Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInLeaked Barneys email says paychecks missed due to ‘cyber incident’ – Business Insider
After months of uncertainty among Barneys employees in the wake of the company’s bankruptcy and subsequent acquisition by Authentic Brands Group, staffers woke up on Friday morning to discover they had not been paid. The delayed paychecks were the result of a “cyber incident,” according to a company-wide email that was sent by Barneys’ corporate […]
Hackers Plead Guilty in Data Breach That Uber Covered Up – NBC 10 Philadelphia
Two computer hackers have pleaded guilty to concocting an extortion scheme that entangled Uber in a yearlong cover-up of a data breach that stole sensitive information about 57 million of the ride-hailing service’s passengers and drivers. The pleas entered Wednesday in a San Jose, California, federal court by Brandon Charles Glover and Vasile Mereacre resurrected […]
Hit by Ransomware Attack, Florida City Agrees to Pay Hackers $600,000 – The New York Times
Even large cities, however, have had to pay smaller ransoms than Riviera Beach. On Monday, the City Council unanimously agreed to have its insurance carrier pay the hackers 65 Bitcoin, a hard-to-trace digital currency, amounting to about $592,000. By making the payment, the City Council hopes to regain access to data encrypted in the cyberattack […]
Hackers Won’t Let Up in Their Attack on U.S. Cities – WSJ
“Ransomware is a pandemic in the United States,” said Joel DeCapua, supervisory special agent in the Federal Bureau of Investigation’s cyber division, referring to a particularly devastating form of malicious software. Hackers are increasingly going after larger targets, compared with five years ago, when most ransomware attacks hit home computers, he said. Municipalities in general […]
Cybersecurity in the “When-Not-If” Era | IoT For All
Risk is about uncertainty. The “When-Not-If” paradigm brings certainty where doubt was previously allowed (or used to manipulate outcomes): Cyber-attacks will happen Sooner or later, regulators will step in They can now impose business-threatening fines around the mishandling of personal data Media interest has never been higher around those matters; business reputation and trust in […]
Hackers went undetected in Citrix’s internal network for six months | TechCrunch
Hackers gained access to technology giant Citrix’s networks six months before they were discovered, the company has confirmed. In a letter to California’s attorney general, the virtualization and security software maker said the hackers had “intermittent access” to its internal network from October 13, 2018 until March 8, 2019, two days after the FBI alerted […]
Big Companies Thought Insurance Covered a Cyberattack. They May Be Wrong. – The New York Times
When the United States government assigned responsibility for NotPetya to Russia in 2018, insurers were provided with a justification for refusing to cover the damage. Just as they wouldn’t be liable if a bomb blew up a corporate building during an armed conflict, they claim not to be responsible when a state-backed hack strikes a […]
Law Firm Can’t Get Mortgage Group to Pay for Deutsche Hack
A real estate law firm failed to get a mortgage solution services company to indemnify it for money owed to Deutsche Bank after a hacking attack disrupted a real estate deal, a federal court ruled. The Buck Law Firm brought a third-party complaint against Altisource Portfolio Solutions Inc. to pay it money owed to Deutsche […]
Four Unusual Hacking Strategies I’ve Seen As A Cyber-Security CEO
It’s not uncommon to see hackers target and impersonate CEOs, particularly for the purposes of socially engineering the CEO’s subordinates to make funds transfers. However, in one particularly creative effort we recently saw, the hacker impersonated a CEO and convinced an employee charged with payroll to update the CEO’s own bank account information with that […]
Overseas Traders Face Charges for Hacking SEC’s Public Filings Site – WSJ
Mr. Clayton added that the SEC has worked to enhance its cybersecurity defenses in the wake of the hack, turning to other government agencies and outside consultants to “bolster our cybersecurity defenses and reduce our cyber risk profile.” The fallout from the hack has changed the SEC’s approach to cybersecurity both for the SEC itself […]
Statement on EDGAR Hacking Enforcement Action
This action illustrates that the SEC faces many of the same cybersecurity threats that confront exchange-listed companies, other SEC-registered entities and market participants of all types. These threats to our marketplace are significant and ongoing and often involve threats from actors outside our borders. No system can be entirely safe from a cyber intrusion. Here at the SEC, […]
Key Drivers Behind Cyber Insurance Claims : Clyde & Co
Perhaps most notable to those who are under the impression that hackers only bother with big companies, SMBs reported the highest number of “everyday” breaches. Of the breach events studied, 90% of the organizations that experienced breaches were small and medium sized. With a median event cost of USD18,000 these are numbers that simply can’t […]
A Cyberattack in Saudi Arabia Had a Deadly Goal. Experts Fear Another Try. – The New York Times
In August, a petrochemical company with a plant in Saudi Arabia was hit by a new kind of cyberassault. The attack was not designed to simply destroy data or shut down the plant, investigators believe. It was meant to sabotage the firm’s operations and trigger an explosion. The attack was a dangerous escalation in international […]
Look-Alike Domains and Visual Confusion — Krebs on Security
How good are you at telling the difference between domain names you know and trust and impostor or look-alike domains? The answer may depend on how familiar you are with the nuances of internationalized domain names (IDNs), as well as which browser or Web application you’re using. via Look-Alike Domains and Visual Confusion — Krebs […]
Hackers Target, Embarrass Cyber Security Specialists At FireEye (NASDAQ: FEYE) Subsidiary | Benzinga
In a meticulous orchestration of irony, a team of hackers published stolen data from FireEye Inc.’s Mandiant Security subsidiary and launched a #leaktheanalyst campaign Monday. “We are aware of reports that a Mandiant employee’s social media accounts were compromised,” a FireEye spokesperson told Benzinga. “We immediately began investigating this situation, and took steps to limit […]