Category: <span>security</span>

nc efi placeholder

Microsoft Defender Antivirus will now automatically mitigate on-premises Exchange Server vulnerabilities

Despite Microsoft’s efforts, there are still thousands of on-premise Exchange Servers which are unpatched and vulnerable to being exploited by hackers for data theft and ransomware attacks. So far Microsoft has released a comprehensive Security Update, a one-click interim Exchange On-Premises Mitigation Tool for both current and out-of-support versions of on-premises Exchange Servers, and step-by-step guidance to help address […]
Read more
nc efi placeholder

Hackers offers to sell Microsoft, Cisco, more source code related to Solarwinds incident

We reported last week that Microsoft’s investigation of the Solarwinds hack discovered that hackers appear to have compromised some of their internal accounts and had viewed some Microsoft source code. Now a hacker is offering to sell access to the Windows 10 source code for $600,000. Gallery The news was reported by security researcher Jake […]
Read more
nc efi placeholder

Microsoft takes down botnet responsible for infecting nine million computers

Microsoft says that it has disrupted a botnet that was behind one of the largest cybercrime networks. The botnet, which is called Necurs, is responsible for infecting around nine million computers around the world. It’s also known as having one of the largest spam email networks. Necurs reportedly creates 3.8 million spam emails every two […]
Read more
nc efi placeholder

Microsoft leaks presence of unpatched wormable exploit in Windows 10 SMB Servers

Microsoft has accidentally revealed the presence of a wormable exploit in the SMBV3 protocol during their Patch Tuesday infodump, but without releasing a patch for the same flaw, leaving all recent installations vulnerable. Affected PCs of the CVE-2020-0796 vulnerability include Windows 10 v1903, Windows10 v1909, Windows Server v1903, and Windows Server v1909. It is suspected […]
Read more
nc efi placeholder

Analysis shows over the last decade Windows 10 had fewer vulnerabilities than Linux, Mac OS X and Android

An analysis of the National Institute of Standards and Technology’s National Vulnerability Database has shown that, if the number of vulnerabilities is any indication of exploitability, Windows 10 appears to be a lot safer than Android, Mac OS or Linux. Over the last decade, Debian Linux had 3067 technical vulnerabilities, which they defined as “a […]
Read more
nc efi placeholder

HTTPS is Easy! | CSS-Tricks

I’ve been guilty of publicly bemoaning the complexity of HTTPS. In the past, I’ve purchased SSL certificates from third-party vendors and had trouble installing them. I’ve had certificates expire and had to scramble to fix them. I’ve had to poke and prod hosting companies to help me ensure things were going to renew correctly, and […]
Read more
nc efi placeholder

Scotiabank donates $750,000 to University of Ottawa for AI research

Scotiabank is donating $750,000 to the University of Ottawa to launch the Scotiabank AI & Society Initiative. The initiative will focus on two research projects. The first project will support research focused on design ethics and inclusive AI systems. The second project will explore global AI regulations and how they might impact Canadian policies. Scotiabank […]
Read more
nc efi placeholder

SpiceJet data breach affects 1.2 million passengers: Report

A data breach has hit one of India’s largest privately-held carriers, SpiceJet, affecting 1.2 million passengers in the country. Security researchers who first revealed the data breach told TechCrunch that they gained access to the carrier’s systems by brute-forcing the system’s easily guessable password. In a statement, SpiceJet said: “At SpiceJet, safety and security of […]
Read more
nc efi placeholder

Facebook reaches settlement for lawsuit over facial recognition for $550 million

Facebook has settled a lawsuit over its use of facial recognition in its ‘Tag Suggestions’ feature for $550 million USD (roughly $727 million CAD). The plaintiffs sued Facebook in 2015, and accused the social media giant of violating the Biometric Information Privacy Act in Illinois by collecting biometric data with users’ consent. Last year, Facebook […]
Read more
nc efi placeholder

CIRA accepting funding applications for digital literacy, cybersecurity projects

The Canadian Internet Registration Authority has opened up applications for its annual $1 million CAD Community Investment Program initiative. Starting now, charities and researchers can apply for funding to improve the quality of Canada’s internet. CIRA is looking for projects based on infrastructure research that improves internet speeds and costs. It’s also interested in projects […]
Read more
nc efi placeholder

Here are the details of the critical Windows vulnerability the NSA discovered

We reported yesterday there was a major vulnerability in Windows which undermined the cryptographic foundation of the OS. Today Microsoft released a patch for the vulnerability and also details regarding the issue. The “broad cryptographic vulnerability” was discovered by the US National Security Agency (NSA), as confirmed by the NSA Director of Cybersecurity Anne Neuberger. […]
Read more
nc efi placeholder

Microsoft expected to patch major Windows security flaw today, and may NOT patch Windows 7

Today is Patch Tuesday, and there are reports by publication KrebsonSecurity that Microsoft may be getting ready to patch a very serious cryptographic flaw in Windows which could leave installations vulnerable to malware spoofing as trusted components. Sources say Microsoft on Tuesday will fix an extraordinarily scary flaw in all Windows versions, in a core […]
Read more
nc efi placeholder

Assurance Wireless’s government-subsidised UMX U683CL smartphone comes with pre-installed malware

Security company Malwarebytes has discovered a US Government-subsidized low-cost smartphone is being sold to customers with pre-installed malware. The UMX U683CL, being sold by Virgin Mobile’s Assurance Wireless program for only $35 (due to the Lifeline Assistance program) comes pre-loaded with two trojans, one of which can not be removed. The two trojans are Android/PUP.Riskware.Autoins.Fota.fbcvd […]
Read more