Solutions: Threat Remediation

Card image

Seven Steps To Help Secure Critical Infrastructure

Michelle Drolet

Critical infrastructure and public sector organizations such as governments and municipalities, manufacturing units, communication networks, transportation services, and power and water treatment plants have been battling a growing wave of breaches and cyberattacks. Three main reasons exist why critical infrastructure is being targeted: • Opportunity for real-world disruption. Attacks on railways, ports or air control systems can create shortages

Read more

4 Minute 29 Second Read

Card image

The Five Main Steps In A Compliance Risk Assessment Plan

Michelle Drolet

Religious organizations, Houses of Worship (HoWs) and missionaries (schools, hospitals, non-profits) often carry a false notion that they are at least risk of cyber-attacks (compared to ordinary businesses), because they are not involved in buying and selling of commercial goods and services. Contrary to this popular belief, cybercriminals have been regularly targeting churches, catholic organizations, and even the Vatican.

Read more

0 Minute 0 Second Read

Card image

8 Takeaways from Apple 2023 Threat Research – Are you prepared?

Michelle Drolet

Religious organizations, Houses of Worship (HoWs) and missionaries (schools, hospitals, non-profits) often carry a false notion that they are at least risk of cyber-attacks (compared to ordinary businesses), because they are not involved in buying and selling of commercial goods and services. Contrary to this popular belief, cybercriminals have been regularly targeting churches, catholic organizations, and even the Vatican.

Read more

0 Minute 0 Second Read

Card image

7 Ways to Keep Your Plastic Surgery Practice Cyber-Secure

Michelle Drolet

In an era where data breaches and cyber threats loom, the security of patient information in plastic surgery practices (PSPs) is more critical than ever. Envision a scenario where, in a mere moment, the confidential data of your patients is at risk, posing a serious threat to the trust they place in your practice and

Read more

6 Minute 21 Second Read

Card image

Eight Cybersecurity Trends To Watch For 2024

Michelle Drolet

In 2024, for cybersecurity, we’re entering an era where advanced AI tools and intricate social engineering tactics (especially during election years) are changing the game. To avoid potential cyber threats, businesses, governments and individuals must grasp these emerging trends. Trend 1. Rise Of Cybersecurity AI In 2024, AI’s role in cybersecurity will expand to encompass automated

Read more

4 Minute 29 Second Read

Card image

Cannabis Industry Must Take Cybersecurity Seriously To Protect Client Data, Or Else Risk Everything

#Cannabis

Michelle Drolet

Cyber threats such as ransomware, phishing and data theft pose significant risks to cannabis dispensaries. These attacks can disrupt operations with long recovery delays, compromise client data, invite litigation and damage business reputations. IBM says the average global cost of a data breach is $4.45 million, prompting 51% of organizations to raise their security budgets. Implementing security measures

Read more

4 Minute 31 Second Read

Card image

Vulnerability Alert: Two Microsoft Zero-Day Vulnerabilities Exploited by Attackers

Michelle Drolet

  Last week, Microsoft patched two zero-day vulnerabilities (CVE-2023-36884 and CVE-2023-38180). These vulnerabilities are part of Microsoft’s August 2023 Patch Tuesday, which also includes security updates for 87 vulnerabilities. Both of these vulnerabilities were exploited in cyberattacks, and one of them was publicly disclosed prior to the patch release. CVE-2023-36884 CVE-2023-36884 is a remote code

Read more

2 Minute 18 Second Read

Card image

Vulnerability Alert: Windows Zero-Day Actively Exploited by Ransomware Group

Michelle Drolet

What You Need to Know: A zero-day vulnerability (CVE-2023-28252) was found in the Windows Common Log File System (CLFS) and is being actively exploited. The vulnerability allows attackers to gain SYSTEM privileges on target Windows systems and deploy Nokoyawa ransomware payloads. CISA’s Known Exploited Vulnerabilities catalog now includes CVE-2023-28252, which impacts all versions of supported

Read more

1 Minute 15 Second Read

Card image

Vulnerability Alert: Apple Patches Two Vulnerabilities, Including a Zero-Day

Michelle Drolet

What You Need to Know: In response to attacks aimed at hacking iPhones, iPads, and Macs, Apple issued urgent security updates that address two vulnerabilities, one of which is a zero-day vulnerability. The first vulnerability, tracked as CVE-2023-23529 [1,2], is a WebKit confusion zero-day that can lead to OS crashes and the execution of arbitrary

Read more

1 Minute 47 Second Read

Card image

Vulnerability Alert: High-Severity JsonWebToken Library Vulnerability

Michelle Drolet

What You Need to Know: A vulnerability was found in the open source JsonWebToken (JWT) library. According to Palo Alto Networks Unit 42, CVE-2022-23529 it could allow an attacker to achieve remote code execution (RCE) on a server verifying a maliciously crafted JSON web token request. The vulnerability impacts JsonWebToken package version 8.5.1 and earlier.

Read more

1 Minute 59 Second Read