Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.
Microsoft says ransomware activity against compromised on-premises Exchange servers remains limited, but it warns that organizations are far from out of the woods.
What's that IoT device on your network? A lot of organizations may not know. That's why Gartner analyst Tim Zimmerman says enterprises need to create IoT security policies and governance rules to reduce risk.
A Swiss national who recently highlighted flaws in Verkada surveillance cameras has been charged with criminal hacking by a U.S. federal grand jury and accused of illegally accessing and leaking data from numerous organizations, apparently including Intel, Nissan and the U.S. National Reconnaissance Office.
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
Computer security researchers have acquired an enormous list of compromised email servers from the perpetrators of the mass Microsoft Exchange compromises. But a big question looms: How bad is this situation going to get?
Many IoT devices sold today don’t meet minimum security standards, and much effort is being devoted to making IoT devices more secure. IoT expert TJ O'Connor says consumers are largely in the dark when trying to evaluate the security stance of IoT devices.
Just days after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.
Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.
Older ATMs across Latin America are being struck by a new version of "jackpotting" malware, which can cause the machines to dispense cash. The malware, called Ploutus, can cause ATMs made by Itautec, a Brazilian company, to discharge up to $1,700.
Connected vehicles are rife with cybersecurity risks. But Faye Francy of Auto-ISAC says automakers and suppliers are increasingly sharing critical information and strengthening supply chains.
SonicWall was recently attacked via a zero-day flaw in one of its own products. Curiously, SonicWall hasn't said much about the extent and damage of the breach since its announcement. But there are strong indications it may have been targeted by an extortion attempt.
Software company Accellion has released preliminary findings around the security incident that stung customers using its 20-year-old File Transfer Appliance. The attackers swiftly stole data from compromised systems, and some of those organizations have subsequently been extorted.
A company's Wi-Fi network is an ever-present target for attackers, and the range of risks, particularly in an era of pervasive IoT, continues to grow. Tracie Thompson of HackHunter says rogue access can be difficult to locate and remove.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.
