Author: Asad Yaseen

The purpose of every security team is to provide confidentiality, integrity and availability of the systems in the organization. We call it “CIA Triad” for short. Of those three elements, integrity is a key element for most compliance and regulations. Some organizations have realized this and decided to implement File Integrity Monitoring (FIM). But many of them are doing so only to meet compliance requirements such as PCI DSS and ISO 27001. However, file integrity…

Privacy in Practice: Securing Your Data in 2021 and Beyond Technological advancements continually emerge that make our lives easier. Right? As beneficial and convenient as emerging tech is, it can pose serious risks to our online safety and privacy—risks that you might find yourself ill-prepared to handle. In fact, according to our 2021 Consumer Security Mindset research, 45% of Canadian respondents don’t feel very confident about their ability to prevent a cyberattack and believe that…

by Rob Simopoulos, Co-Founder, Defendify IT professionals are entrusted to recommend methods to help strengthen overall data protection. But for many, it might be difficult to lead the charge toward improving cybersecurity if there is no organizational culture around security established. This often requires leadership to work with their teams to create the foundation for proper cybersecurity processes, procedures, and plans – but for this to happen, all key stakeholders must first have an awareness…

Google has released a new password checker for Android. Find out how to enable and use this security feature on your Android device. Image: Getty Images/iStockphoto Has your password been compromised? Are you certain? If you’re a Google Chrome user, you know there’s a feature that will inform you if your password has been stolen and should be changed. But what about Android? The Android developers recently released a security feature that is similar to…

Tag CVE Count CVEs Windows WalletService 2 CVE-2021-26871, CVE-2021-26885 Windows Error Reporting 1 CVE-2021-24090 Windows Media 1 CVE-2021-26881 Windows Installer 1 CVE-2021-26862 Visual Studio 2 CVE-2021-21300, CVE-2021-27084 Windows Storage Spaces Controller 1 CVE-2021-26880 Windows DirectX 1 CVE-2021-24095 Internet Explorer 2 CVE-2021-26411, CVE-2021-27085 Microsoft Office SharePoint 3 CVE-2021-24104, CVE-2021-27052, CVE-2021-27076 Windows Projected File System Filter Driver 1 CVE-2021-26870 Microsoft Office PowerPoint 1 CVE-2021-27056 Microsoft Windows Codecs Library 11 CVE-2021-24089, CVE-2021-24110, CVE-2021-26884, CVE-2021-26902, CVE-2021-27047, CVE-2021-27048, CVE-2021-27049, CVE-2021-27050,…

In its March release, Microsoft addressed 82 CVEs, including a zero-day vulnerability in Internet Explorer that has been exploited in the wild and linked to a nation-state campaign targeting security researchers. 10Critical 72Important 0Moderate 0Low Microsoft patched 82 CVEs in the March 2021 Patch Tuesday release, including 10 CVEs rated as critical and 72 rated as important. This month’s Patch Tuesday release includes fixes for Application Virtualization, Azure, Azure DevOps,…

The Natural State is considering a new piece of legislation that would hold social media companies accountable for “unfairly censoring or banning someone.” The Arkansas Unfair Social Media Censorship Act would make sites like Twitter, YouTube, Instagram, and Facebook liable for damages if they remove content for “dubious or pretextual” reasons that are inconsistent with their own terms of service.  Arkansas attorney general Leslie Rutledge said: “This legislation would allow everyone, no matter the circumstances, to have…

Telecommunications giant Vodafone is calling for the introduction of new cybersecurity policies to help small businesses in the UK recover from the impact of the global health pandemic. In a statement released today, the company asked Boris Johnson’s government to protect small and medium-sized businesses by providing more support to the National Cyber Security Centre and making cybersecurity protections more accessible. Vodafone proposed that the value-added tax (VAT) on cybersecurity products should be reduced to 5% to ensure that…

Overview For the March 2021 Patch Tuesday, Microsoft released a set of seven DNS vulnerabilities. Five of the vulnerabilities are remote code execution (RCE) with critical CVSS (Common Vulnerability Scoring Standard) scores of 9.8, while the remaining two are denial of service (DoS). Microsoft shared detection guidance and proofs of concept with MAPP members for two of the RCE vulnerabilities, CVE-2021-26877 and CVE-2021-26897, which we have confirmed to be within the DNS Dynamic Zone Update…