Follina—while we’re sure this commune in Italy is lovely, the same can’t be said about this new vulnerability by the same name for InfoSec folks. Thanks to a zero-day bug in the Microsoft Support Diagnostic Tool, Follina is now making the headlines but for all the wrong reasons. This blog talks in detail about the zero-day vulnerability in Microsoft Support Diagnostic Tool (MSDT), popularly known as Follina.
Imaging you’re applying for a loan. One of the important criteria required to obtain approval is the credit score. The higher the credit score, the higher your chances for getting a loan. Similarly, imagine you’re selling a product on a website. Potential buyers judge the quality of your product based on the reviews or ratings it has received from other customers. The higher the ratings, the higher the chances people will buy your products or services.
Despite wide-spread knowledge on the risk of using a weak password, 123456 is still a common password in use by a number of users. You’re probably wondering who would still use this password. Well, close to 103 million people around the world according to NordPass’ report. While this is alarming, let’s just take a moment to consider why users choose simple, easy-to-remember passwords despite being aware of the risks. Password overload: How big of a concern is it?
Apple has recently released OS updates for multiple operating systems, addressing known and exploited security vulnerabilities along with previously unknown ones. During the past week, various data security organizations like the US Cybersecurity and Infrastructure Security Agency and Indian Computer Emergency Response Team have issued warnings asking users to install the latest updates on their Apple devices as soon as possible to avoid possible exploitation of devices and device data.
Illustrated by Dorathe Victor The Personal Information Protection and Electronic Documents Act (PIPEDA) is well-known if you are an organization based out of Canada. In place for more than 20 years, it sets out rules for how businesses should collect, use, and disclose personal information while dealing in commercial activities. Some pieces of personally identifiable information (PII) that are protected under PIPEDA are name, age, ID number, income, ethnic origin, blood type, and more.
Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week lets explore the concept of security service edge (SSE) and why it was removed from the secure access service edge (SASE) in the recent Gartner Magic Quadrant.
In December 2020, Microsoft came forward with details regarding what is now being considered the most extensive, severe cyberattack in history—the NOBELIUM attack. This shocking security breach by NOBELIUM, a group of Russian hackers, brought the cybersecurity world to a standstill with its well-planned and well-executed hacking. It compromised several organizations through a supply chain attack.
