Over 700,000 documents belonging to Smoke Alarm Solutions, Australia’s largest smoke alarm installation and service provider, were exposed according to cybersecurity researcher Jeremiah Fowler.  The key findings are as follows:  762,856 documents with a total size of 107 GB;  355,384 unique documents marked as invoices revealing Customers’ PII;  Documents such as inspections, compliance reports and more.  Should this data had been discovered by ill-intentioned hackers could have put their customers across Australia at risk to phishing attacks, financial fraud and eve ..read more

Legit Security, the leading platform for enabling companies to manage their application security posture across the complete developer environment, today announced a strategic reseller partnership with GuidePoint Security, the leading cybersecurity solution provider that empowers organizations to make smarter decisions and minimize risk. As organizations build scalable application security programs, they face many challenges, including enforcing consistent policies across disparate product and application teams and demonstrating compliance to various regulations and security frameworks. G ..read more

Did you lose your Santa costume riding with Uber? Because someone did… On the heels of the total solar eclipse, Mercury is heading into Retrograde, ushering in a period of cosmic chaos that astrologists say increases forgetfulness. Naturally, we’re back with the eighth annual Uber Lost & Found Index, revealing the most surprising and most popular items left behind by riders over the past year.  Vapes, phones and bags made the list of the most commonly forgotten items this year, but riders aren’t just leaving their everyday essentials behind – they’re forgetting everythi ..read more

I’ve been tipped off to Canadian movie theatre chain Cineplex being under a credential stuffing attack. This is not the first time that this has happened from what I can tell. Which makes me wonder why Cineplex is a frequent target of this. In any case, users who are affected by this credential stuffing attack will get an email that looks like this: Now when one gets an email like this, they should validate that the email is legitimate by checking the email addresses of who sent it and the reply to email address. Both of those checked out when I examined the email that a reader of this blog g ..read more

I have dealt with scammers for years. But this is the first time that I have heard of a scam leading to someone to being killed. I have for you a news report where a man in Ohio was being bombarded with scam calls, which lead to an Uber driver being shot and killed by said man. Here’s the video that describes what happened. And I will say that this is not for the faint of heart: What this appears to be is a scam where instead of the scammers using electronic means to steal money from you, they somehow get you to withdraw cash and then have someone pick it up from you. That someone may be an i ..read more

By Gregg Ostrowski, CTO Advisor, Cisco Observability    Digital experience is now positioned at the heart of almost every organization’s strategic priorities. Whether it’s driving employee engagement to address skills gaps and boost productivity, reaching new and diverse audiences, or deepening relationships (and expanding revenue streams) with existing customers, businesses must deliver exceptional digital experiences to be successful. We’ve reached the point where “experience is everything.”   Globally, consumer demand for applications and digital services is on the rise ..read more

As the Canadian job market evolves, LinkedIn unveils its 2024 Top Companies list, coinciding with shifting employment trends in the country. Recent data highlights a growing labor pool and rising unemployment rates, signaling a transition to an “employer’s market”. LinkedIn’s Top Companies is an annual list driven by exclusive LinkedIn data, aimed at assisting professionals in discovering leading global organizations renowned for their commitment to growth, learning opportunities, workplace equity, and vibrant company culture. Below is the list of the top 10 companies on LinkedI ..read more

Elon Musk does a lot of things that make me say WTF. But this one takes the prize for dumbest idea ever. A Twitter account called X Daily News noticed this: SPECULATION: X might be expanding its policy to charge new users before they reply/like/bookmark a post https://t.co/odqeyeiHBx pic.twitter.com/EU71qlwQ0D — X Daily News (@xDaily) April 15, 2024 Elon himself responded to this with the following: Unfortunately, a small fee for new user write access is the only way to curb the relentless onslaught of bots. Current AI (and troll farms) can pass “are you a bot” with ease. — Elon Musk (@e ..read more

 Pentera, the leader in automated security validation, today released the results of its third annual industry survey: The State of Pentesting 2024. The report provides a snapshot of how security leaders in enterprises across the globe have adopted security validation strategies across their organizations over the past year.  Threat actors are continuing to successfully breach across the entire attack surface and the stakes are only getting higher: 93% of enterprises who admitted a breach reported unplanned downtime, data exposure, or financial loss as a result. Enterprises are ..read more

The COVID-19 pandemic led to a massive rise in the use of video conferencing platforms like Zoom. However, this surge in popularity also drew the attention of cybercriminals, who aimed to exploit the platform’s expanding user base for their malicious activities. Abnormal Security has released its latest blog, looking at the methods used to obtain stolen Zoom accounts, the platforms where they are traded, and the motivations behind this illicit market. While cybercriminals use a variety of methods to obtain stolen Zoom accounts, phishing remains the predominant tactic.  You can read t ..read more