Join Us On LinkedIn

After months of uncertainty among Barneys employees in the wake of the company’s bankruptcy and subsequent acquisition by Authentic Brands Group, staffers woke up on Friday morning to discover they had not been paid. The delayed paychecks were the result of a “cyber incident,” according to a company-wide email that was sent by Barneys’ corporate […]
Two computer hackers have pleaded guilty to concocting an extortion scheme that entangled Uber in a yearlong cover-up of a data breach that stole sensitive information about 57 million of the ride-hailing service’s passengers and drivers. The pleas entered Wednesday in a San Jose, California, federal court by Brandon Charles Glover and Vasile Mereacre resurrected […]
Even large cities, however, have had to pay smaller ransoms than Riviera Beach. On Monday, the City Council unanimously agreed to have its insurance carrier pay the hackers 65 Bitcoin, a hard-to-trace digital currency, amounting to about $592,000. By making the payment, the City Council hopes to regain access to data encrypted in the cyberattack […]
“Ransomware is a pandemic in the United States,” said Joel DeCapua, supervisory special agent in the Federal Bureau of Investigation’s cyber division, referring to a particularly devastating form of malicious software. Hackers are increasingly going after larger targets, compared with five years ago, when most ransomware attacks hit home computers, he said. Municipalities in general […]
Risk is about uncertainty. The “When-Not-If” paradigm brings certainty where doubt was previously allowed (or used to manipulate outcomes): Cyber-attacks will happen Sooner or later, regulators will step in They can now impose business-threatening fines around the mishandling of personal data Media interest has never been higher around those matters; business reputation and trust in […]
Hackers gained access to technology giant Citrix’s networks six months before they were discovered, the company has confirmed. In a letter to California’s attorney general, the virtualization and security software maker said the hackers had “intermittent access” to its internal network from October 13, 2018 until March 8, 2019, two days after the FBI alerted […]
When the United States government assigned responsibility for NotPetya to Russia in 2018, insurers were provided with a justification for refusing to cover the damage. Just as they wouldn’t be liable if a bomb blew up a corporate building during an armed conflict, they claim not to be responsible when a state-backed hack strikes a […]
A real estate law firm failed to get a mortgage solution services company to indemnify it for money owed to Deutsche Bank after a hacking attack disrupted a real estate deal, a federal court ruled. The Buck Law Firm brought a third-party complaint against Altisource Portfolio Solutions Inc. to pay it money owed to Deutsche […]
It’s not uncommon to see hackers target and impersonate CEOs, particularly for the purposes of socially engineering the CEO’s subordinates to make funds transfers. However, in one particularly creative effort we recently saw, the hacker impersonated a CEO and convinced an employee charged with payroll to update the CEO’s own bank account information with that […]
Mr. Clayton added that the SEC has worked to enhance its cybersecurity defenses in the wake of the hack, turning to other government agencies and outside consultants to “bolster our cybersecurity defenses and reduce our cyber risk profile.” The fallout from the hack has changed the SEC’s approach to cybersecurity both for the SEC itself […]
This action illustrates that the SEC faces many of the same cybersecurity threats that confront exchange-listed companies, other SEC-registered entities and market participants of all types. These threats to our marketplace are significant and ongoing and often involve threats from actors outside our borders. No system can be entirely safe from a cyber intrusion. Here at the SEC, […]
Perhaps most notable to those who are under the impression that hackers only bother with big companies, SMBs reported the highest number of “everyday” breaches. Of the breach events studied, 90% of the organizations that experienced breaches were small and medium sized. With a median event cost of USD18,000 these are numbers that simply can’t […]
In August, a petrochemical company with a plant in Saudi Arabia was hit by a new kind of cyberassault. The attack was not designed to simply destroy data or shut down the plant, investigators believe. It was meant to sabotage the firm’s operations and trigger an explosion. The attack was a dangerous escalation in international […]
How good are you at telling the difference between domain names you know and trust and impostor or look-alike domains? The answer may depend on how familiar you are with the nuances of internationalized domain names (IDNs), as well as which browser or Web application you’re using. via Look-Alike Domains and Visual Confusion — Krebs […]
In a meticulous orchestration of irony, a team of hackers published stolen data from FireEye Inc.’s Mandiant Security subsidiary and launched a #leaktheanalyst campaign Monday. “We are aware of reports that a Mandiant employee’s social media accounts were compromised,” a FireEye spokesperson told Benzinga. “We immediately began investigating this situation, and took steps to limit […]