Weekly Cyber Risk Roundup: Million Dollar Extortion Payments and TheDarkOverlord Loses Credibility

Ransomware made headlines this past week due to several infections that disrupted business operations, as well as a million dollar extortion payment that was negotiated by South Korean web hosting firm Nayana after its servers were infected with Erebus Ransomware on June 10. Nayana said the payment was necessary to restore 150 servers and the… Read More

Preparedness & Cyber Risk Reduction Part Four: Awareness and Operational Training

In our ongoing series on Preparedness & Cyber Risk Reduction, we’ve discussed an “Introduction to the Preparedness Cycle” and we’ve explored the topics of preparedness and operational planning, and organizing and equipping. In our sustained effort to reduce risk through proper preparedness, we’ll tackle the next critical step in the Preparedness Cycle — training. To… Read More

Weekly Cyber Risk Roundup: Industroyer Malware and Fines for Delayed Breach Notification

Ukrainian power utility Ukrenergo was back in the news as the top trending cybercrime target after researchers analyzed new samples of a destructive malware, dubbed “Win32/Industroyer,” which they said was likely used in the December 2016 attack against the Ukrainian power grid. “Industroyer is a particularly dangerous threat, since it is capable of controlling electricity… Read More

Preparedness & Cyber Risk Reduction Part Three: Organize & Equip

In Parts One and Two of this blog series, “Introduction to the Preparedness Cycle,” we took a general look at threats, risks and preparedness, as well as a slightly deeper look into planning — both preparedness and operational planning — to minimize the likelihood and impacts of the undesired threats that have the potential to… Read More

Weekly Cyber Risk Roundup: ‘Staggering’ Amount of Data Exposed and Hacks Lead to Fake News

Organizations are making it easy for cybercriminals by putting vast amounts of sensitive data at risk due to improper security configurations, various researchers recently warned, and this past week saw several new data breaches announced due to the public exposure of sensitive customer, patient, and other internal data. The first warning came from Appthority, which… Read More

TheDarkOverlord Targets Entertainment Sector with Leak of Unaired ABC Show

On Monday, the extortion group known as TheDarkOverlord released the first eight episodes of ABC’s soon-to-be-aired television show “Steve Harvey’s Funderdome” on the torrent site The Pirate Bay. The leak of the ABC show follows a similar failed extortion attempt and subsequent leak of the first ten episodes of Netflix’s upcoming season of “Orange is the… Read More

Weekly Cyber Risk Roundup: Chipotle and Kmart Announce POS Breaches

Payment card breaches were back in the news this week as both Chipotle and Kmart announced point-of-sale breaches affecting a number of locations. The Chipotle incident, which was first disclosed on April 25, appears to be the larger of the two breaches. A recent company update on the breach said it now includes most of… Read More

Preparedness & Cyber Risk Reduction Part Two: Preparedness and Operational Planning

In part one of this blog series, “Introduction to the Preparedness Cycle,” we took a general look at threats, risks, and preparedness. Recognizing that there will be undesired threats that develop into disruptions and other “unwanted outcomes” impacting our organizations’ people, information, operations, and/or facilities, we want to be ready and resilient — ideally preventing… Read More