Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.
If Yahoo's 2014 breach had been the result of an in-house Russian intelligence project, the hack probably would not have triggered a U.S. indictment. But Russia has landed in a muddy puddle after apparently tapping freelance talent with an interest in criminal gain.
FireEye's Mandiant investigative unit is seeing a revival in tried-and-true hacking techniques, ranging from social engineering to the snatching of OAuth tokens. Why are these old techniques still working?
Canadian authorities narrowly escaped a data breach by stopping an intrusion at the country's statistics agency. The cyberattack used a zero-day vulnerability in Apache Struts 2, which has now been patched.
A groundbreaking study from RAND Corporation quantifies the stakes around how zero-day software vulnerabilities get discovered and persist, bringing hard facts to bear on related - and contentious - debates surrounding vulnerability disclosure and public safety.
Confide, an encrypted messaging application, received a surge of attention after White House officials began using it for leaks. But a teardown of the app by two security firms revealed a raft of serious security issues.
A new release from WikiLeaks - of what's alleged to be classified material from the CIA - has seemingly exposed some of the agency's most sensitive hacking projects and malware capabilities. Technology experts are scrambling to assess the impact, as well as WikiLeaks' claims.
One of the world's allegedly most prolific spamming operations inadvertently left backup databases accessible online, exposing upwards of 1.37 billion records and a raft of internal company information.
The U.S. government has opted to drop an indictment against a child pornography suspect rather than reveal the software exploit used to identify him. The case highlights how the use of legal hacking techniques by law enforcement agencies can create complications in court.
In the history of data breaches, Cloudflare's recent breach was strikingly unique, in that a software bug caused a random regurgitation of data from server memory. But a postmortem from CEO Matthew Prince should put most people's concerns to rest.
Cloud-connected stuffed animals built by Spiral Toys include an unsecured Bluetooth implementation that could be used to locally spy on anyone near the toys, a security research firm warns. It alleges that Spiral Toys has failed to respond to warnings it began issuing in October 2016.
A one-character coding error by Cloudflare exposed data - that otherwise would have been encrypted - from major web services, putting personal information, chat messages, OAuth tokens, encryption keys and cookies at risk.
Verizon will pay $350 million less for Yahoo than it first offered because the deal subsequently became tainted by three data breach disclosures. Yahoo's lower value is a study in how data breaches can impact big business transactions.
Megaupload Founder Kim Dotcom plans to appeal a New Zealand High Court ruling that found him and three colleagues eligible for extradition to the U.S. The four men are charged with profiting by allowing the trade of copyright-protected content on their file-sharing platform.
Will customers leave a banking institution after an unauthorized charge on a credit card or a strange debit from an account? A new study shows some will, even if they get a refund for the fraud losses.
Are there rules in cyberspace? There aren't many, but Microsoft is proposing a "Digital Geneva Convention" that would set some internet norms for countries to help prevent unfair targeting of civilians.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.in, you agree to our use of cookies.