Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.
Cloud-connected stuffed animals built by Spiral Toys include an unsecured Bluetooth implementation that could be used to locally spy on anyone near the toys, a security research firm warns. It alleges that Spiral Toys has failed to respond to warnings it began issuing in October 2016.
A one-character coding error by Cloudflare exposed data - that otherwise would have been encrypted - from major web services, putting personal information, chat messages, OAuth tokens, encryption keys and cookies at risk.
A federal judge in Illinois has rejected part of a search warrant application that would allow police to force anyone present at the time of a raid to use their fingerprints to unlock digital devices. But the decision far from resolves the issue of law enforcement's efforts to overcome encryption.
Verizon will pay $350 million less for Yahoo than it first offered because the deal subsequently became tainted by three data breach disclosures. Yahoo's lower value is a study in how data breaches can impact big business transactions.
Megaupload Founder Kim Dotcom plans to appeal a New Zealand High Court ruling that found him and three colleagues eligible for extradition to the U.S. The four men are charged with profiting by allowing the trade of copyright-protected content on their file-sharing platform.
Will customers leave a banking institution after an unauthorized charge on a credit card or a strange debit from an account? A new study shows some will, even if they get a refund for the fraud losses.
New York has become the first state to impose a cybersecurity regulation on financial institutions and insurers. Will other states follow with their own regulations to strengthen security in these business sectors?
Are there rules in cyberspace? There aren't many, but Microsoft is proposing a "Digital Geneva Convention" that would set some internet norms for countries to help prevent unfair targeting of civilians.
Australia's Parliament has passed a mandatory data breach notification law that requires some organizations to tell consumers and regulators about an incident within 30 days or face hefty fines. But one security expert says the law has gaps that could pose risks.
A large malware campaign first discovered in Poland may have affected financial institutions in 31 countries. Technical clues point toward the Lazarus group, believed to be linked to North Korea, which used the Sundown exploit kit, researchers say. But attributing cyberattacks is tricky.
New Zealand's privacy commissioner is recommending new civil penalties against companies of up to NZ$1 million (US$718,000) for a "serious" data breach in light of sterner penalties adopted by Australia and the European Union.
Dozens of banks, governments and telecommunications companies have been struck by fileless malware, which resides in memory and leaves few traces for investigators, according to Kaspersky Lab. The use of open-source tools and utilities makes the attacks difficult to detect.
Harold Thomas Martin III, a former Booz Allen Hamilton contractor, has been indicted on 20 counts of stealing classified documents from a range of U.S. intelligence agencies. He faces up to 200 years in prison.
The American Bankers Association has started collecting more detailed information on attacks against ATMs in hopes of improving the industry's preparedness.
The House has passed a privacy bill that would strengthen the legal protection afforded to emails older than 180 days. The bill now moves to the Senate, where it died last year after some senators tacked on controversial, privacy-eroding amendments.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
