Category: security

Microsoft takes down botnet responsible for infecting nine million computers

Microsoft takes down botnet responsible for infecting nine million computers

Microsoft says that it has disrupted a botnet that was behind one of the largest cybercrime networks. The botnet, which is called Necurs, is responsible for infecting around nine million computers around the world. It’s also known as having one of the largest spam email networks. Necurs reportedly creates 3.8 million spam emails every two […]
Read more

Microsoft leaks presence of unpatched wormable exploit in Windows 10 SMB Servers

Microsoft has accidentally revealed the presence of a wormable exploit in the SMBV3 protocol during their Patch Tuesday infodump, but without releasing a patch for the same flaw, leaving all recent installations vulnerable. Affected PCs of the CVE-2020-0796 vulnerability include Windows 10 v1903, Windows10 v1909, Windows Server v1903, and Windows Server v1909. It is suspected […]
Read more
Analysis shows over the last decade Windows 10 had fewer vulnerabilities than Linux, Mac OS X and Android

Analysis shows over the last decade Windows 10 had fewer vulnerabilities than Linux, Mac OS X and Android

An analysis of the National Institute of Standards and Technology’s National Vulnerability Database has shown that, if the number of vulnerabilities is any indication of exploitability, Windows 10 appears to be a lot safer than Android, Mac OS or Linux. Over the last decade, Debian Linux had 3067 technical vulnerabilities, which they defined as “a […]
Read more

HTTPS is Easy! | CSS-Tricks

I’ve been guilty of publicly bemoaning the complexity of HTTPS. In the past, I’ve purchased SSL certificates from third-party vendors and had trouble installing them. I’ve had certificates expire and had to scramble to fix them. I’ve had to poke and prod hosting companies to help me ensure things were going to renew correctly, and […]
Read more

Scotiabank donates $750,000 to University of Ottawa for AI research

Scotiabank is donating $750,000 to the University of Ottawa to launch the Scotiabank AI & Society Initiative. The initiative will focus on two research projects. The first project will support research focused on design ethics and inclusive AI systems. The second project will explore global AI regulations and how they might impact Canadian policies. Scotiabank […]
Read more

SpiceJet data breach affects 1.2 million passengers: Report

A data breach has hit one of India’s largest privately-held carriers, SpiceJet, affecting 1.2 million passengers in the country. Security researchers who first revealed the data breach told TechCrunch that they gained access to the carrier’s systems by brute-forcing the system’s easily guessable password. In a statement, SpiceJet said: “At SpiceJet, safety and security of […]
Read more

Facebook reaches settlement for lawsuit over facial recognition for $550 million

Facebook has settled a lawsuit over its use of facial recognition in its ‘Tag Suggestions’ feature for $550 million USD (roughly $727 million CAD). The plaintiffs sued Facebook in 2015, and accused the social media giant of violating the Biometric Information Privacy Act in Illinois by collecting biometric data with users’ consent. Last year, Facebook […]
Read more

CIRA accepting funding applications for digital literacy, cybersecurity projects

The Canadian Internet Registration Authority has opened up applications for its annual $1 million CAD Community Investment Program initiative. Starting now, charities and researchers can apply for funding to improve the quality of Canada’s internet. CIRA is looking for projects based on infrastructure research that improves internet speeds and costs. It’s also interested in projects […]
Read more

Here are the details of the critical Windows vulnerability the NSA discovered

We reported yesterday there was a major vulnerability in Windows which undermined the cryptographic foundation of the OS. Today Microsoft released a patch for the vulnerability and also details regarding the issue. The “broad cryptographic vulnerability” was discovered by the US National Security Agency (NSA), as confirmed by the NSA Director of Cybersecurity Anne Neuberger. […]
Read more

Microsoft expected to patch major Windows security flaw today, and may NOT patch Windows 7

Today is Patch Tuesday, and there are reports by publication KrebsonSecurity that Microsoft may be getting ready to patch a very serious cryptographic flaw in Windows which could leave installations vulnerable to malware spoofing as trusted components. Sources say Microsoft on Tuesday will fix an extraordinarily scary flaw in all Windows versions, in a core […]
Read more

Assurance Wireless’s government-subsidised UMX U683CL smartphone comes with pre-installed malware

Security company Malwarebytes has discovered a US Government-subsidized low-cost smartphone is being sold to customers with pre-installed malware. The UMX U683CL, being sold by Virgin Mobile’s Assurance Wireless program for only $35 (due to the Lifeline Assistance program) comes pre-loaded with two trojans, one of which can not be removed. The two trojans are Android/PUP.Riskware.Autoins.Fota.fbcvd […]
Read more

Microsoft hijacks 50 domain names from Thallium hacker group

Microsoft has posted about its latest victory against state-sponsored hacker groups after the U.S. District Court for the Eastern District of Virginia agreed to allow Microsoft to confiscate 50 domain names from state-sponsored Korean hacker group Thallium. This network was used to target victims and then compromise their online accounts, infect their computers, compromise the security […]
Read more

U.S. government study on facial recognition reveals racial, gender bias

A U.S. government study has revealed that many facial recognition systems misidentify people of colour more often than Caucasian people. The study was conducted by the National Institute of Standards and Technology (NIST), and found that many facial recognition algorithms falsely identified Black and Asian faces more than Caucasian faces. “For one-to-one matching, the team […]
Read more

LifeLabs discloses cyberattack potentially impacting 15 million customers

LifeLabs has disclosed that it has faced a cyberattack that could have potentially impacted the information of 15 million customers. It has stated that the information of the 15 million customers was on computer systems that were potentially accessed in the breach. The majority of impacted customers are located in British Columbia and Ontario. Investigations […]
Read more

Detecting Inactive Users | CSS-Tricks

Most of the time you don’t really care about whether a user is actively engaged or temporarily inactive on your application. Inactive, meaning, perhaps they got up to get a drink of water, or more likely, changed tabs to do something else for a bit. There are situations, though, when tracking the user activity and […]
Read more

Snatch ransomware use new Safe Mode exploit

Sophos’s research team has identified a new exploit in the wild which uses a Windows feature to bypass security software installed on a PC. The Snatch ransomware crashes your computer and forces it to reboot into Safe Mode. In Safe Mode antivirus and other security software are normally disabled, allowing the software, which auto-starts as […]
Read more
X