Security News

Threat actors have been discovered distributing a new credential stealer written in AutoHotkey scripting language as part of an ongoing campaign that started early 2020. Customers of financial institutions in the US and Canada are among the primary targets for credential exfiltration, with a specific focus on banks such as Scotiabank, Royal Bank of Canada, HSBC, Alterna Bank, Capital One, Manulife, and EQ Bank.

Okta announced significant momentum in the financial services industry with new and expanded deployments for Canadian Western Bank, First National of Nebraska, and Nota, powered by M&T Bank. Following a successful rollout of the Okta Identity Cloud across its workforce, Canadian Western Bank decided to expand its deployment to include Okta Customer Identity and to support its goal of creating a consistent customer experience across all lines of business.

It has not been a good week for major Canadian shipping company Canpar Express. Here's what Canpar Express had to say on the matter: "On 19th Aug 2020 Canpar Express was the target of a ransomware attack that impacted some of our systems. We continue to meet most customer shipping needs and we are not aware of any misuse of client information."

Canadian authorities said almost 15,000 online accounts for various government services have been targeted in three recent waves of credential-stuffing attacks. Of the 9,041 accounts GCKey accounts that were targeted, a third were used to access various services and are being further examined for suspicious activity, according to the government.

Thousands of user accounts for online government services in Canada were recently hacked during cyber attacks, authorities said Saturday. The passwords and usernames of 9,041 GCKey account holders "Were acquired fraudulently and used to try and access government services," the authorities said.

The Federal Trade Commission has approved a settlement with Canadian smart lock maker Tapplock, which allegedly falsely claimed that its devices were designed to be "Unbreakable." Toronto-based Tapplock, Inc. is an Internet of Things technology company that provides smart security solutions for both business and end-users alike.

Optiv Security, a security solutions integrator delivering end-to-end cybersecurity solutions, emphasized its continued investment in securing Canadian enterprises and government entities with the grand opening of its Mississauga-based security operations center. "Our clients in Canada are not immune to the reality that security teams around the globe are understaffed," said Cheryl McGrath, area vice president and country general manager, Canada, Optiv.

The breaches, which had been unreported, only came to light in January when Conservative MP Dean Allison demanded that the country's federal government produce a report for the Canadian House of Commons, according to the CBC. The 800-page report contained details about agency breaches in 2018 and 2019. In the report, the government admitted that agencies responsible for national defense, healthcare, tax revenue, postal service and immigration all sustained data breaches or accidentally exposed citizen data.

Canada's privacy commissioner is taking Facebook to court to try to force the social network to make changes to its privacy practices. The Office of the Privacy Commissioner of Canada has filed an application asking a federal court to declare that Facebook violated the country's privacy law over the Cambridge Analytica scandal.

A Canadian insurance business struck by ransomware paid off the crooks via a cyber insurance policy - and their English reinsurers, having shelled out 109.25 Bitcoins, want it back from the alleged blackmailers. After infection the unnamed Canadian company suffered a total lockdown of all of its systems and asked its reinsurance firm to pay the ransom so it could get back on its feet.