Cyber Security Today, May 3, 2024 – North Korea exploits weak email DMARC settings, and the latest Verizon analysis of thousands of data breaches
IT World Canada » Security
by Howard Solomon
2M ago
North Korea exploits weak email DMARC settings, and the latest Verizon analysis of thousands of data breaches. Welcome to Cyber Security Today. It’s Friday May 3rd, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for TechNewsday.com. North Korean hackers are trying exploit improperly configured DMARC email server security controls to hide spearphishing attacks. The warning to email and IT security administrators comes from American cyber agencies. DMARC is short for Domain-based Message Authentication, Reporting and Conformance. Without properly configured DMARC poli ..read more
Visit website
Cyber Security Today, April 29, 2024 – Credential stuffing attacks are hitting firms using Okta ID management solutions, and more
IT World Canada » Security
by Howard Solomon
3M ago
Credential stuffing attacks are hitting firms using Okta ID management solutions, and more. Welcome to Cyber Security Today. It’s Monday, April 29, 2024. I’m Howard Solomon. Credential stuffing attacks on organizations that use Okta’s identity and access management solutions have spiked in the last nine days. The company issued that warning on Saturday. It comes after Cisco Systems warned last week that it is seeing large scale brute force attacks on a number of gateways and web application authentication services. These are attacks where hackers try to sign-in using large lists of u ..read more
Visit website
Cyber Security Today, Week in Review for week ending Friday, April 26, 2024
IT World Canada » Security
by Howard Solomon
3M ago
Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday April 26, 2024. From Toronto, I’m Howard Solomon. In a few minutes David Shipley, head of Beauceron Security, will be here to discuss some of the biggest news of the past week. They include the latest developments in the ransomware attack on Change Healthcare, a vulnerability found in an abandoned open source project, the next step in Canadian cybersecurity legislation for overseeing critical infrastructure and the passing in the U.S. of a law demanding China’s TikTok become Americanzied. But befor ..read more
Visit website
Cyber Security Today, April 26, 2024 – Patch warnings for Cisco ASA gateways and a WordPress plugin
IT World Canada » Security
by Howard Solomon
3M ago
Patch warnings for Cisco ASA gateways and a WordPress plugin. Welcome to Cyber Security Today. It’s Friday, April 26th, 2024. I’m Howard Solomon.   Network administrators with Cisco Systems’ ASA security appliance on their networks are urged to install the latest security patches. This comes after the discovery of two zero-day vulnerabilities that are being exploited. Cisco says the attacker is likely a government-backed threat actor. Although compromised devices were first seen in January, attack activity may have started as early as last November. Cisco can’t say right now how ..read more
Visit website
Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more
IT World Canada » Security
by Howard Solomon
3M ago
Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more. Welcome to Cyber Security Today. It’s Wednesday April 24th, 2024. I’m Howard Solomon.  Security teams may be getting better at finding hackers lurking in their IT systems. That’s according to Mandiant’s latest annual M-Trends report. The mean time an attacker spent on Mandiant customers’ networks before being detected dropped last year to 10 days. That’s compared to 16 days before being detected in 2022. However, the report suggests ransomware played a key in the drop because it tends to be ..read more
Visit website
Cyber Security Today, Week in Review for week ending Friday April 19, 2024
IT World Canada » Security
by Howard Solomon
3M ago
Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, April 19th, 2024. I’m Howard Solomon. In a few minutes Jen Ellis, a member of the Ransomware Task Force will be here to talk about the group’s recent report on what governments need to do before banning ransom payments. But first a look at some of the headlines from the past seven days: Sophisticated cyber attacks aren’t new. But old-fashioned brute force credential attacks are still being used by threat actors. Researchers at Cisco Systems’ Talos threat intelligence service say brute force attack ..read more
Visit website
Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more
IT World Canada » Security
by Howard Solomon
3M ago
Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more. Welcome to Cyber Security Today. It’s Friday, April 19th, 2024. I’m Howard Solomon.   The Europol European police co-operative says one of the largest phishing-as-a-service platforms has been severely disrupted. This week law enforcement agencies from 19 countries including the U.K., the United States and Canada shut the IT infrastructure of LabHost. They also arrested 37 suspects. For a monthly subscription the site sold access to phishing kits, infrastructure for hosting phony w ..read more
Visit website
Cyber Security Today, April 17, 2024 – More suspicious attempts to take over open source projects, a data theft at a Cisco Duo partner, and more
IT World Canada » Security
by Howard Solomon
3M ago
More suspicious attempts to take over open source projects, a data theft at a Cisco Duo partner, and more. Welcome to Cyber Security Today. It’s Wednesday, April 17, 2024. I’m Howard Solomon. The recent takeover of an encryption utility used by Linux may not be an isolated incident. The OpenJS Foundation, home to open JavaScript projects, says it recently detected an attempt by a threat actor or actors to designate them as a new maintainer of a project to correct any vulnerabilities. After that the OpenJS recognized two other JavaScript projects not hosted by the Foundation had simil ..read more
Visit website
Cyber Security Today, April 15, 2024 – Act fast to a plug hole in Palo Alto Networks firewall, Canadian comedy festival loses over $800K in email scam, and more
IT World Canada » Security
by Howard Solomon
3M ago
Act fast to a plug hole in Palo Alto Networks firewall, Canadian comedy festival loses over $800K in email scam, and more. Welcome to Cyber Security Today. It’s Monday, April 15th, 2024. I’m cybersecurity reporter Howard Solomon. A critical vulnerability in the GlobalProtect feature of Palo Alto Networks’ PAN-OS operating system has been exploited at several organizations at least as far back as March 26th. That’s the finding by researchers at Volexity who discovered the hole. A threat actor has in some cases deployed a custom backdoor written in the Python language by using the vuln ..read more
Visit website
Cyber Security Today, Week in Review for week ending Friday, April 12, 2024
IT World Canada » Security
by Howard Solomon
3M ago
Welcome to Cyber Security Today. This is the Week in Review for the week ending Friday, April 12th, 2024. I’m Howard Solomon. In a few minutes David Shipley, head of Beauceron Security, will be here to discuss recent news. We’ll talk about more hot water for Microsoft, a second look at the scare facing the Linux community, an alert to the healthcare sector on IT help desk scams and a warning to LG smart TV owners. Before we get to the discussion, here are other highlights from this week: LastPass released a report describing a deepfake audio call to an employee impersonating its CEO ..read more
Visit website

Follow IT World Canada » Security on FeedSpot

Continue with Google
Continue with Apple
OR