Industries: Cannabis

Michelle Drolet

In 2024, for cybersecurity, we’re entering an era where advanced AI tools and intricate social engineering tactics (especially during election years) are changing the game. To avoid potential cyber threats, businesses, governments and individuals must grasp these emerging trends. Trend 1. Rise Of Cybersecurity AI In 2024, AI’s role in cybersecurity will expand to encompass automated

Michelle Drolet

Cyber threats such as ransomware, phishing and data theft pose significant risks to cannabis dispensaries. These attacks can disrupt operations with long recovery delays, compromise client data, invite litigation and damage business reputations. IBM says the average global cost of a data breach is $4.45 million, prompting 51% of organizations to raise their security budgets. Implementing security measures

Michelle Drolet

  Last week, Microsoft patched two zero-day vulnerabilities (CVE-2023-36884 and CVE-2023-38180). These vulnerabilities are part of Microsoft’s August 2023 Patch Tuesday, which also includes security updates for 87 vulnerabilities. Both of these vulnerabilities were exploited in cyberattacks, and one of them was publicly disclosed prior to the patch release. CVE-2023-36884 CVE-2023-36884 is a remote code

Michelle Drolet

The threat landscape continues to change as bad actors refine their cybercrime tactics and expand their attack options. Cyberattacks continue to break new records and bad actors keep getting better at what they do. The only way organizations can truly defend themselves is by gaining an understanding of how cyber threats are evolving, acquiring the knowledge

Michelle Drolet

What You Need to Know: A zero-day vulnerability (CVE-2023-28252) was found in the Windows Common Log File System (CLFS) and is being actively exploited. The vulnerability allows attackers to gain SYSTEM privileges on target Windows systems and deploy Nokoyawa ransomware payloads. CISA’s Known Exploited Vulnerabilities catalog now includes CVE-2023-28252, which impacts all versions of supported

Michelle Drolet

What You Need to Know: In response to attacks aimed at hacking iPhones, iPads, and Macs, Apple issued urgent security updates that address two vulnerabilities, one of which is a zero-day vulnerability. The first vulnerability, tracked as CVE-2023-23529 [1,2], is a WebKit confusion zero-day that can lead to OS crashes and the execution of arbitrary

Janelle Drolet

Janelle Drolet was recently named The Most Admired Women Leaders in Business, 2023 by CIO Views   It’s a sad fact of doing business – criminal hackers are continuously evolving their tactics to breach defenses, steal intellectual property and deploy ransomware. To combat them, a business needs leadership capable of keeping the company’s security controls

Michelle Drolet

Michelle Drolet was recently named The Most Admired Women Leaders in Business, 2023 by CIO Views   Many people equate money with success. Although, money is not a bad indicator, but it is not the end all be all. To me success is being blessed with a beautiful family, my Towerwall team members and our

Michelle Drolet

The Commonwealth of Massachusetts may soon approve a data privacy bill called the Massachusetts Information Privacy and Security Act, which will make the state a national leader in regulation of data privacy and security. There are extensive fines and penalties for non-compliance, and the ruling will allow individuals to sue organizations for data breaches. Who

Michelle Drolet

What You Need to Know: A vulnerability was found in the open source JsonWebToken (JWT) library. According to Palo Alto Networks Unit 42, CVE-2022-23529 it could allow an attacker to achieve remote code execution (RCE) on a server verifying a maliciously crafted JSON web token request. The vulnerability impacts JsonWebToken package version 8.5.1 and earlier.