Patch warnings for Cisco ASA gateways and a WordPress plugin. Welcome to Cyber Security Today. It’s Friday, April 26th, 2024. I’m Howard Solomon.   Network administrators with Cisco Systems’ ASA security appliance on their networks are urged to install the latest security patches. This comes after the discovery of two zero-day vulnerabilities that are being […]

Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more. Welcome to Cyber Security Today. It’s Friday, April 19th, 2024. I’m Howard Solomon.   The Europol European police co-operative says one of the largest phishing-as-a-service platforms has been severely disrupted. This week law enforcement agencies from 19 countries including the […]

The company behind Pornhub and other popular pornographic sites broke Canadian privacy law by allowing intimate images to be shared on its websites without the direct knowledge or consent of everyone depicted, the federal privacy commissioner has ruled. The Office of the Privacy Commissioner’s (OPC) investigation into Aylo (formerly MindGeek), one of the world’s largest […]

A record US$1 billion paid to ransomware gangs last year, and more. Welcome to Cyber Security Today. It’s Friday, February 9th, 2024. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S. Organizations paid out more than $1 billion to ransomware gangs last year. That’s according to numbers compiled by Chainalysis. […]

Canada, the United States, France and the U.K. are among 25 countries, as well as groups representing nations, vowing today to take action on the abuse of commercial spyware by certain governments and law enforcement agencies. What is called the Pall Mall Process — after the initial two-day meeting in London — promised to create […]

Data Privacy Week is a period when organizations should reflect on whether they are at least doing the basics, says British Columbia’s privacy czar. “The basic fundamentals” are what privacy pros need to be pondering this week, Michael McEvoy, B.C’s information and privacy commissioner, said in an interview. “Which,” he added, “you have to be […]

Promoting Canadians’ fundamental right to privacy, addressing the privacy impacts of new technologies like artificial intelligence, and championing children’s privacy rights will be the priorities of the federal Office of the Privacy Commissioner (OPC) for the next three years. Commissioner Philippe Dufresne revealed the strategic plan Monday at the start of the annual observance of […]

In 2023, regulators around the world stiffened or vowed to tighten their data privacy and cybersecurity laws. Expect more of that in 2024. With Data Privacy Week starting today, it’s a development that should worry data privacy officers, CISOs, and CIOs who aren’t prepared. In the U.S., the WilmerHale law firm noted, the Federal Trade […]

Healthcare providers covered by Ontario’s privacy law have an extra incentive to follow provincial data protection regulations: They now face administrative fines for serious violations of the provincial law. As of Jan. 1, the Information and Privacy Commissioner of Ontario can issue penalties of up to a maximum of $50,000 for individuals and $500,000 for […]

The office of Canadian Senator Amina Gerba has confirmed the Quebec parliamentarian’s account on the X/Twitter social media platform was hacked this week. Senator Amina Gerba Walter Calderon, the Senator’s executive assistant, made the confirmation Wednesday in a telephone interview. It followed the disclosure of the hack on Tuesday by MalwareHunterTeam, a resource on ransomware […]

Cybercrooks have increased the number of new or stolen Gold checkmarked accounts from the X/Twitter platform offered for sale; they are a valuable way for threat actors to push links to malware on the social media site through what users will see as a post from a trusted source. There has been a surge of […]

A major cybersecurity company is urging governments to forbid all organizations in their countries from paying ransomware gangs, arguing it would at least make crooks shift from hitting critical infrastructure providers such as hospitals, utilities and schools. Emsisoft made the plea Monday in releasing final — and record — ransomware numbers for 2023 for the […]

There’s usually a word or phrase that sums up my annual Cybersecurity Year in Review. “Lack of resilience” was 2022’s theme, highlighting the Canada-wide outage at Rogers Communications. “A crazy mess” was 2021’s theme, because of the SolarWinds Orion and other supply chain hacks. This year, successful ransomware attacks hit a record level. But for […]

U.S. authorities have confirmed the disruption of the AlphV/BlackCat ransomware gang, including the seizure of several of the group’s data leak and communications sites and the publication of a decrypter that victim organizations can use to get access back to scrambled data. The announcement comes after over a week of silence on the gang’s data […]

One of the biggest public school boards in Southern Ontario has publicly acknowledged a cyber attack, over a month after it was detected. The York Region District School Board, which covers an area stretching from Toronto in the south to Lake Simcoe in the north, with a student population of over 128,000, said in a […]

Why were thousands of organizations seemingly defenceless against the zero-day vulnerability in Progress Software’s MOVEit file transfer service, a hole that so far has seen the personal data of tens of millions of people copied by the Clop/Cl0p ransomware gang? That question may be at least partly answered by an investigation into the theft of […]

Identity and access provider Okta now says the threat actor who accessed its customer help desk system last month got the names and email addresses of all contacts of organizations that use its support system. Originally, the company said that, after an investigation, it determined only one per cent of the contacts from its 18,000 […]

Small businesses are the backbone of the Canadian economy. They account for almost all of the private businesses in Canada and employ more than two-thirds of Canada’s private-sector labour force, according to Innovation, Science and Economic Development Canada. They’ve also been responsible for nearly seven out of 10 net new jobs created in recent years […]

Patch SysAid software fast, how Ukraine’s power system was crippled by Russia and more. Welcome to Cyber Security Today. It’s Friday, November 10th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S. IT departments using the on-premise versions of SysAid’s IT support software need to patch these applications immediately. […]

Ontario’s privacy commissioner is looking into the ransomware attack that hit five hospitals linked to a common shared IT provider. “Our office is actively investigating the recent ransomware attacks on the affected hospitals in Southwestern Ontario,” the Office of the Information and Privacy Commissioner of Ontario said in a statement Thursday to IT World Canada. […]

The five southwestern Ontario hospitals and their shared services provider hit by ransomware won’t be able to restore full IT services — including rebuilding the IT network — for over a month, if not longer, according to a statement from the affected institutions. In fact, crucial medical charting of patients won’t be restored until mid-December, […]

Personal data on US military members is easily bought from data brokers, and more. Welcome to Cyber Security Today. It’s Wednesday, November 8th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S. Want to get personal information about active members of the U.S. military? It could cost you as […]

Ransomware is behind last week’s cyber attack against the Toronto Public Library’s IT systems, a spokesperson has confirmed. Ana-Maria Critchley, the library’s manager of communications and stakeholder relations, made the confirmation in an email this morning. However, she wouldn’t comment on questions about how the incident started and how long it will be before the […]

New legislation limiting the use of facial recognition in Canada is needed according to civil liberties groups, who say proposed privacy and artificial intelligence laws now before Parliament are inadequate. The call by the Right2YourFace Coalition comes in advance of the testimony Thursday of one member, the Canadian Civil Liberties Association, before the House of […]