Vol. 5, Iss. 20
Costa Rica declares state of emergency over ransomware incidents. Civil penalties proposed for Colonial Pipeline over safety breaches.
Vol. 5, Iss. 18
Conti ransomware gang targets Costa Rica following election. Timeline of Russian cyberatacks against Ukraine. Facebook doesn't know where your data flows.
Vol. 5, Iss. 13
The rise, and fall?, of Lapsus$ as Okta confirm breach. US CNI cyberattack warning. Build capabilities, not plans for resilience.
Vol. 5, Iss. 12
Russia/Ukraine roundup. Mysterious incident affecting satcom terminals. Ransomware group adds wiper capability. Law firm gets GDPR fine for not patching.
Vol. 5, Iss. 7
Slovenian TV disruption. 500 ecommerce sites compromised by MageCart. 2021 was a bumper year for cyber M&A.
Vol. 5, Iss. 5
Activists ransomware Belarus' state-woned railway company. New UK cyber strategy for government. Let's Encrypt re-issuing 2M certs.
Vol. 5, Iss. 3
Russian authorities scoop up members of REvil. Google Analytics and GDPR. Using a cyberattack to accelerate dgitial transformation.
Vol. 5, Iss. 2
Potential FTC legal action over Log4shell. Phishing using Google Docs. New UK Information Commissioner. Reframing cybersecurity.
Vol. 4, Iss. 43
US bans sales of offensive cyber tools to authoritarian governments. REvil taken offline in multi-national operation. The MoD's economic warefare unit.
Vol. 4, Iss. 42
White House ransomware summit attended by over 30 countries. Client-side scanning (such as for CSAM) may undermine democracy. Don't view-source on Missouri state websites
Vol. 4, Iss. 40
Azure AD wasn't logging all failed SSO requests. Ransomware crew gets pissy. 'Monoculture' cyber risk.
Vol. 4, Iss. 39
'Releasing the hounds' on ranomware actors, though FBI involvement in Kaseya shows offnseive operations may already be underway.
Vol. 4, Iss. 28
More on Kaseya. The PrintNightmare continues. Farmers win 'right to repair' and Kaspersky's not-so-random number generator.
Vol. 4, Iss. 27
Kaseya VSA used to launch 'over 1,000' ransomware attacks. Security researchers cause PrintNightmare. EU grants UK data protection adequacy decision.
Vol. 4, Iss. 25
Suspected Cl0p members arrested. Ransomware is an 'urgent' threat to U.K. Balancing cyber supply and demand. And, Dear Intern...
Vol. 4, Iss. 24
EA games source code stolen. Apple's news privacy and security features. The FBI ran An0m encrypted comms app. Ransomware thinking.
Vol. 4, Iss. 23
The U.S. continues beef with Russian ransomware gangs. Colonial Pipeline was result of compromised creds. FireEye to divest name, products business.
Vol. 4, Iss. 21
Lots of ransomware: Ireland's HSE will not pay. Colonial coughed up $4.4M'. But there are Technology Detection Dogs. And they're very good dogs!
Vol. 4, Iss. 20
All the stats: it's DBIR time. Colonial Pipeline paid ransom, restored service and DarkSide disappeared. Being better at security engagement.
Vol. 4, Iss. 19
Responsible cyber power. Colonial Pipline shut down due to ransomware. Injecting malware C2 into legitimate traffic. Authentication using a severed thumb.
Vol. 4, Iss. 18
Babuk ransomware operators demand $50M from DC police. BoJo's phone number available online. Emotet deactivated. And, burrowing beavers.
Vol. 4, Iss. 17
Ransomware in Apple's supply chain. Facebook seeks to 'normalise' scraping. The balkanisation of the Internet has intelligence agencies worried. Cellebrite's iPhone unlocking system is full of vulnerabilities.
Vol. 4, Iss. 16
FBI gets a warrant to fix Hafnium web shells, becomes an MSSP. Sanctions for Russia over SolarWinds. Plus you cheddar believe there are some cheese puns.
Vol. 4, Iss. 14
The long-tail of ransomware recovery. PHP source code compromise. Exploiting 'safe' file formats. Risk margins and early risk management decisions.
Vol. 4, Iss. 13
FatFace IR comms 'confidential' while loosing 200GB data. Cyber insurer CNA may have been targeted for policy info. OSINT on the Ever Given.
Vol. 4, Iss. 6
SolarWinds caught up in second campaign against U.S. gov tied to China. Plus an interview with a ransomware operator and Canada declares Clearview AI is 'illegal'.
Vol. 3, Iss. 45
Nothing cyber happened in the US election. Corporate VOIP systems being targeted. Don't pay ransomware gangs to not leak your data.
Vol. 3, Iss. 43
DOJ charges Fancy Bear, Doubts over Trump's Twitter password, and digital dilemmas for charity donations.
Vol. 3, Iss. 41
Integrity in the UK Test & Trace scheme; ransomware attacks up 50%; a different type of lock-down.
Vol. 3, Iss. 40
US Treasury issues advisory over ransomware payments; Huawei code quality still really bad; and Singapore's consumer security labels.
Vol. 3, Iss. 38
Domain admin for EVERYONE! APT41/Winnti charged for cyber-espionage and activities against computer games companies. First death leading directly from cyber-attack :-(
Vol. 3, Iss. 35
Attempted $1M bribe of Tesla employee in ransomware campaign. NZX trading suspended for four days due to DDOS. Supply and demand in security budgets.
Vol. 3, Iss. 31
Ransomware payments encourage more ransomware attacks. EU cyber sanctions. Three charged in Twitter crypto-scam.
Vol. 3, Iss. 30
Garmin 'ran somewhere.' UK Test & Trace doesn't have a DPIA. Emotet serving up Hackerman memes.
Vol. 3, Iss. 23
REvil launch auction site, while Maze and LockBit team up to pool resources, know-how. Plus inside a BEC scam and DROP DATABASE tickets.
Vol. 3, Iss. 20
Pricing cyber risk from external data, attack on 'UK electricity system' and mining crypocurrency with supercomputers
Vol. 3, Iss. 19
Contact tracing apps, password reuse stats, law firm ransomware, and the integrity of systems
Vol. 3, Iss. 18
Mobile device management as a vector, turning antivirus against itself and ransomware's long game
Vol. 3, Iss. 5
Jumpshot reminds us security isn't privacy; whopping REvil ransom demands; and keep calm/cary on for DPOs.