From their WatchBlog: Earlier this month, a software update from the cybersecurity firm CrowdStrike caused Microsoft Windows operating systems to crash—resulting in potentially the largest IT outage in history. Disruptions were widespread. Around the world, businesses and services were unable to operate as computers crashed, and some critical infrastructure sectors (like transportation, healthcare, and finance)…
Category: Commentaries and Analyses
EdTech, Impersonation, and Managing Risk
Bill Fitzgerald (@FunnyMonkey) has written a post that I wish all school districts would read, process, and follow up on. The following is just a snippet from his post: We should assume that the KnowBe4 impersonation and the xz incident are not isolated or unique, and that there are other similar attacks underway that are…
IBM: Cost of a breach reaches nearly $5 million, nearly $10 million for healthcare
Jonathan Greig reports on some of the significant findings in IBM’s new survey on the cost of a breach: Businesses that fall victim to a data breach can expect a financial hit of nearly $5 million on average — a 10% increase compared to last year — according to IBM’s annual report on cybersecurity incidents….
RADAR and DISPOSSESSOR shift to R-a-a-S model
In April, Jim Walter of SentinelOne wrote an article about how some ransomware affiliates were teaming up with others to get paid if they had been cheated by previous partners. Perhaps the best-known recent example of this occurred after ALPHV allegedly secured a $22 million ransoms from Change Healthcare and then absconded with the money…
Turning the tables: two gangs’ opsec fails exposed data; good guys deleted it
Yesterday’s Risky Biz News reported that threat intel firm DarkAtlas says it gained access to one of the Rclone data exfil servers used by the Medusa ransomware group. How many times have researchers uncovered exposed data and warned that threat actors might be able to acquire, manipulate, or delete data? In today’s post, we read…
ICO reprimands the Electoral Commission after cyber attack compromises servers
The U.K.’s Information Commissioner’s Office issued the following statement today: We have issued a reprimand to the Electoral Commission after hackers gained access to servers that contained the personal information of approximately 40 million people. In August 2021, hackers successfully accessed the Electoral Commission’s Microsoft Exchange Server by impersonating a user account and exploiting known…