Monday, November 30

Security

18Nov By thecanadianNo Comments
Business, Canadian Centre for Cybersecurity, privacy, Privacy & Cloud, Security

Canada’s Top Cybersecurity Agency Names Four Countries As ‘Greatest Strategic Threats’

The Canadian Center for Cyber ​​Security has revealed that state-sponsored programs in China, Russia, Iran, and North Korea pose the greatest strategic threats. In its last annual report, the agency revealed that state sponsorship is generally the most sophisticated threat to Canadians. State-sponsored threat actors are motivated by economic, ideological, and geopolitical objectives. Its activities include cyber espionage, intellectual property theft, online influence operations and disruptive cyber attacks. Actors are likely to try to develop cyber capabilities to disrupt critical infrastructure, such as electricity supplies, to further their goals, according to the report. "We consider it highly unlikely, however, that cyber threat actors will intentionally seek to disrupt Canadi...
Read More
17Nov By thecanadianNo Comments
Business, Government, Navdeep Bains, privacy, Privacy & Cloud, Security

Proposed privacy bill promises transparency for Canadians and heavy penalties for organizations

Innovation Minister Navdeep Bains has presented the proposal Digital letter implementation law to modernize Canadian privacy laws. Bains pointed out at a press conference that the law will give Canadians greater control over their data and provide transparency on how companies handle personal information. The new legislation creates a new Consumer Privacy Protection Act, which eliminates the electronic documents section of the Personal Information Protection and Electronic Documents Act (PIPEDA). If the bill passes, companies could face fines of up to five percent of their revenue or $ 25 million, whichever is greater, for serious crimes. Bains declared that these would be the "strongest fines among the G7". The law gives the privacy commissioner powers to make orders, including th...
Read More
17Nov By thecanadianNo Comments
microsoft, News, pluton, Security, Tablets & Computers, TPM

Microsoft’s new Pluton chip will improve security on Windows PCs

Microsoft announced its new 'Pluton' security processor, a 'chip-to-cloud' security technology designed to protect key areas of computers that are currently not accessible with traditional hardware and software protection methods. The Redmond, Washington-based company collaborated with silicon partners including AMD, Intel and Qualcomm on the Pluton security processor. Microsoft says Pluto pioneered Xbox and Azure Sphere. Microsoft explained that improvements in Windows 10 have made things difficult for attackers. As such, attackers have changed their target and are now targeting the junctions between hardware and software, which cannot be monitored for breaches using traditional tools such as antivirus software. Microsoft says the Pluton security processor will make it much more...
Read More
12Nov By thecanadianNo Comments
ai, Artificial Intelligence, Business, Daniel Therrien, Government, Privacy & Cloud, privacy commisioner, Security

Privacy watchdog calls for regulation of artificial intelligence to ensure privacy rights are protected

Canada's Privacy Commissioner has released key recommendations for regulating artificial intelligence. Commissioner Daniel Therrien has stated that while AI has the potential to help address many of today's pressing issues, Canadians' fundamental right to privacy must be respected. "Artificial intelligence holds great promise, but it must be implemented in a way that respects privacy, equality and other human rights," Therrien said in a statement. "A rights-based approach will support innovation and responsible development of artificial intelligence." The commissioner's office is calling for legislation that helps harness the benefits of technology while protecting privacy. “Uses of AI that are based on people's personal informa...
Read More
29Oct By thecanadianNo Comments
Business, Cadillac Fairview, privacy, Privacy & Cloud, Privacy Commissioner of Canada, Security

Cadillac Fairview collected millions of images from buyers without consent, privacy watchdog say

Cadillac Fairview collected images from five million buyers without consent, according to federal privacy commissioners, Alberta and BC. The commissioners 'investigation reveals that the commercial real estate company incorporated cameras into its digital information kiosks in 12 Canadian shopping malls and used facial recognition technology without customers' consent. The company claims that the goal behind the scenes was to analyze the age and gender of buyers and not to identify individuals. Cadillac Fairview says shoppers learned of the activity through stickers it had placed on the mall's entrance doors that referred to its privacy policy. However, the commissioners found this measure to be insufficient. "Commissioners foun...
Read More
21Oct By thecanadianNo Comments
Business, Chrome, Cybersecurity, Google, Privacy & Cloud, Security

Google fixes Chrome bug not following requests to delete Google site data

An iOS developer has discovered a Chrome bug that doesn't honor user requests to delete Google site data. When users ask Chrome to delete all cookies and site data every time they exit the browser, users expect the policy to apply to all websites. However, the bug has prevented Google and YouTube data from being deleted. IOS developer Jeff Johnson posted a blog post claiming that it found local storage data for Google.com and YouTube.com that was not removed even after restarting the browser. Register notes that the bug could allow the search giant to keep cookie-style data as site data and essentially have the ability to track users even when they believe they have deleted all of their cookies and site data. Google has acknowle...
Read More
6Oct By thecanadianNo Comments
Business, CIRA, COVID-19, Cybersecurity, Privacy & Cloud, Security

1 in 4 Canadian organizations say they faced COVID-19 themed cyberattacks: report

A quarter of Canadian organizations have been targeted by COVID-19 themed cyberattacks, according to the Internet Registration Authority of Canada (CIRA) latest report. Examples of COVID-19 themed cyberattacks include fake contact tracing apps and COVID-19 test result phishing campaigns. CIRA surveyed more than 500 Canadian IT security decision makers to learn more about how they are dealing with the rise in cyber attacks for their annual cybersecurity report. The report found that three out of 10 organizations reported an increase in attacks since the pandemic began, and just over half of the organizations have implemented new cybersecurity protections in response to the pandemic. Additionally, a quarter of organizations experienced a breach of customer ...
Read More
3Oct By thecanadianNo Comments
iPhone News, Security

Google Project Zero Researcher To Join Apple To Improve iOS Security

According to a Reddit thread and his Twitter Feed, well-known security researcher and vulnerability detective Brandon Azad (formerly of Google's Project Zero), will soon be joining Apple's security team.It is with bittersweet sadness and excitement that I bid farewell to Project Zero as I will be joining Apple next week to continue my work on improving the security of Apple devices. My time at Project Zero has been incredible and it has been an honor to share this wonderful mission. - Brandon Azad (@_bazad) October 2, 2020Project Zero is a band of Google security researchers working to find, study, and reveal security vulnerabilities in both hardware Y the software used by the public today. Azad is one of the brightest minds behind this operation. The name Brandon Azad m...
Read More
1Oct By thecanadianNo Comments
Business, medisys, Privacy & Cloud, Security, Telus

Telus-owned Medisys reveals data breach affecting 60,000 customers

Telus' healthcare provider Medisys has reported a data breach affecting the personal information of 60,000 customers. The company, which provides preventive health assessments and services, says it recovered the stolen personal information by paying a ransom, as reported by Global news. The breach has affected about five percent of Medisys clients. The personal information that was stolen could include names, contact information, provincial health numbers, and test results. The company says financial information and social security numbers were not exposed. Medisys says that public disclosure of personal information is low. She is currently communicating with customers who have been affected by the data breach and will provide them with free security...
Read More
29Sep By thecanadianNo Comments
Business, Cybersecurity, kpmg, Privacy & Cloud, Security

84 percent of Canadians are wary of interacting with organizations affected by a data breach: report

A new KPMG study reveals that 84 percent of Canadians would reconsider doing business with companies that have faced a data breach. The study also found that 90 percent of Canadians are "wary" of sharing their personal or financial information with any organization that has suffered a cyberattack or data breach. The COVID-19 pandemic has led to a surge in online shopping, with 54 percent of Canadians saying they buy more online. The survey notes that 84 percent of respondents are being "extremely careful" when shopping online for fear that their information will be hacked or stolen. Additionally, 54 percent of those surveyed said they had received "many more" suspicious emails in the past six months. “More than two-thirds (67 percent) of Canadians are more concerned now than ever about...
Read More
17Sep By thecanadianNo Comments
Business, Canada, College of Nurses of Ontario, Cybersecurity, Privacy & Cloud, Security

College of Nurses of Ontario investigates ‘cybersecurity incident’

The College of Nurses of Ontario (CNO), the province's regulatory body for nurses, has experienced a "cybersecurity incident." In a statement posted on their website., CNO says it is investigating the incident, but has not yet provided specific details. Therefore, although the scope of the breach remains unclear, it could have compromised the personal information of the nearly 200,000 members of the CNO. "The CNO is trying to determine whether personal information was compromised as a result of the incident," the university said in the statement. That being said, the university confirmed that the incident occurred on September 8, while the members were only informed on the morning of September 17. It is not clear why there was a period of almost 10 day...
Read More
20Aug By thecanadianNo Comments
Business, Data Breach, Instagram, Privacy & Cloud, Security, TikTok, youtube

Security investigator finds database with details of 235 million social media accounts

A security researcher has found a database containing data pulled from nearly 235 million social media accounts. Accounts include social media users from Instagram, TikTok, and YouTube. The database contains information including names, contact information, images, and statistics on followers. This type of practice is known as web scraping, which is when data is collected from web pages in an automated way, as described in The next web. Although web scraping is not illegal, popular social media platforms have prohibited this practice to protect user information. Several analytics companies use web scraping techniques to sell information from these types of databases to other companies. In this case, a researcher from Comparitec...
Read More