North Korea exploits weak email DMARC settings, and the latest Verizon analysis of thousands of data breaches. Welcome to Cyber Security Today. It’s Friday May 3rd, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for TechNewsday.com. North Korean hackers are trying exploit improperly configured DMARC email server security controls to hide spearphishing attacks. The warning to email and IT security administrators comes from American cyber agencies. DMARC is short for Domain-based Message Authentication, Reporting and Conformance. Without properly configured DMARC poli ..read more

Data may have been stolen in London Drugs cyber attack, Congressional testimony today by UnitedHealth CEO on ransomware attack, and more. Welcome to Cyber Security Today. It’s Wednesday, May 1st, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for TechNewsday.com.  London Drugs, a Western-Canadian drug store chain, is still trying to recover from what it calls a cybersecurity incident that was discovered on the weekend. On Tuesday afternoon, when this podcast was recorded, the company said in a tweet that all of its stores were still closed and phone lines disco ..read more

Credential stuffing attacks are hitting firms using Okta ID management solutions, and more. Welcome to Cyber Security Today. It’s Monday, April 29, 2024. I’m Howard Solomon. Credential stuffing attacks on organizations that use Okta’s identity and access management solutions have spiked in the last nine days. The company issued that warning on Saturday. It comes after Cisco Systems warned last week that it is seeing large scale brute force attacks on a number of gateways and web application authentication services. These are attacks where hackers try to sign-in using large lists of u ..read more

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday April 26, 2024. From Toronto, I’m Howard Solomon. In a few minutes David Shipley, head of Beauceron Security, will be here to discuss some of the biggest news of the past week. They include the latest developments in the ransomware attack on Change Healthcare, a vulnerability found in an abandoned open source project, the next step in Canadian cybersecurity legislation for overseeing critical infrastructure and the passing in the U.S. of a law demanding China’s TikTok become Americanzied. But befor ..read more

Patch warnings for Cisco ASA gateways and a WordPress plugin. Welcome to Cyber Security Today. It’s Friday, April 26th, 2024. I’m Howard Solomon.   Network administrators with Cisco Systems’ ASA security appliance on their networks are urged to install the latest security patches. This comes after the discovery of two zero-day vulnerabilities that are being exploited. Cisco says the attacker is likely a government-backed threat actor. Although compromised devices were first seen in January, attack activity may have started as early as last November. Cisco can’t say right now how ..read more

Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more. Welcome to Cyber Security Today. It’s Wednesday April 24th, 2024. I’m Howard Solomon.  Security teams may be getting better at finding hackers lurking in their IT systems. That’s according to Mandiant’s latest annual M-Trends report. The mean time an attacker spent on Mandiant customers’ networks before being detected dropped last year to 10 days. That’s compared to 16 days before being detected in 2022. However, the report suggests ransomware played a key in the drop because it tends to be ..read more

Vulnerability found in CrushFTP file transfer software, security updates for Cisco’s controller management application, and more. Welcome to Cyber Security Today. It’s Monday April 22nd, 2024. I’m Howard Solomon. A warning is going out about a vulnerability in another file transfer platform. The hole is in CrushFTP servers, which run on Windows, Linux, Unix and macs. Versions below 11.1 are open to compromise. The exceptions are servers that have a DMZ in front of their main CrushFTP servers. Cisco Systems has released security updates to close vulnerabilities in its Integrated Manag ..read more

Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, April 19th, 2024. I’m Howard Solomon. In a few minutes Jen Ellis, a member of the Ransomware Task Force will be here to talk about the group’s recent report on what governments need to do before banning ransom payments. But first a look at some of the headlines from the past seven days: Sophisticated cyber attacks aren’t new. But old-fashioned brute force credential attacks are still being used by threat actors. Researchers at Cisco Systems’ Talos threat intelligence service say brute force attack ..read more

Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more. Welcome to Cyber Security Today. It’s Friday, April 19th, 2024. I’m Howard Solomon.   The Europol European police co-operative says one of the largest phishing-as-a-service platforms has been severely disrupted. This week law enforcement agencies from 19 countries including the U.K., the United States and Canada shut the IT infrastructure of LabHost. They also arrested 37 suspects. For a monthly subscription the site sold access to phishing kits, infrastructure for hosting phony w ..read more

Just how real is quantum computing? We have an amazing guest on our Weekend Edition who will talk about how she is helping people prepare for IT careers using quantum computing. Meta’s new AI release sparks a debate about open versus closed source AI, major legislation expanding US government surveillance capabilities goes largely unnoticed, big questions about how accurate these AI launch videos are, and before you book that next business trip, a former Boeing manager says he won’t fly on some Boeing planes. All this and more on the “flying under the radar” edition of Hashtag Trending. I’m yo ..read more