Satoshi Nakamoto — the pseudonym used by the founder of Bitcoin — is a little bit richer this week.  On Friday, January 5, Nakamoto’s first cryptocurrency wallet received a deposit of 26.9 bitcoin (BTC). The transaction was valued at about...

A team from Security Research Labs (SRL) has released a set of free decryption utilities for victims of specific Black Basta ransomware attacks.  Of course, the tools are not perfect: Data recovery depends on the size of the file and...

The Department of Justice (DOJ) has announced a disruption campaign against ALPHV, a ransomware group responsible for hundreds of attacks on businesses and critical U.S. infrastructure. ALPHV, also known as Blackcat or Noberus, is a ransomware-as-a-service (RaaS) gang. RaaS groups...

The state government of Maine has announced a major cybersecurity incident, which may have exposed the personally identifiable information (PII) of nearly all of the state’s residents. “On May 31, 2023, the State of Maine became aware of a software...

In our industry, “data recovery” refers to the process of restoring data that has been corrupted, deleted, or made inaccessible for another reason (such as a media failure).  “Computer forensics” is related, but different: Forensics attempts to determine what happened...

Imagine that you’re sitting at your work computer when you receive an email:“Hey, it’s Bill — I’m the new guy in IT. I need your password so that I can set you up on the new sales system.”  You...

The terms ransomware and social engineering are sometimes used interchangeably, particularly in news articles about major ransomware attacks.  The confusion is understandable: Many bad actors use social engineering techniques to distribute malicious software. However, social engineering is an attack vector,...

Remote monitoring and management (RMM) software plays an essential role in many IT departments. With appropriate controls, an RMM solution enables teams to proactively monitor their systems, resolve issues, and handle other tasks — but RMMs can also introduce significant...

MGM Resorts International was allegedly victimized by a ransomware-as-a-service (RaaS) group on September 11, 2023, leading to the temporary shutdown of operations at numerous hotels and resorts.  https://twitter.com/MGMResortsIntl/status/1701256032369164399 “MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s...

Several standards exist for secure data/media sanitization, but the most commonly cited standards are NIST SP 800-88.  Published by the National Institute of Standards and Technology (NIST), SP 800-88 defines processes for destroying data on hard disk drives (HDDs) and...