Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInRussian hackers compromised Microsoft’s cloud customers through a third party, putting email and other data at risk – The Washington Post
“If it’s true that a cloud service provider customer’s data has been exfiltrated and is in the hands of some threat actor, that’s a very serious situation,” said John Reed Stark, who runs a consulting firm and is former chief of the Securities and Exchange Commission’s Office of Internet Enforcement. “It should raise all sorts […]
The Cyber Threat Is Real and Growing – WSJ
It appears that this was purely an intelligence-gathering effort. The SVR sat on government networks collecting as much data as it could, whenever and however it wanted. It was less like tapping into phone lines and more like breaking into the library and wandering around. Every country conducts espionage. That’s not the alarming part. What […]
Trump downplays Russia in first comments on hacking campaign
While Trump downplayed the impact of the hacks, the Cybersecurity and Infrastructure Security Agency has said it compromised federal agencies as well as “critical infrastructure.” Homeland Security, the agency’s parent department, defines such infrastructure as any “vital” assets to the U.S. or its economy, a broad category that could include power plants and financial institutions. One […]
US agencies hacked in global cyberspying campaign – New York Daily News
In a rare emergency directive issued late Sunday, the Department of Homeland Security’s cybersecurity arm warned of an “unacceptable risk” to the executive branch from a feared large-scale penetration of U.S. government agencies that could date back to mid-year or earlier. Source: US agencies hacked in global cyberspying campaign – New York Daily News
Most Victim Organizations Suffer Second Intrusion Within a Year – Infosecurity Magazine
Security experts have warned victims of sophisticated cyber-attacks not to think of intrusions as a one-off event, as a majority of organizations end up getting hit again within the year. CrowdStrike compiled an analysis of its own incident response and managed services engagements in 2020, to produce the CrowdStrike Services Cyber Front Lines Report. It warned […]
Global cybercrime losses rapidly approaching trillion-dollar mark – McAfee report
Global losses from cybercrime are close to becoming a ‘trillion-dollar’ shackle that is weighing down the global economy, with the annual global cost of cybercrime pegged at $945 billion – or 1% of the entire world’s GDP. These are some of the figures from McAfee’s The Hidden Costs of Cybercrime report, conducted in partnership with […]
Cybersecurity firm FireEye says it was hacked by a nation-state | TechCrunch
FireEye, normally the first company that cyberattack victims will call, has now admitted it too has fallen victim to hackers, which the company called a “sophisticated threat actor” that was likely backed by a nation-state. In a blog post confirming the breach, the company’s chief executive Kevin Mandia said the nation-backed hackers have “top-tier offensive […]
Pinsent Masons launches digital cyber-attack response platform – Cyturion
Cyturion, developed by the firm’s in-house technology specialists provides organisations with detailed response plans and advice for managing and recovering from various types and severity of cyber-attacks such as business email compromise, invoice diversion, malware, ransomware and cyber-extortion. The tool, which is led and implemented by the firm’s specialist cyber legal team, provides detail on […]
Guest Post: Be Prepared: Costly Cyber Claims Could Lead to Higher Premiums in 2021 | The D&O Diary
The rarified place that cybersecurity insurance (“cyber insurance”) used to hold in the strata of the more “profitable” corporate insurance products is quickly closing, as significant losses are now more prevalent on the books of cyber insurance carriers. (And growing monthly.) Will higher cyber insurance premiums follow? Will limits of liability contract as cyber insurers closely […]
Ransomware gangs now even calling victims to meet demands: Report – Express Computer
Some ransomware groups have now resorted to cold-calling victims to pressure them into paying ransom demands if they come to know that the targeted organisations were attempting restoration from backups, said a media report. Some of the ransamware gangs that have used this tactic include Conti and Ryuk, a spokesperson for New Zealand-headquartered cybersecurity firm […]
The Ill-Fated Emergence of the Bitcoin Balance Sheet
This year MicroStrategy relished in a good problem to have – a half a billion dollars of cash in its bank account and not sure what to do with it. The company could have paid its shareholders a hefty dividend, bought back a truckload of its stock, invested in R&D, financed new acquisitions or pursued […]
As bitcoin soars, so do ransomware attacks. Is it time to ‘stop the madness?’ — bobsullivan.net
Which brings me to Bitcoin and other cryptocurrencies. The vast majority of ransomware gangs demand payment via cryptocurrency, which they favor for its anonymity and the way it enables cross-border payments. Since global law enforcement authorities seem powerless to stop the crypto crime gangs, is it time to stop the crypto? Source: As bitcoin soars, so do […]
California Voters Make CCPA 2.0 a Reality – California Privacy Rights Act Ballot Measure Passes – Lewis Brisbois Bisgaard & Smith LLP
On November 3, 2020, California voters approved Proposition 24, otherwise known as the California Privacy Rights Act (CPRA), a ballot measure that will expand the privacy protections for California residents under the existing California Consumer Privacy Act (CCPA). Effective January 1, 2023, the CPRA significantly amends the CCPA by expanding consumer rights, heightening privacy protections, […]
Ransomware Group Turns to Facebook Ads — Krebs on Security
It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. Source: Ransomware Group Turns to Facebook Ads — Krebs on […]
Cyber Consulting Firms Get Tied Up in Post-Breach Lawsuits
Cybersecurity consultants could be on the hook for data breaches at companies they contract with after two recent court rulings in consumer class actions. Accenture Plc’s U.S. unit in October failed to escape claims made against the consultant in a consumer lawsuit over a hack of Marriott International Inc.’s hotel reservations database. The decision came […]