Category: Security
A look back at cybersecurity in 2020
As happy as some of us might be to watch 2020 disappearing into the rearview mirror, we should first indulge in our annual look back to see what cybersecurity trends emerged. By learning from what worked and what didn’t, we...
Tech Time Warp: Father Christmas worm visits NASA
Even hackers get into the holiday spirit. The Santy worm brought unwelcome gifts in December 2004, and the CHRISTMA EXEC brought a charming ASCII tree to screens in 1987. On December 22, 1988, the Father Christmas worm traveled to NASA...
Cybersecurity Threat Advisory: December 2020 Global Intrusion Campaign
Summary On December 8th, 2020, an extremely pervasive and serious global intrusion campaign was detected and communicated to the broader cybersecurity community and the media. The actors behind this campaign gained access to numerous public and private organizations around the...
Cybersecurity Threat Advisory: Cisco Update to Global Intrusion Campaign
Advisory Overview Cisco has reported that internal machines were compromised within one of their lab environments as a result of the vulnerability found in SolarWinds Orion. There were approximately two dozen computers compromised internally, which have reportedly already been identified...
Cybersecurity Threat Advisory: Multiple Vulnerabilities in SolarWinds N-Central
Advisory Overview The Center for Internet Security has announced that multiple vulnerabilities have been discovered in SolarWinds N-Central. The SolarWinds N-Central vulnerabilities are not associated with the SolarWinds Orion security incident. SolarWinds has released patches for the vulnerabilities and all...
Cybersecurity Threat Advisory: Microsoft Update to Global Intrusion Campaign
Advisory Overview Microsoft has released additional information from their investigation into the SolarWinds Orion incident. Part of their investigation revealed that the threat actors execute multiple levels of privilege escalation and authentication theft after initial compromise through the Orion application....
Untrained end users are the biggest threat to cybersecurity
What is the biggest threat to IT infrastructure right now? According to one of Canada’s premier cybersecurity experts, if you answered malware or ransomware or crypto, you’d be wrong. According to Calgary-based cybersecurity leader Sonya Goulet, the most significant risk...
Cybersecurity service providers need to band together
Managed security service providers (MSSPs) along with global systems integrators that focus on security have a unique marketing and sales challenge. A recent global survey of 2,404 business decision makers conducted by B2B International on behalf of STANLEY Security, a...
Zero-Tolerance: Cheap cybersecurity is always a bad bargain
Cybercriminals have discovered a simple trick for multiplying their effectiveness: target MSPs themselves. If breaching one business’ systems is like slipping past a security guard unnoticed, infiltrating an MSP is like stealing that guard’s whole key ring. A successful MSP...
Cybersecurity Threat Advisory: SolarWinds Orion Backdoor
Advisory Overview SolarWinds Orion, a prominent IT monitoring and management solution, has been compromised with a backdoor by a sophisticated state-sponsored threat actor. The application has been discovered communicating with unknown third-party servers through traffic deliberately designed to mimic normal...
