Category Archives: Information Security News

Krebs on Ransomware

– The Krebses—Chris and Brian—are not related, but they have both come out with positions on ransomware. Chris was the former head of DHS’s CISA (Cybersecurity & Infrastructure Security Agency), and Brian is a journalist and much-admired author (by me and many others) of the outstanding…

Solar Winds Blow Hard

– Unbelievable! But true. The enormous hack, purportedly by Russia (per Secretary of State Mike Pompeo and others), of major U.S. government agencies and the U.S.’s biggest corporations—apparently some 18,000 organizations according to the software maker—came through malware planted in updates…

CISA and Desist

– It’s an old joke: “Heads I win, tails you lose,” but it can also play out in reality. How often do cybersecurity professionals end up on the wrong side of that bet? CISOs (Chief Information Security Officers) don’t seem able to get a break. They invariably get blamed, and sometimes fired,…

The Massive Shift to Cyber Crime

– There is a cartoon in The New Yorker of March 30, 2020 showing four mobsters, one with a gun, sitting around a table. The caption reads: “For health and safety reasons, we’ll be transitioning to cyber crime.” You can see the cartoon at https://www.newyorker.com/cartoon/a24009 No kidding! The…

Y2K … Two Decades Later

– Why didn’t I use the title “Y2K at Twenty” for this column to match “The FS-ISAC at Twenty” that was posted on BlogInfoSec on January 6, 2020? Good question … easy answer. Because The New York Times commandeered “Y2K @ 20” for their online presentations. I will get to one of…