Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.
There's often a dangerous trade-off made between convenience and security. That's illustrated no better than by a recent issue patched by Microsoft. It's an attack so devilishly smooth that it's a wonder hackers had not figured it out before.
Ransomware is devastating, and current security software doesn't do a great job of stopping it. But researchers say ransomware's behavior - quickly encrypting large volumes of files before users have time to react - could be the key to solving this epidemic.
Google has launched a two-year Chrome trial aimed at safeguarding the Internet against quantum computers, which security experts predict will shred all data safeguarded using current crypto techniques.
Nationwide fast food chain Wendy's has revised from 300 to 1,025 the number of restaurants that suffered payment card compromises. Investigators say the breach was more severe than they first believed, and involved two separate waves of point-of-sale malware attacks.
Cisco's Talos research unit says it has found evidence of ties between operators of the Angler exploit kit and a group of Russians that used the Lurk malware to loot banks in the country.
Security vendors are issuing warnings about two new types of dangerous Mac malware - Eleanor and Keydnap - which serve as a reminder that it's not just Windows users coming under fire from malicious software developers and tricksters.
Endpoint protection vendors compete fiercely for customers, and allegations of impropriety are common among rivals. The latest battle pits Sophos against Cylance. Whose version of the story is the truth?
While malware may be used for an initial attack, hackers quickly begin using tools to move around networks that often don't raise suspicion. Here's what to look out for to detect a "low and slow" attack.
The MySpace and LinkedIn data dumps have been made available by a security researcher on his website, which is perhaps the most easily accessible source for obtaining it. But does it put people at greater risk?
Google Project Zero researcher Tavis Ormandy has once again found major vulnerabilities in Symantec's security products. Symantec has released updates, but not all will install automatically - some vulnerable products must be manually updated.
An individual claiming to be the hacker who posted four healthcare databases on the dark web reveals some of his tactics. We take a close look at the risks posed to one affected clinic, which faces a ransom demand.
While PCI compliance is a priority for many U.S. retailers, some major companies in Australia say they'd rather forego the cost of compliance and risk the possibility of steep fines if a card breach occurs.
Comodo made no new friends last week when it claimed that a nonprofit project, Let's Encrypt, stole its business model. Now, the digital certificate giant says it will not pursue applications aimed at securing trademarks using the phrase "Let's Encrypt."
In an in-depth interview, Michael Sentonas of breach response specialist CrowdStrike discusses how a focus on malware detection may still be leaving organizations exposed and describes the firm's new efforts in the Asia-Pacific region.
Let's Encrypt is crying foul over trademark applications made by Comodo that use the nonprofit project's name. Comodo is refusing to back down, which has drawn the large digital certificate vendor wide criticism.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
