HomeSecurity

Security

Red Hat, Ubuntu issue warnings over Linux kernel vulnerability

Red Hat and Ubuntu have issued warnings about a serious vulnerability in their Linux distributions. It's described as a heap-based buffer overflow flaw (CVE 2022-0185)....

Canada urges critical infrastructure firms to be ready for Russian-based cyber attacks

The agency that defends Canada's IT networks is warning firms here -- particularly banks, airlines, telcos, and others in the critical infrastructure sectors --...

Admins urged to patch SolarWinds Serv-U against Log4J bug

IT administrators whose firms use SolarWinds' Serv-U file transfer application are being urged to install an update after the discovery of a Log4j2 vulnerability. Microsoft,...

Microsoft releases out-of-band patches to address issues from January’s Patch Tuesday

Microsoft has issued a series of out-of-band (OOB) patches to correct problems, which included Windows domain controller boot loops and Hyper-V failure, caused by...

Many Canadian, U.S. SMB websites vulnerable to spoofing, clickjacking and sniffing, says vendor

Websites of Canadian and American small and medium businesses continue to be vulnerable to spoofing, clickjacking and sniffing, according to a report from a...

Coffee Briefing Jan. 18, 2022 – IBM Canada’s new president; TD’s new stock-trading app; Trulioo’s first CPO; and more

Coffee Briefings are timely deliveries of the latest ITWC headlines, interviews, and podcasts. This briefing is delivered by IT World Canada's editorial team!

Bug in Safari can leak browsing activity, user identity, says report

A bug in the Safari 15 browser lets any website track a user's internet activity and possibly reveal their identity, according to researchers at...

Log4Shell bug used to deploy NightSky ransomware on VMware Horizon, says Microsoft

Threat actors continue trying to exploit the vulnerabilities in the open-source Apache log4j2 library collectively known as Log4Shell, according to security researchers, meaning IT...

Vulnerabilities in WordPress plugins more than doubled in 2021: Report

Vulnerabilities in WordPress plugins more than doubled in 2021 compared to the previous year, according to a report, a worrying trend because most can...

Coffee Briefing Jan. 11, 2022 – LG joins IBM Quantum Network; Telus program gets global privacy recognition; YRP adopts e-notes-taking solution; and more

Coffee Briefings are timely deliveries of the latest ITWC headlines, interviews, and podcasts. Today’s Coffee Briefing is delivered by IT World Canada's editorial team! Missed...

Rootkit in HPE server management module can wipe hard drives: Report

Administrators with HPE servers in their environments are being warned that a rootkit is circulating that takes advantage of a vulnerability in the Integrated...

Microsoft rushes fix for Exchange ‘year 2022’ bug that blocks email

Some Microsoft Exchange admins coming to work today may be facing their first challenge of the new year: Installing a patch to fix jammed...

Five nations issue alert and comprehensive guidance for fighting Log4Shell vulnerabilities

Canada and its Five Eyes intelligence partners have issued a joint alert on the Log4Shell and related critical vulnerabilities to make sure infosec pros...

Apache issues third Log4j patch, new attack vector found

The Log4j crisis continues, with new developments almost daily. Among the latest developments --Apache has issued a third update to correct bugs in the Java-based logging...

How falling for a phishing email led to a crippling ransomware attack in Ireland

On March 18th, an employee in Ireland's healthcare system clicked on and downloaded a malicious Microsoft Excel spreadsheet in an email. According to an official...

Trending in Security