The state government of Maine has announced a major cybersecurity incident, which may have exposed the personally identifiable information (PII) of nearly all of the state’s residents. “On May 31, 2023, the State of Maine became aware of a software...

In our industry, “data recovery” refers to the process of restoring data that has been corrupted, deleted, or made inaccessible for another reason (such as a media failure).  “Computer forensics” is related, but different: Forensics attempts to determine what happened...

Imagine that you’re sitting at your work computer when you receive an email:“Hey, it’s Bill — I’m the new guy in IT. I need your password so that I can set you up on the new sales system.”  You...

The terms ransomware and social engineering are sometimes used interchangeably, particularly in news articles about major ransomware attacks.  The confusion is understandable: Many bad actors use social engineering techniques to distribute malicious software. However, social engineering is an attack vector,...

Remote monitoring and management (RMM) software plays an essential role in many IT departments. With appropriate controls, an RMM solution enables teams to proactively monitor their systems, resolve issues, and handle other tasks — but RMMs can also introduce significant...

MGM Resorts International was allegedly victimized by a ransomware-as-a-service (RaaS) group on September 11, 2023, leading to the temporary shutdown of operations at numerous hotels and resorts.  https://twitter.com/MGMResortsIntl/status/1701256032369164399 “MGM Resorts recently identified a cybersecurity issue affecting some of the Company’s...

Several standards exist for secure data/media sanitization, but the most commonly cited standards are NIST SP 800-88.  Published by the National Institute of Standards and Technology (NIST), SP 800-88 defines processes for destroying data on hard disk drives (HDDs) and...

The Cuba ransomware Group, also known as Fidel, has modified their malware variant to exploit a vulnerability in Microsoft’s Windows Hardware Developer Program.  Contrary to its name, the Cuba group is believed to be based in Russia. For the past...

On Tuesday, August 8th, 2023, the White House held a cybersecurity summit to address a recent wave of ransomware attacks targeting U.S. schools.  According to The Hill, at least 48 school districts have been victimized by ransomware attacks in...

To address a ransomware attack, it’s vital to identify the attack vector. That’s not always easy: Ransomware groups may go to great lengths to hide their methods, particularly during targeted attacks.  However, the vast majority of incidents can be traced...