Resources

Blog

Lessons From Teaching Cybersecurity: Week 8

As I had mentioned previously, this year, I’m going back to school. Not to take classes, but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...
Blog

Advocating for Hackers with Chloe Messdaghi

Chloe Messdaghi, VP of Strategy at Point3, advocate and activist joins the show to explain common misconceptions about the hacking community and how we can do better to combat those stigmas. She also unpacks the diversity challenges specifically in the infosec industry. https://open.spotify.com/episode/7G9cXfVFeFxCfoEdhZlHOk?si...
Blog

Apple-Notarized Malware: What It Is and How It Affects Mac Users

Malicious actors are targeting Apple. Although Apple introduced a notarization mechanism to scan and prevent malicious code from running on Apple devices, attackers have found ways to circumvent this process. Such Apple-notarized malware constitutes a threat to macOS users. Let us start by exploring what Apple notarization is. We will then discuss...
Blog

New Mount Locker Ransomware Version Targeting TurboTax Files

A new version of the Mount Locker crypto-ransomware strain is specifically targeting victims' TurboTax files. As reported by Bleeping Computer, Advanced Intel's Vitali Kremez came across a new Mount Locker sample that specifically sought out files used by the TurboTax tax preparation software. In particular, Kremez observed the sample going after...
Blog

Egregor Ransomware Attack Hijacks Printers to Spit Out Ransom Notes

So, you're a ransomware gang and you want to ensure that you have caught the attention of your latest corporate victim. You could simply drop your ransom note onto the desktop of infected computers, informing the firm that their files have been encrypted. Too dull? You could lock infected PCs and display a ghoulish skull on a bright red...
Blog

Phishers Using Redirector Sites with Custom Subdomains for Evasion

Malicious actors launched a phishing attack that's using redirector websites with custom subdomains in order to evade detection. On November 16, Microsoft Security Intelligence tweeted out that it had spotted the phishing attack attempting to lure in recipients with emails disguised as password update reminders, helpdesk tickets and other seemingly...
Blog

Adventures in MQTT Part II: Identifying MQTT Brokers in the Wild

The use of publicly accessible MQTT brokers is prevalent across numerous verticals and technology fields. I was able to identify systems related to energy production, hospitality, finance, healthcare, pharmaceutical manufacturing, building management, surveillance, workplace safety, vehicle fleet management, shipping, construction, natural resource...
Blog

WebNavigator Browser Released by Well-Known Search Hijackers

Security researchers found several clues linking the WebNavigator web browser to well-known search hijackers. A Chromium-based browser, WebNavigator promises users that it'll simplify their web browsing experience by providing "quick access" to their bookmarks. The browser also claims to yield quick search results by starting up with Windows and by...
Blog

Zoom Releases New Security Features to Counter Zoombombing

Zoom released new security features to help its users counter disruptive meeting intrusions, otherwise known as "Zoombombing." Matt Nagel, security & privacy PR lead at the American communications technology company, announced in a blog post on November 16 that Zoom had released two new anti-Zoombombing features over the previous weekend. The...
Blog

Lessons from Teaching Cybersecurity: Week 7

As I had mentioned previously, this year, I’m going back to school. Not to take classes, but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...
Blog

7 Challenges that Stand in the Way of Your Compliance Efforts

Compliance is very important to any organization. Organizations have many standards to choose from including PCI, CIS, NIST and so on. Oftentimes, there are also multiple regulations that are applicable in any country. So, organizations need to commit some time and resources in order to apply security standards and achieve compliance. Even so,...
Blog

SEC’s Office of Compliance Inspection and Examinations Warns of a Sudden Increase in Credential Stuffing Hack

Recently, the Securities and Exchange Commission’s exam division issued a Risk Alert (the “Alert”) where it carried out several targeted cybersecurity investigations. The agency is now concerned with how there’s been an increase in a specific type of hack known as “credential stuffing.“ This cyberattack involves using stolen credentials to log into...
Blog

Successful Ransomware Attacks on Education Sector Grew 388% in Q3 2020

The number of successful ransomware attacks on the education sector increased 388% in the third quarter of 2020. According to Emsisoft, the education sector reported 31 ransomware incidents in Q3 2020. That's a 388% increase over the 8 incidents that occurred in the previous quarter. Nine of the 31 ransomware attacks disclosed in the third quarter...
Blog

The North Face resets passwords after credential-stuffing attack

An undisclosed number of customers of outdoor clothing retailer The North Face have had their passwords reset by the company, following a credential-stuffing attack. The company has revealed that on October 9, 2020, it became aware that hackers had used usernames and passwords stolen from a third-party website to gain unauthorised access to...
Blog

Changes to Microsoft Security Bulletins

For those that have been in the industry for more than a couple of years, you will remember when Microsoft retired the very powerful and well-documented security bulletins back in 2017. At the time, we felt that it was a severe reduction in the availability of information; Microsoft was suddenly communicating much less information. Yesterday, they...