News & Updates

Thursday, October 5, 2017 - 20:24 - 0 comment(s)
What Happened? Equifax, an organization that handles consumer information and credit services such as credit information and ratings, announced on September 7th, 2017 that they were the victim of a cyber-attack. This cyber-attack was successful due to an unpatched vulnerability (CVE-2017-5638) found in an Apache Struts instance running on Equifax’s webservers. The impact of such a security breach to an organization that handles extremely sensitive data, including names, addresses, social... + continue reading
Wednesday, March 16, 2016 - 23:01 - 0 comment(s)
This was presented at the March 16th, 2016 WordPress Meetup in Hamilton and describes WordPress Security and best practices that should be taken to protect any WordPress website against hackers whom target WordPress websites and impact your Google reputation and online presence.
iOS Trust this computer Vulnerability
Thursday, July 24, 2014 - 20:20 - 0 comment(s)
Imagine this, you are out for the afternoon and notice that your cell phone is almost out of battery.  You look around and find a public charging kiosk, where you are able to plug in via USB for a quick top up.  Unfortunately this time you fall victim to a “Juice Jacking” attack, which easily compromises your phone.  “Juice Jacking” as it is known is made possible as both data and power transmit on the same cable, and by injecting an arbitrary app into an iOS device (up to and... + continue reading
Thursday, June 19, 2014 - 19:59 - 0 comment(s)
Microsoft released a security advisory on a vulnerability in Internet Explorer that is being leveraged in limited targeted attacks. Currently the vulnerability only causes crashing in Internet Explorer on Windows XP but the exploit does exist in all versions of Windows.   Microsoft states that versions of the Enhanced Mitigation Experience Toolkit (EMET) 4.1 and above can mitigate this vulnerability in Internet Explorer. The toolkit is available for Windows XP users as well. If... + continue reading
Friday, April 11, 2014 - 15:03 - 0 comment(s)
A major security vulnerability called ‘HeartBleed’ has recently been identified by researchers at security firm Codenomicon and Google Security's Neel Mehta. HeartBleed is a security flaw in an application known as OpenSSL which provides encryption means to more than two thirds of all internet applications via SSL connections. The problem is within the Heartbeat Extension packets, which are used for keep-alive functionality of the SSL tunnel, and when exploited allows for a remote attacker to... + continue reading