A British national was transported to the US earlier this week, facing charges of hacking US companies. Nathan Francis Wyatt was a known member of the notorious hacking group The Dark Overlord (TDO). Wyatt pleaded not guilty to the charges he currently faces in a Saint Louis court yesterday. US
Two US senators asked the Department of Homeland Security for their support on a recent bill, the K-12 Cybersecurity Act of 2019, which aims to effectively manage the threat of ransomware and cyberattacks. The bill would establish guidelines that improve school cybersecurity systems. The senators stated that school systems are
A Canadian laboratory that provides diagnostics and testing services, LifeLabs, admitted yesterday to paying hackers to retrieve stolen data that resulted from a security breach last month. Although it remains unclear how much LifeLabs paid the hackers to recover the data, LifeLabs stated that the hackers breached their systems and
What does it take to be a highly effective CISO? Over the past 25 years, I’ve consulted for hundreds of executives on cybersecurity issues including direct support to dozens of CISOs working to effectively manage cyber risk in a wide variety of organizations. With this post, I’ve attempted to capture some of the best practices from the most effective CISOs I know. In future articles, we’ll look at each of the 10 habits in greater detail, including direct input from the CISO community.
A campaign that started in October is being used to deliver financial malware against entities in the manufacturing and retail sectors. Researchers at the Cybereason Nocturnus group have been following the new campaign closely, determining that it commences with a phishing attack to deliver TrickBot and ultimately delivers a relatively
It’s been almost 10 years since the first commercial for-profit bug bounty program was launched. Bug bounty programs have transformed the information security sector, and its negative impacts have been advertised as driving down companies’ consulting rates and raising ethics questions within the cybersecurity community. However, boutique security consultancies, particularly
New cyber positions within the US military could be created in 2020 as a result of the government’s annual defense policy bill, depending on the approval of President Donald Trump. The positions include a senior military advisory for cyber policy, which requires candidates to be at least a two-star general.
Just hours after a suspected terrorist attack at the Naval Air Station in Pensacola, Florida, that left three sailors dead, the city of Pensacola was hit with a suspected ransomware attack that took local services offline. Early Saturday morning, the city network was taken offline as ransomware affected government employees’
Maersk Chief Information Security Officer Andrew Powell stated at Black Hat Europe 2019 that he believes that 600 countries across the globe were damaged by NotPetya around the time of the Maersk attack. He stated that any company doing business in Ukraine at the time of the attack was hit.
Facebook filed a lawsuit yesterday against Chinese company ILikeAd Media International Company and the two men who control it, Chen Xiao Cong and Huang Tao. The company was founded in 2016 in Hong Kong and is being accused of using the Facebook ad platform to run a malware scheme. Once