‘Serious Cyberattack’ Against Top Canadian University

A sign for York University. Source: CP24

What We Know
Last Friday, York University, one of Canada’s top Universities, was the victim of a “serious cyber attack that corrupted a number of University servers and workstations”, according to a security bulletin posted on May 4th. Up until Monday, there were little details about the incident, with the university posting two security bulletins but failing to email students and staff claiming that “distribution was delayed due to issues resulting from protecting our systems”. Instead of sending emails to all students, staff, and faculty, York relied on security bulletins posted on the Universities website.

Due to the delayed response…

Why you Should Never Pay the Ransom

Image by Katie White from Pixabay

What is Ransomware?
Ransomware is a type of malware that encrypts files on your computer. Typically, files are encrypted and a ransom note that contains instructions on how to regain access to your files is left behind. This ransom note usually asks for a certain amount of Bitcoin to be sent to the attackers' Bitcoin wallet and in return, they will give you a unique decryption key that can be used to decrypt your files.

What’s the difference between Ransomware and Trojans? There are a few differences between Ransomware and more common forms of malware such as Trojans. Trojans typically…

Strategies that criminals use to abuse your emotions

Image by Gerd Altmann from Pixabay

If you have ever been tricked into giving your password to a fake website, you’ve been the victim of Social Engineering. Social Engineering is the “use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes”. To put it simply, social engineering involves a criminal tricking you into giving up information that you wouldn’t otherwise want to give them. This is usually done by appealing to your emotions and creating a sense of urgency that is designed to make you not think rationally. This can occur both online and in-person. …

Strong passwords aren’t enough to keep our data safe

Image by Gordon Johnson from Pixabay

With most people spending the foreseeable future working from home, I figured that it would be a good time to discuss password security. With the increasing amount of breaches every year, a strong password isn’t enough to stop you from getting hacked, even if it is salted and hashed. This is where two-factor authentication (2FA) steps in to help improve your security. As I have discussed in a previous article, enabling 2FA on all websites and applications that offer it is a quick way to make yourself more secure.

What is 2FA?

2FA is a subset of multi-factor authentication (MFA). MFA is an…

Finding a Balance Between Security and Efficiency

Image Source: pixabay

Have you ever started working at a new job and spent the first 2 weeks waiting for access to different applications and databases? If so, then your company is probably practicing the Principle of Least Privilege (POLP).

What is it?
POLP is an abstract design principle that is used to properly limit the access and power of user accounts and applications. The basic idea behind POLP is that each user should operate using the least set of privileges necessary to complete the job.

Say we have a user whose job requires them to add purchase orders to a specific database…

Hashing Algorithms aren’t enough to keep your users’ passwords safe anymore

Photo by Artem Beliaikin from Pexels

When LinkedIn was hacked in 2012, many users were surprised to learn that their accounts were easily compromised due to the minimal security surrounding password encryption. LinkedIn used a technique known as password hashing, which enabled attackers to quickly brute-force hundreds of thousands of passwords within 72 hours.

What is Password Hashing

Password hashing is a simple way of storing users’ passwords in a database. Users enter their password, which is then inserted into a hash function that then maps the users password to a fixed-length string of random characters. Some common hash functions include MD5 and SHA256.

Password hashing may seem secure on…

When it comes to online security, it seems like every day there is a new way for attackers to steal your personal information and sell it to the highest bidder. At this point, attacks have gotten so sophisticated and security workarounds so complex that it is not a question of if you will get hacked, but when. With that in mind, here are some tips that you can start using right away to increase your online security. …

Jamie Nicol

UofT Computer Science student with a passion for Cyber Security.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store