SecurityBrief Canada - Technology news for CISOs & cybersecurity decision-makers
Canada

Security vulnerabilities Stories - Page 5

Global Stories

Security vulnerabilities stories

Cycode & HackerOne integrate to speed software vulnerability fixes
Application Security

Cycode & HackerOne integrate to speed software vulnerability fixes

Cycode and HackerOne partner to integrate bug bounty findings into Cycode's platform, speeding up vulnerability fixes and improving software security workflows.

By Catherine Knowles 4 min read Fri, 18th Jul 2025
Windows Server 2025 flaw lets attackers persist in Active Directory
Advanced Persistent Threat Protection

Windows Server 2025 flaw lets attackers persist in Active Directory

A design flaw in Windows Server 2025 allows attackers to persist undetected in Active Directory by exploiting managed service account vulnerabilities.

By Melania Watson 3 min read Thu, 17th Jul 2025
Race condition in nopCommerce gift cards enables repeated use
DevOps

Race condition in nopCommerce gift cards enables repeated use

A race condition vulnerability in nopCommerce gift cards lets attackers redeem the same card repeatedly, exploiting a flaw in the checkout process.

By Jed Nykolle Harme 4 min read Fri, 11th Jul 2025
The risky race to AI: How DeepSeek is reshaping the AI landscape
Data Protection

The risky race to AI: How DeepSeek is reshaping the AI landscape

Chinese startup DeepSeek's new AI model cuts costs but sparks global security fears, prompting bans and cyberattacks amid geopolitical tensions.

By Pascal Geenens 4 min read Thu, 26th Jun 2025
Growing gap revealed between AI innovation & enterprise security
DevOps

Growing gap revealed between AI innovation & enterprise security

A new report reveals a widening gap between AI innovation and enterprise security, with 36% of firms struggling to keep up with generative AI risks.

By Shannon Williams 4 min read Thu, 26th Jun 2025
Outpost24 identifies key OAuth risks & best practice solutions
Application Security

Outpost24 identifies key OAuth risks & best practice solutions

Outpost24 reveals seven common OAuth risks and offers best practices to help organisations prevent unauthorised access and data breaches through better token security.

By Jed Nykolle Harme 5 min read Sat, 21st Jun 2025
Poor cloud security leaves secrets & data at risk, report finds
Hyperscale

Poor cloud security leaves secrets & data at risk, report finds

A report finds poor cloud security and misconfigurations put sensitive data and secrets at risk across major public cloud providers worldwide.

By Shannon Williams 3 min read Thu, 19th Jun 2025
Jamf report finds phishing & infostealers surge on Apple devices
Malware

Jamf report finds phishing & infostealers surge on Apple devices

Jamf's Security 360 Report reveals a sharp rise in phishing and infostealers targeting Apple devices, urging organisations to strengthen cybersecurity measures.

By Catherine Knowles 4 min read Wed, 18th Jun 2025
Aiden Technologies now available in Azure Marketplace via MACC
Platform-as-a-Service

Aiden Technologies now available in Azure Marketplace via MACC

Aiden Technologies is now available in the Microsoft Azure Marketplace via MACC, enabling organisations to acquire its endpoint management platform using existing Azure funds.

By Catherine Knowles 4 min read Fri, 13th Jun 2025
3 key challenges in enterprise browser adoption: Lessons from Arc's pivot
Customer Relationship Management

3 key challenges in enterprise browser adoption: Lessons from Arc's pivot

Despite Arc's innovation, enterprises struggle with browser adoption due to muscle memory, maintenance burdens, and AI-driven fragmentation disrupting standardisation.

By Dakshitaa Babu 3 min read Mon, 9th Jun 2025

Stories from Other Regions

Security vulnerabilities stories

Multiple brother devices: Multiple vulnerabilities (FIXED)
Firewalls

Multiple brother devices: Multiple vulnerabilities (FIXED)

Security researcher Rapid7 has uncovered 8 vulnerabilities in 742 printer models from Brother, FUJIFILM, Ricoh, and Toshiba, with fixes now available.

By Stephen Fewer 8 min read Thu, 26th Jun 2025
Azul enhances Java security detection, cutting false positives by 99%
Software-as-a-Service

Azul enhances Java security detection, cutting false positives by 99%

Azul's new Java security tool cuts false positives by 99%, boosting detection accuracy and helping DevOps teams focus on real risks in production code.

By Catherine Knowles 4 min read Fri, 13th Jun 2025
Just 3% of New Zealand domains enforce top anti-phishing policy
EduTech

Just 3% of New Zealand domains enforce top anti-phishing policy

Just 3% of New Zealand domains enforce the strict DMARC p=reject policy, leaving most vulnerable to phishing despite upcoming government mandates.

By Catherine Knowles 3 min read Fri, 13th Jun 2025
AI use surges in UK healthcare as data security concerns mount
Data Protection

AI use surges in UK healthcare as data security concerns mount

AI use in UK healthcare has soared to 94% in 2025, despite rising data breaches and declining focus on data security among IT professionals.

By Kaleah Salmon 4 min read Thu, 12th Jun 2025
OWASP unveils first top 10 business logic abuse threats list
Application Security

OWASP unveils first top 10 business logic abuse threats list

OWASP has released its first Business Logic Abuse Top 10, spotlighting critical cross-domain threats beyond traditional technology-specific vulnerabilities.

By Shannon Williams 4 min read Fri, 6th Jun 2025
UK businesses neglect printer security despite rising risks
Data Privacy

UK businesses neglect printer security despite rising risks

Despite rising cyber threat awareness, only 14% of UK employees trained on security receive printer-specific training, leaving devices vulnerable.

By Jed Nykolle Harme 3 min read Tue, 3rd Jun 2025
Akamai launches DNS Posture Management for multicloud security
Firewalls

Akamai launches DNS Posture Management for multicloud security

Akamai has launched DNS Posture Management, offering centralised control over DNS assets across multicloud platforms to enhance security and compliance.

By Sean Mitchell 3 min read Tue, 3rd Jun 2025
Distology partners with Flare to boost threat intelligence tools
Ransomware

Distology partners with Flare to boost threat intelligence tools

Distology partners with Flare to enhance threat intelligence and dark web monitoring for UK and European security resellers and MSSPs.

By Catherine Knowles 3 min read Fri, 30th May 2025