Caroline Byrne writes: One in five U.S. law firms were targeted in a cyberattack in the past year and nearly one in 10 lost data or suffered exposure, according to a comprehensive study by a Swiss tech company. The numbers, which demonstrate the extent to which the industry has become vulnerable to increasingly ruthless cybercriminals,…
Category: Commentaries and Analyses
Terrible tales of opsec oversights: How cybercrooks get themselves caught
Connor Jones reports: They say that success breeds complacency, and complacency leads to failure. For cybercriminals, taking too many shortcuts when it comes to opsec delivers a little more than that. In these cases, failure might mean the criminal doesn’t get access to the server with the most valuable data to copy, or fails to…
Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
When Cybernews published an article about a 16 billion credentials leak, some of us strongly criticized the article as irresponsible and misleading journalism. Although some people have tried to suggest that the Cybernews article had some value in highlighting infostealers, the article was so riddled with falsehoods and misleading statements that the confusion and misunderstandings…
France issues press statement about arrest of ShinyHunters members
French version. The English version is below. It’s interesting to note that IntelBroker was described as a British national who was arrested in France in February, 2025 and detained in pre-trial detention.
From $5,000 to $800,000: Days Apart, OCR Security Settlements Show Puzzling Math
More great reporting and analysis by Therese Defino of the Health Care Compliance Association (HCCA): A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different hospital…
Why Dumping Sensitive Data on Network Shares is a Liability
Kathryn M. Rattigan and Jim Merrifield of Robinson + Cole LLP write: Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents, spreadsheets, customer information, financial…