January 2022

Should you beware of wearables? Here’s what you should know about the potential security and privacy risks of your smartwatch or fitness tracker. Smartwatches, fitness trackers and other wearables are fast becoming almost as familiar to us as our mobile phones and tablets. These connected gadgets do much more than tell the time. They track our health, display our emails, control our smart homes and can...

Read More

Google Chrome has announced plans to prohibit public websites from directly accessing endpoints located within private networks as part of an upcoming major security shakeup to prevent intrusions via the browser. The proposed change is set to be rolled out in two phases as part of releases Chrome 98 and Chrome 101 scheduled in the coming months via a newly implemented W3C specification called private network...

Read More

There are three major players when it comes to patch management: security analysts, IT professionals, and attackers. And unfortunately, there is usually a lot of friction between the security and IT teams, preventing them from successfully defending against the attackers. This leads to an asymmetric threat where an attacker only needs to know one weakness or vulnerability to be successful, while the defenders must know...

Read More

Threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver commodity remote access trojans (RATs) such as Nanocore, Netwire, and AsyncRAT to siphon sensitive information from compromised systems. The spear-phishing attacks, which commenced in October 2021, have primarily targeted entities located in the U.S., Canada, Italy, and Singapore, researchers from Cisco Talos said in a report shared with...

Read More

The director for the Academic Center for Computing and Media Studies within the Institute for Information Management and Communication at Japan’s Kyoto University, Toshio Okabe, issued an apology on December 28 to users of the supercomputing systems for losing approximately 77 terabytes of user data, which comprised approximately a mere 34 million files from 14 research groups. The apology follows the advisory that users had received...

Read More

We now live in a world where cyberattacks can shut down critical infrastructure. Those who follow the mega-trends driving the global economy — like the convergence of the digital revolution and the energy transition — understand that with more and more critical infrastructure remotely operated or digitally managed, it was only a matter of time before a cyberattack caused disruptions that crossed over into the...

Read More

The Apache Log4j vulnerability has made global headlines since it was discovered in early December. The flaw has impacted vast numbers of organizations around the world as security teams have scrambled to mitigate the associated risks. Here is a timeline of the key events surrounding the Log4j vulnerability as they have unfolded. Thursday, December 9: Apache Log4j zero-day exploit discoveredApache released details on a critical vulnerability...

Read More

Let’s take a look at some statistics that will help you stay up-to-date on recent cybersecurity trendsAs the roller-coaster of a ride that was 2021 comes to a close and we’re entering a more hopeful new year, we thought it apt to compile a list of impactful cybersecurity statistics that should help you stay at the top of your security and privacy game over the...

Read More