s water treatment plant and attempted to leverage that access to poison the municipality’s water supply. According to WTSP-TV, an operator at the water treatment plant in the 15,000-person City of Oldsm…Read More Attacker Hacked into Florida City’s Water Treatment Plant, Attempted to Poison Water Supply
Cloud services was the most impersonated industry, followed by financial services, e-commerce, and social media, researchers report.Read More Microsoft & Facebook Were Phishers’ Favorite Brands in 2020
With every new Android version comes a flurry of fancy fresh features. Some of them immediately transform the way we work, while others just quietly fade away without making much noise.And then there are the features that fall somewhere in between —…Read More 10 handy hidden Android features you probably forget to use
PTS Vendors who are Participating Organizations and PCI Recognized labs are invited to review and provide feedback on the draft PCI PIN Transaction Security (PTS) Hardware Security Module (HSM) Modular Security Requirements during a…
Proofpoint’s annual State of the Phish report shows phishing still a successful tactic for threat actors
The post Data loss, credential compromise up in phishing attacks in 2020, says vendor report first appeared on IT World Canada.
Any enterprise knows the biggest problem with rapid business expansion is scale; as a company’s business grows, it will face a range of unintended consequences. One of these can be a stealthy scourge of scam apps being sold at app stores, including …Read More It’s time for an App Store scam app crackdown
While the incursion was thwarted in time, cyberattacks targeting critical infrastructure are a major cause for concern
The post Hacker attempts to poison Florida city’s water supply appeared first on WeLiveSecurity
Quantum computing is the next frontier in computer science. It can bring untold benefits, allowing the development of new materials, tackling pandemics and making the world a greener, safer place. But it also threatens to break the encryption that keeps our data safe from prying eyes. France’s recent announcement to invest €1.8b into Europe’s quantum […]
The post Europe’s Quantum Story is Accelerating, and the World Will be Better for it appeared first on McAfee Blogs.Read More Europe’s Quantum Story is Accelerating, and the World Will be Better for it
While Gartner does not have a dedicated Magic Quadrant for Bug Bounties or Crowd Security Testing yet, Gartner Peer Insights already lists 24 vendors in the “Application Crowdtesting Services” category.
We have compiled the top 5 most promising bug bou…
By 2023, the size of the global cybersecurity market is predicted to grow to $248.26 billion. The industry is expected to grow at a consistent pace. You know what that means: more open positions, better salaries, and improved perspectives for career growth. Getting a cybersecurity MA degree is not easy, and it might cost you […]
The post Why You Should Study a Cyber Security Degree in 2021 appeared first on CyberDB.Read More Why You Should Study a Cyber Security Degree in 2021
Local officials said someone took over their TeamViewer system and dangerously increased the levels of lye in the town’s water.Read More FBI, Secret Service investigating cyberattack on Florida water treatment plant
But pre-ordering does not guarantee service.
The post SpaceX Starlink satellite internet now taking pre-orders in Canada first appeared on IT World Canada.
The development team behind the NextGen Gallery plugin has addressed two severe CSRF vulnerabilities that could have allowed site takeover. The developers behind the NextGen Gallery plugin have fixed two critical Cross-site request forgery (CSRF) vulnerabilities, their exploitation could lead to a site takeover, malicious redirects, spam injection, phishing, and other malicious activities. The NextGEN […]
The post Critical flaws in NextGen Gallery WordPress plugin still impact over 500K installs appeared first on Security Affairs.Read More Critical flaws in NextGen Gallery WordPress plugin still impact over 500K installs
Why do fileless attacks persist? Let’s break down the strengths and weaknesses of the existing mitigations.Read More Fighting Fileless Malware, Part 2: Countermeasures
Taking stock of least-privilege policies will go a long way toward hardening an organization’s overall security posture.Read More SolarWinds Attack Reinforces Importance of Principle of Least Privilege
IT teams should look for services with automatic alerts about user behavior, logging, scalability, and central management.Read More How to select an enterprise VPN that protects data but doesn’t drive users crazy
A new investigation of two known threat groups show cyber actors are spying on mobile devices and PCs belonging to targeted users around the world.Read More Iranian Cyber Groups Spying on Dissidents & Others of Interest to Government
Active accounts for people who have left your organization can make exploitation easy, according to Sophos.Read More Ransomware can be installed via ghost accounts