Security researchers observed sextortionists leveraging social engineering techniques to steal their victims’ personal information.SANS’ Internet Storm Center (ISC) discovered that sextortionists had begun creating profiles for young women on dating websites. They used those profiles and the stated interest of finding “good times” to

For many of us, the last few months have drastically increased our reliance on mobile capabilities. Through the increased use of corporate mobile apps, virtual private networks (VPNs), hot spots and more, mobile communications are more ubiquitous than ever. Because of this enhanced, unprecedented and sudden dependence on mobile capabilities, mobile security

The transition to a remote workforce has happened so quickly that many security teams have not had an opportunity to apply desired controls. Organizations are dealing with remote access and execution privileges that were unplanned even a couple of months ago. The use of personal devices and home workspaces has increased potential risks. Typical controls such

An extra way to create leverage against victims of ransomware has been introduced by the developers of the Maze ransomware. If the victim is not convinced that she should pay the criminals because her files are encrypted, there could be an extra method of extortion. Over time, more organizations have found ways to keep safe copies of their important files or

The operators of DoppelPaymer ransomware launched a site for publishing the data of their victims who don’t pay the ransom.On February 25, DoppelPaymer’s handlers published a site called “Dopple leaks.” A message on the site at the time of launch revealed the attackers’ intention for doing so: leak the names and data of victims

I have been fascinated by data analytics for all my professional life — from my early days of using Linux command-line tools like grep, cut, sort and unique to make sense of log files and identify the chain of events that harmed my web server, to using simple Excel and pivot tables to do pretty much the same with data of all types. Now, we have much fancier

Each year on January 28, the United States, Canada, Israel and 47 European countries observe Data Privacy Day. The purpose of Data Privacy Day is to inspire dialogue on the importance of online privacy. These discussions also seek to inspire individuals and businesses to take action in an effort to respect privacy, safeguard data and enable trust.In observan

When you’re a journalist or work for the press, there may be times when you need to take extra cybersecurity precautions—more so than your Average Joe. Whether a reporter is trying to crowd-source information without revealing their story or operating in a country where freedom of the press is a pipe dream, cybersecurity plays an important role for any journ

When organization leaders think about cybersecurity, it’s usually about which tools and practices they need to add to their stack—email protection, firewalls, network and endpoint security, employee awareness training, AI and machine-learning technology—you get the idea. What’s not often considered is which items should be taken away. Nearly

Penetration testing is often conducted by security researchers to help organizations identify holes in their security and fix them, before cybercriminals have the chance. While there’s no malicious intent for the researcher, part of his job is to think and act like a cybercriminal would when hacking, or attempting to breach, an enterprise network. T

It’s Monday. On the West Coast, Black Hat is over and if you traveled, you should be home. If you didn’t travel, it’s still Monday and there are things to be done. And August starts tomorrow – so you might be thinking, “Bah, let’s get through August and then I’ll refocus.” Not so fast. This is a round tuit. Y

 The US Congress  decided to repeal an Internet privacy regulation passed under the Obama administration. For many, this is unsettling news. Trump has already initialed the controversial repeal, which allows Internet providers to store and sell users’ browsing histories. The previous regulation, however, required these companies to obtain permission fr

Sometimes you could be forgiven for thinking that the incessant overuse of the word ‘disruptive’ these days could do with some, well, disrupting of its own. So much is written, presented and marketed around apparently ‘disruptive’ use of technologies like AI, IoT and of course blockchain, when much of it could perhaps be better described as foundation innova

Data privacy is a concern for many Americans, but the U.S. Senate is on its way to putting your data at even higher risk of privacy issues. Current laws have broadband privacy rules in place that require Internet Service Providers to receive explicit consent from consumers before they can share or sell private information, such as web browsing data, to adver

A specialty practice in Texas has notified more than 200,000 patients of a ransomware attack that might have exposed their personal information.On 24 March, Urology Austin sent out notification letters to 279,663 patients informing them of an incident that occurred back in January. As quoted by DataBreaches.net:“On January 22, 2017, Urology Austin was