David Bisson is an information security writer and security junkie. He's a contributing editor to IBM's Security Intelligence and Tripwire's The State of Security Blog, and he's a contributing writer for Bora. He also regularly produces written content for Zix and a number of other companies in the digital security space.
The way to stop complex RansomOps attacks is ultimately financial: make the cost too high, the revenue too small, and the initiative too risky. Those are the levers we must use, and the revenue part is a big one...
August 12, 2021 / 4 minute read
The enormity of the cybercrime ecosystem makes it nearly impossible to recover most ransoms - that’s the way things stand now...
June 8, 2021 / 3 minute read
There have been significant advances in EPP to better prevent ransomware, but quality EDR is the ransomware killer that can counter its proliferation...
May 24, 2021 / 3 minute read
Cybereason CSO Sam Curry shares insights on the news that attackers publicly exposed information from 533 million Facebook users based in 106 countries, including phone numbers, Facebook IDs, birthdates, bios, full names and locations. The dumped data also included the email addresses for a portion of the affected users.
April 5, 2021 / 3 minute read
The US-based technology company explained in its statement that it had found no evidence of those responsible for the intrusion having misused a user account or having gained access to its databases - but according to the whistleblower, this isn’t what happened...
March 31, 2021 / 3 minute read
Complaints represented a 69% increase over 2019, and Cybereason CSO Sam Curry suspects that the reported losses likely represent just a fraction of the actual costs to Americans in 2020...
March 31, 2021 / 3 minute read
“It’s one thing to have solutions in place that can detect one component of an attack, but it’s another thing to understand that individual events represent aspects of a larger malicious operation." Yonatan Striem-Amit, CTO and co-founder of Cybereason
March 15, 2021 / 3 minute read
Digital attackers compromised the live feeds of 150,000 surveillance cameras made by enterprise security camera system manufacturer Verkada.
March 11, 2021 / 3 minute read
Kia Motors America stated that a ransomware attack was not the apparent cause of an extended systems outage affecting the automobile dealer’s IT systems. It all started with an error message…
February 19, 2021 / 3 minute read
"The size of the leak is not as important as the substance... The big concern here is where that data went and how threat actors might use it." ~Sam Curry, Cybereason CSO
February 17, 2021 / 3 minute read
An attacker group published information stolen from two healthcare service providers in a reported attempt to extort them for money.
February 8, 2021 / 3 minute read
Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency (CISA), said in an interview that 30% of victims weren’t running SolarWinds’ Orion platform but suffered a compromise anyway.
February 3, 2021 / 3 minute read
The United Kingdom’s National Health Service (NHS) warned that scammers are in the process of sending out fake COVID-19 vaccine invitations.
February 1, 2021 / 3 minute read
Law enforcement entities and judicial authorities located around the world succeeded in disrupting the Emotet botnet’s infrastructure through a coordinated takedown effort.
January 28, 2021 / 3 minute read
“What matters is whether this is useful to Biden as a tool for his strategy, not the parting shot of the outbound President. This is a chip in a political game and not significant to cyber security unless there’s momentum and more to follow. It’s all up to Biden now...”
January 22, 2021 / 3 minute read
In a December 31 blog update, Microsoft revealed that its investigation into Solarwinds had found no evidence of unauthorized access to its production services or customer data, but that effort did uncover another attack attempt.
January 5, 2021 / 3 minute read
