Information and Guidance
- Guidance on becoming cryptographically agile (ITSAP.40.018)
- End user device security for Bring-Your-Own-Device (BYOD) deployment models (ITSM.70.003)
- Spotting malicious email messages (ITSAP.00.100)
- Wi-Fi security (ITSP.80.002)
- Cyber security resources for small and medium organizations (ITSAP.00.137)
- Security considerations for critical infrastructure (ITSAP.10.100)
- Guidance on using tokenization for cloud-based services (ITSP.50.108)
- Security considerations for electronic poll book systems (ITSM.10.101)
- Protective Domain Name System (ITSAP.40.019)
- Protect your medical research equipment from cyber threats (ITSAP.00.134)
Alerts & Advisories
- Ubuntu security advisory (AV22-288)
- Google Chrome security advisory (AV22-285)
- Dell security advisory (AV22-286)
- [Control Systems] Rockwell Automation security advisory (AV22-287)
- [Control Systems] Matrikon security advisory (AV22-284)
- IBM security advisory (AV22-283)
- Mozilla security advisory (AV22-282)
- [Control Systems] Mitsubishi Electric security advisory (AV22-281)
- Critical vulnerability impacting VMware applications
- NVIDIA security advisory (AV22-279)
News
- Joint cyber security advisory on weak security controls and practices routinely exploited for initial access
- Joint cyber security advisory on protecting against cyber threats to managed service providers and their customers
- Joint cyber security advisory on 2021 top routinely exploited vulnerabilities
- Cyber Centre supports U.S. White House call for increased cyber security awareness
- Joint cyber security advisory on Russian state-sponsored and criminal cyber threats to critical infrastructure
- Joint cybersecurity advisory on mitigating Log4Shell and other Log4j-related vulnerabilities
- Statement from the Minister of National Defence on Apache Vulnerability and Call to Canadian Organizations to Take Urgent Action
- Statement on a cyber incident involving the Office of the Secretary of the Governor General
- Statement on Active Exploitation of Microsoft Exchange Vulnerabilities
- Canadian Centre for Cyber Security releases the Canadian National Cyber Threat Assessment 2020
Cyber Security Events
- Joint cyber security advisory on weak security controls and practices routinely exploited for initial access
- Joint cyber security advisory on protecting against cyber threats to managed service providers and their customers
- Joint cyber security advisory on 2021 top routinely exploited vulnerabilities
- Cyber Centre supports U.S. White House call for increased cyber security awareness
- Joint cyber security advisory on Russian state-sponsored and criminal cyber threats to critical infrastructure
- Joint cybersecurity advisory on mitigating Log4Shell and other Log4j-related vulnerabilities
- Statement from the Minister of National Defence on Apache Vulnerability and Call to Canadian Organizations to Take Urgent Action
- Statement on a cyber incident involving the Office of the Secretary of the Governor General
- Statement on Active Exploitation of Microsoft Exchange Vulnerabilities
- Canadian Centre for Cyber Security releases the Canadian National Cyber Threat Assessment 2020
Blogs
- Cyber Centre’s summary review of final candidates for NIST Post‑Quantum Cryptography standards
- Rajiv Gupta’s remarks on the end of GeekWeek’s first virtual edition
- Host-Based Sensors
- A quick update on GeekWeek 7
- Security in layers with Multi-Factor Authentication
- The Head of the Cyber Centre welcomes participants to the first virtual GeekWeek
- Introducing the Cyber Security Audit Program for auditors
- Ransomware: How to recover and get back on track
- Ransomware: Don’t get locked out
- Thinking of moving to the cloud? Here’s how to do it securely
Cloud Security
- 380K Kubernetes API Servers Exposed to Public Internet
- Deep Dive: Protecting Against Container Threats in the Cloud
- Security Turbulence in the Cloud: Survey Says…
- Firms Push for CVE-Like Cloud Bug System
- Zero-Trust For All: A Practical Guide
- Rethinking Cyber-Defense Strategies in the Public-Cloud Age
- Protect Your Executives’ Cybersecurity Amidst Global Cyberwar
- Cyberattackers Put the Pedal to the Medal: Podcast
- Microsoft Zero-Days, Wormable Bugs Spark Concern
- Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks