Every second Tuesday of the month, Microsoft releases security updates, and IT teams across the country quietly begin a race against exploitation. This month, the stakes are higher than usual. Microsoft’s April 2026 Patch Tuesday addressed 167 vulnerabilities, including eight rated critical and two zero-days, one of which is already being actively exploited in the […]
The SharePoint Zero-Day and Employee Security Training Read More »
Proofpoint researchers identified more than 100 malicious tax-themed phishing campaigns in early 2026, and Canadian organizations are among the primary targets. With April representing the peak filing period for most Canadians, attackers are exploiting the urgency, distraction, and financial stress that tax season reliably produces. Most organizations have not updated their security awareness training to
Tax Season Phishing: The Security Training Blind Spot Read More »
When TELUS Digital confirmed a cyberattack on March 12, 2026, the headline was about scale: nearly one petabyte of stolen data, a $65 million ransom demand, and one of Canada’s largest telecoms facing a months-long silent intrusion. But the detail security teams should focus on is how the attack started. The ShinyHunters group did not
Supply Chain Credential Theft and the TELUS Breach Read More »
Nearly 70% of organizations believe their employees lack fundamental cybersecurity awareness, even at organizations that already run formal training programs. That finding, from Fortinet’s 2024 Security Awareness and Training Global Research Report, captures a frustration that many security leaders recognize immediately: completing a course is not the same as being prepared. In 2026, the industry’s
Human Risk Management: Beyond Security Awareness Training Read More »
