Canadian marketing company hit by data breach, says Ontario liquor board
A Canadian marketing company that counts some of the country’s biggest corporations as its customers has been hit by a data breach. One of them is the Liquor Control Board of Ontario (LCBO), a Crown corporation that sells spirits and wine in stores across the province. In an email sent to customers today, the board
How the fledgling INC ransomware gang struck one victim
It took this gang a week to stage their attack. On the seventh day they d
Scotiatrust US customers sideswiped by MOVEit hack
The U.S. investment advisory division of a Canadian-headquartered bank is among the latest companies to admit it was sideswiped by the exploitation of a zero-day vulnerability in Progress Software’s MOVEit file transfer application. Scotia Wealth Management, part of the Bank of Nova Scotia, acknowledged in a letter filed with the state of Massachusetts that personal
Alberta dental plan administrator paid ransomware gang after attack
Not-for-profit Alberta Dental Services Corp. says gang was paid after proving it had deleted data
Alberta dental plan administrator paid ransomware gang after attack
Not-for-profit Alberta Dental Services Corp. says gang was paid after proving it had deleted data
Ditch SMS-based MFA, urges board investigating Lapsus$ gang’s successful attacks
U.S. Cyber Safety Review board report critical of organizations and carriers for allowing infiltration of even well-defe
Black Hat: Tenable to add AI query module to its Exposure Management platform; DARPA AI Cyber Challenge announced
Analysts can ask the AI module to search an IT environment for vulnerabilities and ge
Solution to hardware flaw in Intel CPUs may cause large performance hit
A hardware flaw in Intel Core and Xeon CPUs lets attackers steal data from other users on the same system, including on servers that use Intel’s SGX memory protections, according to a Google researcher. According to SC Magazine, Daniel Moghimi told the Black Hat 2023 security conference this week that the vulnerability, dubbed “Downfall”, endangers
Hundreds of executives are falling for Microsoft 365 phishing attacks: Report
Attacks, which get around MFA protection, use an adversary-in-the-middle phishing kit, says
Identity-based attacks increasing, warns CrowdStrike
Successful identity-based attacks continue to plague IT departments, according to CrowdStrike’s sixth annual Threat Hunting report. Based on an analysis of what they call interactive intrusions — where a threat actor was operating with hands-on-keyboard in a victim’s IT environment for the 12-month period ending June 30 — researchers found: — there was a 62
