New Zealand-based infosec firm Emsisoft, has issued a report on ransomware in the US during 2023, in which they are suggesting a ban on paying ransoms and the subsequent loss of revenue by the gangs would reduce ransomware attacks. The State of Ransomware in the U.S.: Report and Statistics 2023 …
Yet another way for ransomware gangs to extort you
I have written about three of the ways ransomware hackers can extort you in my Ransomware Primer Mini-Series: Now the ALPHV/BlackCat ransomware gang has come up with yet another method to get organisations to pay their ransoms. In the US there is a legal obligation for publicly traded companies to …
Continue reading “Yet another way for ransomware gangs to extort you”
UK Electoral Commission drag their feet…
A vast amount of data about UK citizens has been stolen from the UK Electoral Commission in a data breach, but it has taken them some time to let the public know they lost control of it: Public notification of cyber-attack on Electoral Commission systems What data has been compromised? …
WhatsApp user data stolen
I have just written about the information leak at NHS Lanarkshire because of the use of WhatsApp and I regularly talk about rogue Android apps that get into the Google Play Store – here I bring both of them together. A rogue app that steals WhatsApp user data: Hackers steal …
I have warned clients about this…
I have had various discussions with various clients about the use of WhatsApp. They like it as it is often already used by their people, works on Android and iPhones and they point me to the security WhatsApp advertises. I then point out that there is no accountability and Microsoft …
Apple and End-to-End Encryption
Apple has joined the debate about the UK government’s proposed bill to weaken every UK citizen’s privacy online, by threatening to pull affected Apple services from the UK market. As Apple (and several articles I have posted) state, laws already exist for the authorities to breach the privacy of citizens …
What happens when a company leaks data?
Of course the company reports the data security mistake to the Information Commissioner’s Office and takes whatever steps are necessary to fix the problem. They then probably release a press statement explaining how their client’s data security was not impacted by their breach and credit card details etc are safe. …