Colligeres

10/08/2021

Vous avez déposé une plainte pour rançongiciel?

Voici un aide mémoire très pratique afin de vous préparer à la rencontre avec un policier.



https://www.sq.gouv.qc.ca/wp-content/uploads/2021/10/aide-memo-victime-rancongiciel.pdf

10/01/2021

New requirements to the Private Sector Act that will be enforce in one year. Act now!

1. Appointment of a Data Privacy Officer (DPO)

• By default, the CEO of every organization will be the “person in charge of the protection of personal information”.
• The Data Privacy Officer (DPO) must ensure that the organization implements and complies with the Act.
• The Data Privacy Officer (DPO) role can be delegated in writing to any person.
• The Data Privacy Officer’s (DPO) contact information must be published on the organization’s website.

2. Breach Reporting

• Organizations must notify the Commission d’accès à l’information (CAI) and the affected individuals when a “confidentiality incident” presents a “risk of serious injury” to the individuals.
• The “risk of serious injury” threshold is assessed using factors similar to the “real risk of significant harm” under PIPEDA, namely the sensitivity of the information concerned, the anticipated consequences of its use and the likelihood that such information will be used for injurious purposes.
• Organizations must keep a register of breaches that they would be required to provide to the CAI upon request.

Thank you BLG Canada's Law Firm for this summary.

09/29/2021

Cybersecurity Awareness Month 2021 Kick-off Week

Cybersecurity Awareness Month 2021 has officially begun! join us in spreading cybersecurity awareness and encourage everyone to own their role in protecting Internet-connected devices. “Do Your Part. .”

05/04/2021

Major vulnerability with Dell systems.

Make sure to plan to update your fleet of systems. It's bad!

The privilege-escalation bug remained hidden for 12 years and has been present in all Dell PCs, tablets and notebooks shipped since 2009.

04/23/2021

Happy Friday!

02/16/2021

New Phishing Attack Uses Morse Code to Avoid Detection By Your Email Scanners.

One way to stop this threat will be through security awareness training which will help users to avoid being victim of this attack.

A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment.

01/14/2021

Many companies use dark pattern techniques to make it difficult to find how to obtain your .

JustGetMyData aims to be a directory of urls to enable you to easily obtain your .



https://justgetmydata.com/

01/12/2021

The new privacy policy which comes into force from February 8, allows WhatsApp and Facebook to share user information with businesses and third-party service providers that transact on these platforms.

Facebook Inc.’s WhatsApp has begun alerting its 2 billion users of an update to its privacy policy -- and if they want to keep using the popular messaging app, they have to accept it. The new terms, delivered in early 2021, have caused an outcry among technology experts, privacy advocates, billion...

12/24/2020

Joyeuses fêtes à tous!

12/17/2020

Your email just got HACKED, but luckily you changed your password - so, you are out of the woods, right❓

WRONG‼️

You even added 2FA, so all must be well, right❓

WRONG AGAIN‼️

A friend of mine went through this and thought his account was secured when he changed his password and enabled 2FA after it was hacked.

What he didn’t realize was the cybercriminal set up EMAIL FORWARDING before the password was changed.

So even though the bad guy couldn’t log in, he received all the emails as if he was still in anyways.

Thank you Rich Malewicz for this reminder since this same hack is still making headlines today!

12/02/2020

As a safeguard, Fortinet VPN users should change their passwords immediately both on the VPN devices, and any other websites where the same credentials were used.

If you are using this device or any other network devices, update your network gears!

Passwords exposed for almost 50,000 vulnerable Fortinet VPNs By Ax Sharma November 25, 2020 08:16 AM A hacker has now leaked the credentials for almost 50,000 vulnerable Fortinet VPNs. Over the weekend a hacker had posted a list of one-line exploits for CVE-2018-13379 to steal VPN credentials from t...