Although a patch has been available by VMware since May 25, 2021, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and Cyber Command this week urged users of VMware to update and apply a fix to software that is used to manage virtual machines in data centers.

The warning states, “Please patch

The FBI recently issued a Flash Alert to Fortinet Fortigate users that Advanced Persistent Threat (APT) groups are continuing to exploit devices that have not been patched. Although Fortinet issued patches for these vulnerabilities in 2018, 2019, and 2020, many organizations have not applied the patches.

The exploitations are random,  not against specific industries or

In an unusual and exciting twist to the Colonial Pipeline ransomware attack, the Department of Justice (DOJ) announced this week that it was able to retrieve $2.3 million of the $4.4 million paid by Colonial Pipeline to DarkSide by seizing the wallet, and thus “preventing Darkside actors from using it.”

Way to go DOJ and

After the attacks on JBS and Colonial Pipeline, the U.S. Treasury Department will likely consider increasing its enforcement of anti-money-laundering laws and adopt new reporting requirements for cryptocurrency transactions.

In ransomware attacks, hackers demand payments after locking victims out of their computer networks; de-anonymizing payments could create a disincentive for these hackers to continue pushing

Since the Colonial Pipeline and JBS meat manufacturing security incidents, attention is finally being paid to the cybersecurity vulnerabilities of critical infrastructure in the U.S. and in particular, the potential effect on day to day life and national security if large and significant manufacturers’ production are disrupted. In the wake of these recent incidents in

The City of Tulsa, Oklahoma, announced on May 9, 2021, that it had been hit with a ransomware attack, but the Mayor is resolute in not paying the demanded ransom. Although “all of our computer systems—with a few exceptions—are down right now,” the Mayor has stated that he will “not pay a nickel” to the

Colonial Pipeline was hit with a proposed class action suit this week by a resident of North Carolina who alleges that he had to purchase gasoline at inflated prices due to the “unlawfully deficient data security” of Colonial, which allowed a ransomware attack to shut a pipeline down.

According to allegations in the suit, the

Colonial Pipeline paid hackers a ransom of $4.4 million in bitcoin soon after discovering a cybersecurity hack on its systems that began on May 6.  The company’s acknowledgement comes after days of speculation about whether a ransom was paid to the hackers.  The company’s CEO defended the “difficult” decision to pay the ransom, maintaining he

If you have been following Verizon’s annual data breach investigation reports like I have over the years, you get excited when the new one comes out. If you have never read the report, now’s your chance, as the 2021 report was just released.

Although chock-full of information, the Verizon Data Breach Investigations Report (DBIR) is