Security Alerts
September 27, 2019 Ransomware attacks at several regional hospitals and cities
As you are no doubt aware, there have been several successful Ransomware attacks which have unfolded recently. The cities of Stratford and Woodstock and this week several hospitals have been targeted. (Read full entry)
September 24, 2019 Internet Explorer Scripting Engine Memory Corruption Vulnerability : RISK CRITICAL
Microsoft has announced that Internet Explorer, version 9, 10 and 11 contains a remote code execution vulnerability that allows a malicious user to execute arbitrary code in the context of the current user. (Read full entry)
August 27, 2019 Malicious Pretext Phone Calls: RISK High
We have had many reports of pretext calls being received from fraudsters pretending to be from well known software companies such as Adobe or Microsoft. (Read full entry)
August 27, 2019 Multiple Acrobat Reader Vulnerabilities: RISK High
Users of Adobe Acrobat Reader, Acrobat Reader DC and Acrobat DC; versions 2019.012.20035 and earlier, are encouraged to upgrade their product to the latest patch level. Many severe vulnerabilities have been found which can lead to remote code execution. (Read full entry)
August 1, 2019 Multiple iOS Vulnerabilities: RISK High
Users of Apple’s iOS devices are encouraged to upgrade the OS to version 12.4 to mitigate a number of vulnerabilities, the most serious of which may allow a hacker to read the contents of files stored on iOS devices remotely, without requiring any user interaction. (Read full entry)
July 10, 2019 Zoom Vulnerability UPDATE - July 10, 2019
Zoom has now made available an emergency patch to address the vulnerability for MAC users. (Read full entry)
July 9, 2019 Zoom Video Conference App Vulnerability
In the Zoom client through 4.4.4 and RingCentral 7.0.136830.0312 on macOS, remote attackers can force a user to join a video call with the video camera active. (Read full entry)
June 21, 2019 Sogou PinYin Application: RISK High
The downloadable application Sogou PinYin (pinyin_9.3.0.3129.exe or sogou_pinyin_93g.exe) are malicious (Read full entry)
June 21, 2019 Mozilla Firefox Vulnerability: RISK High
Update Firefox now to address a type confusion vulnerability. (Read full entry)
May 28, 2019 ADOBE ACROBAT VULNERABILITY
Several newly discovered vulnerabilities in Adobe Acrobat have been discovered. (Read full entry)
May 21, 2019 INFORMATION SECURITY ALERT: RISK High - Windows Operating Systems: RDP (Remote Desktop Protocol)
As you may have already heard, a rare, wormable vulnerability in Remote Desktop Services was announced this past week by Microsoft (CVE-2019-0708). (Read full entry)
May 7, 2019 Crestron AirMedia Vulnerability: RISK High
Several newly discovered vulnerabilities have been identified and are actively being exploited on these devices. (Read full entry)
March 5, 2019 GOOGLE CHROME VULNERABILITY ALERT: RISK High
A newly discovered vulnerability in Google Chrome is actively being exploited. (Read full entry)
February 27, 2019 EMAIL PHISHING ALERT: RISK Medium – CRA (Canada Revenue Agency) Various phishing emails
With the tax season upon us, we are seeing an increase in the amount of phishing email directly targeting individual’s. Please be diligent and do not respond or interact with email appearing to come from the CRA. (Read full entry)
February 27, 2019 INFORMATION SECURITY ALERT: RISK Medium - Protect your Western Account
The compromise of your Western account can lead to data theft, payroll theft or personal information theft. Remember, your account has access to many facets of your Western life, including Western Financials, My Pension, My Human Resources, Office 365, Wireless etc. Once compromised, a threat actor has your level of access to all of your Western services, including all of your personal data, the ability to make configuration changes or even the ability to make account changes. (Read full entry)
September 21, 2018 INFORMATION SECURITY ALERT: RISK LOW - Universities are being targeted
In 2014, the Iranian government targeted Western and other Canadian universities to steal credentials and intellectual property in an incident known as “MABNA Institute’. The US State Department obtained evidence and charge several individuals with this large-scale attack and provided details to Western by way of the Canadian government. (Read full entry)
January 22, 2018 EMAIL PHISHING ALERT: RISK Medium - Phishing email originating from Office of the Provost
A new phishing attempt containing instructions to forward attached reports and designed to look like it originated from Janice Deakin and the Office of the Provost was discovered by WTS and has since been intercepted. (Read full entry)
January 5, 2018 INFORMATION SECURITY ALERT: RISK MEDIUM - Spectre and Meltdown
Two new serious vulnerabilities have been discovered which have wide ranging effect. These vulnerabilities are called Spectre and Meltdown. The media has been sensationalizing some of the coverage around these vulnerabilities. These vulnerabilities may expose many systems. Still, and to be clear these vulnerabilities are quite serious but the sky is not falling .. at least not yet (meaning the risk is still pretty hard to realize). (Read full entry)
Published on and maintained in Cascade CMS.
