Weekly Cyber Risk Roundup: Yahoo’s Value Drops and New Regulations

Yahoo is once again back in the news for a variety of reasons, including a reported third data breach. However, it appears the reports of a “new breach” stem from additional notifications that were sent to some users on Wednesday regarding forged cookies being used to access accounts. Yahoo first disclosed that it was notifying… Read More

Weekly Cyber Risk Roundup: New PoS Breaches and Simple Attacks

The week’s top trending event was the compromise at Freedom Hosting II, which has been estimated to host as much as 20 percent of active dark web sites. As a result, thousands of dark web sites were taken offline, and the stolen data has since been widely shared. Security researcher Troy Hunt, who reviewed some… Read More

Weekly Cyber Risk Roundup: Ransomware and Insecure Databases Dominate Headlines

Ransomware and extortion continue to dominate the headlines in 2017. The past week saw several widely reported incidents involving service outages and lost data due to infections, as well as warnings that malicious actors are attempting to extort organizations via the threat of DDoS attacks. The Austrian hotel Romantik Seehotel Jägerwirt paid approximately $1600 in… Read More

Weekly Cyber Risk Roundup: DDoS Attacks Disrupt Services and SEC Probes Yahoo

A series of distributed denial-of-service (DDoS) attacks against financial institutions led to customers of Lloyds Banking Group experiencing intermittent outages over a 48-hour period and was the top trending cybercrime event over the past week. The Guardian reported that the attacks hit Lloyds, Halifax and Bank of Scotland from January 11 to January 13. IBTimes… Read More

Weekly Cyber Risk Roundup: Ransomware Disrupts Organizations and Massive Data Leaks

Extortion is once again the top trending cybercrime issue as concern continues around the theft, destruction and blackmail related to thousands of insecure MongoDB, Elasticsearch, CouchDB and Hadoop Distributed File System installations. While those stories led much of the past week’s discussion, there was also a steady stream of reports of organizations being infected with… Read More

Weekly Cyber Risk Roundup: More Extortion and Marijuana Retailers’ Woes

Extortion continues to dominate the cybercrime headlines in 2017 with the week’s top two trending targets being the successful ransom at Los Angeles Valley College and continued extortion attempts around MongoDB databases. It was less than a year ago that Hollywood Presbyterian Medical Center became a national news story by paying a $17,000 ransomware demand… Read More

Weekly Cyber Risk Roundup: Russian Hacking and New Extortion Campaigns

This week’s top trending cybercrime story is a hack that wasn’t: Vermont’s Burlington Electric Department. A December 30 Washington Post story falsely claimed that Russian threat actors had penetrated the U.S. power grid via the Vermont utility. That story has since been widely debunked, as the alleged international hacking incident was set off by a… Read More

Weekly Cyber Risk Roundup: Unique Cyber-Attacks and Insider Theft

Yahoo remained as the top trending cybercrime target due to a data breach affecting more than a billion accounts. The breach is so large that regulators such as the FTC and SEC are facing uncharted territory when it comes to potential fines or other consequences related to the incident, Vice News reported.   Looking beyond… Read More

Weekly Cyber Risk Roundup: Largest Breach Ever and Law Firm Lawsuits

On Wednesday, Yahoo announced a data breach that affects more than one billion user accounts. The intrusion, which Yahoo believes occurred in August 2013, comes just months after the company announced a separate breach involving “at least 500 million user accounts.” The new breach was discovered after law enforcement received Yahoo data from a third… Read More

Weekly Cyber Risk Roundup: Another Botnet and the Gamification of Cybercrime

Botnets were once again front-and-center this past week as new developments were announced by security researchers, malicious actors and government officials. To start, CloudFlare observed a ten-day long series of distributed denial-of-service (DDoS) attacks that have generated as much as 400 Gbps in traffic, sparking fears of yet another massive botnet that can disrupt organizations.… Read More