Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.
Cybersecurity experts worry about attacks and ransomware directed at the 70,000 water and wastewater facilities in the U.S. In November 2020, the Hampton Roads Sanitation District was infected with Ryuk ransomware. Fortunately, its operational technology systems were unaffected, and it recovered.
Most federal executive branch agencies in the U.S. now have vulnerability disclosure policies. John Jackson and Jackson Henry of the security research group Sakura Samurai say those policies ensure they don't get into legal trouble for helping improve cybersecurity.
In October, Missouri's governor accused a journalist of hacking after he alerted the state to exposed personal information on a state education website. Now, emails reveal that state planned on thanking him before it chose to pursue prosecution and that the FBI immediately dismissed the incident.
A health insurer in New Mexico is warning of a data breach that exposed customers' personal and medical information. True Health New Mexico reports that nearly 63,000 individuals' personal details were exposed in the "early October" incident. It's offering all victims prepaid credit monitoring services.
This is the second episode of "The Ransomware Files," a podcast miniseries focused on stories of resilience in the fight against ransomware. An Australian company, Matthews, saw its backups corrupted and attackers release its data. The company recovered however, and has greatly improved its IT security defenses.
The Emotet botnet, which was hampered by law enforcement actions earlier this year, is making a comeback. The resurgence appears to be due to help from old friends: cybercriminals running the Trickbot botnet. Unfortunatel,y the development may fuel more ransomware attacks.
A penetration testing company discovered a critical zero-day vulnerability in Palo Alto Networks' GlobalProtect VPN product but did not inform the company until about 11 months later. The situation stirred debate over whether that posed unnecessary risks.
Before cybercriminals shifted heavily into ransomware, there was banking malware: sophisticated programs designed collect login credentials and intervene in transactions. A campaign using the Dridex banking Trojan has appeared in Mexico, says Metabase Q, a security company.
Trading platform Robinhood says an attacker gained access to its customer support system last week, stole 7 million individuals' names and email addresses and tried to extort the company. More personal details were also stolen for a much smaller group of customers.
The U.S. State Department is offering rewards of up to $10 million for information that leads to the identification or location of members of the DarkSide ransomware gang and others who attack critical infrastructure. It follows the U.S. taking offensive cyber action against REvil, The Washington Post reports.
Facebook plans to shut down its facial recognition system, saying the regulatory landscape is unclear and citing ongoing concerns about the effects on society of using such systems. The company plans to delete more than 1 billion facial profiles.
Microsoft launched a four-year campaign on Thursday with community colleges in the U.S. aimed at recruiting hundreds of thousands of people into the field of cybersecurity. The goal is to fill an expected shortfall of 250,000 workers in cybersecurity, which Microsoft says means rising risk.
Attacks on software supply chains can be difficult to detect yet devastating if one has occurred. But organizations can take steps to limit the risk from their suppliers, says Vikram Asnani, senior director of solution architecture with CyberGRX.
CoinMarketCap says it has found no evidence of a data beach despite the circulation of a list of 3.1 million email addresses that correlates with accounts on its service. Regardless of the source, the list would be useful for attackers to launch phishing attacks against those interested in cryptocurrency.