Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.
An internet-connected coffee machine is the latest IoT device to show security problems. The security firm Avast infected the Smarter Coffee machine with ransomware that causes uncontrollable spinning of its grinder and dispensing of hot water. The only option to stop it? Unplug the machine.
The Domain Name System, which is at the heart of the internet, is a rich source of data that can help organizations defend themselves against cybercrime. DNS pioneer Paul Vixie says monitoring DNS traffic is crucial, and it's advisable to run your own recursive resolver.
Reddit had a very "Make America Great Again" weekend, as more than 70 subreddits were temporarily hijacked and used to post "MAGA" messages in support of U.S. President Donald Trump. Attackers claim they used social engineering and password stuffing to compromise the accounts.
Chaos ensued when miscreants interrupted a virtual bail hearing on Wednesday for the suspected Twitter hacker, hijacking the feed with screams, chatter and, for a few brief seconds, pornography. The meeting details were public, and the meeting had not been password protected.
Cybercriminals are exploiting and using weak IoT devices in new ways, including as proxies for e-commerce fraud, says Allison Nixon of Unit 221b, who predicts that the next mass attack on the scale of Mirai will likely be way worse.
The U.S. Treasury Department is anticipating fraud as the IRS distributes about $300 billion in direct cash payments to Americans to provide economic relief during the COVID-19 pandemic. Russian-speaking fraudsters already appear to be trying to game the IRS's online systems, one security expert notes.
A long-running marketplace for selling stolen payment card data claims it has 30 million stolen payment cards that experts believe are linked to the breach at Wawa convenience stores late last year. The breach is one of the largest ever involving card-related data.
British regulators have fined Dixons Carphone $653,000 for a breach that exposed millions of payment card details and personal data due to point-of-sale malware. The retailer's lack of security contributed to a "careless loss of data," the Information Commissioner's Office says.
E-commerce sites have been under siege from cybercriminals who seek to sneak malicious code into checkout processes. A researcher has now found two new methods that payment card number thieves are using to try to stay under the radar.
Encrypted chat and messaging application Keybase has found out what happens when you wrap a cryptocurrency giveaway into your service. In short: Everyone comes out the woodwork to try to get a slice of the pie.
Adobe says its e-commerce Magento Marketplace has been breached, exposing usernames, email addresses and more. The software giant has yet to detail how many users were affected or the breach duration. Unfortunately, the stolen data could be used to fuel phishing attacks.
Fast-food chain Krystal says it's investigating a payment card "security ncident" that affected as many as 228 of its restaurants across southeastern U.S. states. The incident, which involves one of the company's payment card processing systems, ran from July through last month.
Click2Gov municipal payment portals for eight U.S. cities were compromised after an apparent vulnerability in the software. More than 20,000 stolen payment card records have turned up in underground markets, says Gemini Advisory.
Schools in Flagstaff, Arizona, were closed on Thursday after ransomware appeared on the district's network. Friday's classes were called off while the recovery effort continued.
More U.S. cities and other governmental units reportedly have been hit by ransomware in an unrelenting wave that has proved profitable for hackers. Here's a roundup of the latest incidents.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.