Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.
Schools in Flagstaff, Arizona, were closed on Thursday after ransomware appeared on the district's network. Friday's classes were called off while the recovery effort continued.
An extraordinary iPhone hacking campaign revealed by Google last week may be linked to other Android spying campaigns focused on websites related to the Uyghurs, a Chinese Muslim minority group, and the East Turkistan region of China, according to new research from Volexity.
Foxit Software, the developer of popular PDF and document software, says user accounts were compromised in a breach. The company, which has 560 million users, isn't saying how the breach occurred, how many accounts were affected or for how long.
Bulgaria's Personal Data Protection Commission has fined the nation's tax agency $2.9 million for failing to stop a breach that leaked tax records for nearly all of the country's citizens. Meanwhile, prosecutors have filed related criminal charges against employees of a penetration testing company.
Facebook won a victory in Germany after a court suspended an order from the Federal Cartel Office that sought to prohibit the social network from aggregating personal data from other services and sources. The Cartel Office plans to appeal the ruling.
Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz. I. Here are some points to keep in mind when drafting a program.
Apple released a patch on Monday that fixes a bug it accidentally reintroduced in a previous patch update. The flaw allowed iOS enthusiasts to jailbreak their up-to-date devices, but also could have been put to malicious use by hackers.
Web hosting company Hostinger has reset all customer passwords after one of its databases was breached, affecting 14 million accounts. The intruder gained access to an authorization token that allowed access to a customer database, the company says.
The transition to cloud-based software and infrastructure has revolutionized development and services. It's also created a bevy of new security challenges. Jay Heiser of Gartner says if organizations don't get cloud security right, it's their own fault. Here's why.
Progressive companies seeking to improve their security are increasingly adopting bug bounty programs. The theory is that rewarding outside researchers improves security outcomes. But in practice, bug bounty programs can be messy and actually create perverse incentives, says bug-hunting expert Katie Moussouris.
Deception technology is attractive in that it offers - in theory - low false positives and critical clues to attackers' methodologies. But the benefits depend on its ability to fool attackers and whether organizations can spare the time to fine-tune it.
A South Korean company that makes a biometric access control platform exposed fingerprint, facial recognition data and personal information after leaving an Elasticsearch database open, security researchers say. They found 23GB of data belonging to organizations that use Suprema's BioStar 2 system.
Choice Hotels says about 700,000 guest records were exposed after one of its vendors copied data from its systems. Fraudsters discovered the unsecured database and tried to hold the hotel chain to ransom, which it ignored.
The U.S. Securities and Exchange Commission is investigating the exposure of personal and mortgage-related records from First American Financial Corp., according to security blogger Brian Krebs. First American spent $1.7 million on the incident in its second quarter, but investigations and lawsuits are looming.
Apple is opening up its bug bounty program to all researchers, increasing the rewards and expanding the scope of qualifying products in a bid to attract tips on critical software flaws. The changes were announced at last week's Black Hat security conference in Las Vegas.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.