Privacy-Enhancing Technologies (PETs): A Deep Dive

Introduction In today’s data-driven world, protecting our personal information has never been more critical. No day passes without fear of privacy breaches and unauthorised surveillance confronting us as data theft takes place simultaneously. Privacy-Enhancing Technologies (PETs) enable data protection through a collection of tools that maintain personal data security without impacting its valid use. The …

Canada Revenue Agency (CRA) Data Breaches: A Growing Concern for Canadians

The security of personal information is a critical concern in today’s digital landscape, and recent breaches at the Canada Revenue Agency (CRA) have highlighted vulnerabilities in government data protection. In October 2024, Privacy Commissioner Philippe Dufresne launched an investigation into the CRA following a disclosure that over 30,000 privacy breaches had occurred, some dating back …

PowerSchool And Alberta Schools Privacy Breach

On the 7th of January 2025, PowerSchool notified the Calgary Board of Education (CBE), school boards, and many schools across Alberta about a massive student data privacy breach that occurred in late December 2024. According to CBE’s website, the breach involved the personal and demographic information of the CBE staff, students, and parents’ information [1]. …

Hackers exploit DOS flaw to disable Palo Alto Networks Firewalls

Introduction: At present, cybersecurity incidents are increasing day by day at an alarming rate. Attackers often find loopholes or weaknesses in the digital systems or infrastructure and exploit them for their personal gain, for damaging the reputation of organizations, and to exploit the privacy of users. Even the leading cybersecurity companies, like Palo Alto Networks, …

The Zero-Click Attack: WhatsApp Under Targeted Spyware

In a shocking disclosure,  WhatsApp revealed that it just discovered a sophisticated cyberattack aiming at about 100 people, including members of civil society and journalists spread across more than two dozen countries. Tracing the hack to Israeli monitoring company Paragon Solutions, privacy, press freedom, and human rights have once more been under question.[1] How the …

Ethical Human Hacking

Note: this project is by Dina Board Humans, the weakest link in information security. An organization can implement the strongest and most advanced and robust security controls on their physical and logical systems and fortify their building. Yet, all it will take is an employee being manipulated, frightened, or simply indifferent to security protocols to …

7-Zip Zero-Day Exploited in Targeted Attacks: A Deep Dive into CVE-2025-0411

A critical vulnerability in the popular 7-Zip file archiver, identified as CVE-2025-0411, has been actively exploited in the wild, primarily targeting Ukrainian entities[1]. This zero-day flaw allows attackers to bypass Windows’ Mark of the Web (MoTW) security feature, enabling the execution of malicious code without user warnings. This poses a significant threat, as it lowers …

ISEC 611 Group 8 – Garbled Circuits

Walkthrough : https://youtu.be/7MXVV858loU Code Example Link: https://github.com/HaydenMcNally/ISEC-611  Introduction to Garbled Circuits (History and Overview)  Garbled circuit is a computational technique which Andrew Yao introduced in an oral presentation in 1986, and the first written document was authored by Goldreich, Micali, and Widgerson in 1987. The term “garbled circuit” was coined by Beaver, Micali, and Rogaway …

DeepSeek: Innovation in AI and the Security Risks of Rapid Expansion

What is DeepSeek DeepSeek is a Chinese artificial intelligence company that has developed its systems on high-performing large language models. As a result, it has gained so much prominence that it rivals top U.S.-based AI systems. DeepSeek’s newest iteration comes in the form of an R1 model developed at a much lower cost than its …