What is a data breach?

A data breach is a security incident in which a malicious actor breaks through security measures to illicitly access data.  

Data about individuals—names, birthdates, financial information, social security numbers and driver’s license numbers, and more—lives in innumerable copies across untold numbers of servers at private companies, public agencies, and in the cloud. If someone who isn’t authorized to access personally identifiable information (PII) manages to get a look at it, that can have dire consequences both for the individual and for the organization that stored the data and was supposed to keep it safe.

To read this article in full, please click here

Read More

Since early 2021 researchers have observed multiple attack campaigns by state-sponsored advanced persistent threat (APT) groups aimed at journalists and the media organizations they work for. The attacks targeted their work emails and social media accounts and often followed journalists’ coverage of stories that painted certain regimes in a bad light or were timed to sensitive political events in the U.S.

Journalists have always been an appealing target for spies due to the access they have to sensitive information and the trust that organizations and individuals generally place in them, which is why it’s imperative for members of the media to undergo online security training and be aware of the techniques used by state-linked hackers.

To read this article in full, please click here

Read More

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released the first report of the Cyber Safety Review Board (CSRB), formed in February as directed under President Biden’s May 2021 cybersecurity executive order. The public-private board comprises top cybersecurity personnel in the federal government and selected private sector information security professionals.

To read this article in full, please click here

Read More

4500 transplant participants have been warned about a privacy breach affecting their healthcare information

Read More

A US debt collector has reported a breach of 1.9 million healthcare records across 650 providers

Read More

This is a current list of where and when I am scheduled to speak:

I’m speaking as part of a Geneva Centre for Security Policy course on Cyber Security in the Context of International Security, online, on September 22, 2022.
I’m speaking at IT-Security INSIDE 2022 in Zurich, Switzerland, on September 22, 2022.

The list is maintained on this page.

Read More

The BlackCat ransomware group has deployed a new binary to help with its intrusion efforts

Read More