In today's interconnected world, organizations are responsible for their cyber security practices as well as those of their third-party vendors. With increasingly complex risk management scenarios, the impact of a data breach can be catastrophic for an entire supply chain. According to a study by IBM, 83% of U.S. companies who participated have experienced a data breach more...

New regulations are already keeping IT professionals on their toes in 2023. One monumental change for California residents and businesses is the California Privacy Rights Act (CPRA). The legislation came into force on January 1, 2023. Legislators drafted the new rules to empower consumers and close gaps in the California Consumer Privacy Act (CCPA). The CPRA gives customers...

Hackers are targeting hundreds of thousands of Google users with fake Google Drive notifications and emails to try and trick them into visiting malicious websites.

As much as we can say that cyber security measures are advancing, we can say the same about cyber criminals and their strategies. In 2022, ransomware attacks occurred every 11 seconds on average, at a global annual cost to businesses and governments of $20 billion US. Costs are rising in part due to the growing ransoms demanded from victims. While estimates of the average...

Biometric authentication, such as face IDs, retina scans, and fingerprints, were introduced to our devices to increase security. At first, it felt like it was doing what it was meant to do. Plus, the convenience it brought with it was top-notch. I mean, accessing your smartphone with your thumb? Logging into your bank account using your face ID? Amazing. However, over the...

This financial sector’s reliance on computer systems and network has made it an attractive target for cyber attacks, now the biggest risk to the UK financial system. In its latest Financial Stability Report, the Bank of England (BoE) agrees that cyber threats may be prevalent in 2023. The BoE said that it is working to strengthen defenses against cyber attacks. The report...

There is a sharp rise in cyber attacks targeting businesses and organizations across Australia. The nature of these attacks ranges from ransomware and phishing scams to distributed denial-of-service (DDoS) attacks, with some estimates suggesting that the number of cyber incidents could be as high as one million per year. The financial cost of these cyber attacks is immense,...

On November 1st, 2022, Dropbox became the victim of a cyber attack where source code repositories, as well as names and emails of their employees, were unauthorizedly accessed. It is not yet clear how the unauthorized access took place, but Dropbox has said that they are investigating the matter. The company is urging all users to change their passwords as a precautionary...

On September 15, the Hive ransomware group claimed to have launched an attack against Bell Technology Solutions on August 20, 2022. The compromised information contained approximately 1.9 million active email addresses, 1,700 names, and active phone numbers. Bell Technology Solutions is a subsidiary of Bell Canada, a leading communications company and communications provider...

Phishing threats are everywhere, and if your employees don’t know how to spot them, you’re putting your information at risk. Knowing how to build a successful phishing simulation is vital for identifying how well employees can spot the latest threats and ensuring they know how to spot them independently. Unfortunately, many organizations fail to offer adequate security...

At the start of April, hackers leaked the data of 533 million Facebook users from 106 countries in an online hacking forum. The leaked data included the private information of Facebook users like full names, phone numbers, email addresses, locations, Facebook IDs, and biographical data. While hackers obtained the information in 2019, there are serious concerns over how cyber...

The disruption caused by the Covid-19 pandemic saw enterprises across the globe rapidly adopt remote working to support social distancing and comply with quarantine restrictions implemented by national governments. Amid this chaos, many cyber criminals created new phishing scams and other online threats, leading to many high profile data breaches. One of the most alarming...

In mid-August, cybercriminals targeted the Canada Revenue Agency with two credential stuffing attacks, obtaining the usernames and passwords of 9,041 GCKey accounts, and 5,500 CRA accounts. The fraudsters then used the stolen login credentials to apply for the Canadian Emergency Response Benefit (CERB). In response to the attack, a statement released by the Office of the Chief...

(7 min read) Using online security awareness training to lower your click rate Recognizing a potential phishing email is the first step in avoiding falling victim to a cyber attack. The next and most important step is knowing what to do with this email. Ideally, you want your employees to report the phishing email to you and then delete the message. However, curiosity is...

Social networking overlaps corporate and personal lives, and so should the mission to create a culture of security awareness. It’s true. There was little – if nothing – any Facebook user could have done to prevent their passwords from getting exposed earlier this spring. Just look at the facts of the case, said Theo Zafirakos, Chief Information Security Officer and Security...

You can have the most powerful, cutting-edge security technology in the world, but if a user clicks on the link in a malicious email, lets a stranger tailgate into your building or uses 1234 as their login password, they unwittingly open your organization up to a cyber security breach. The fact is that the human risk factor remains your greatest point of vulnerability when it...