Robert Lemos

In October 2015, hackers compromised the Website of British telecommunications firm TalkTalk, likely using one of 11 known vulnerabilities in the site to steal the personal details of 157,000 customers, including bank-account information on more than 15,000 people. Earlier this month, the bill for the lapse in security came due: The company saw its profits […]

The number of distinct Website links in phishing attacks jumped by more than 150 percent in five months, showing that phishing remains a major vector of compromise, the Anti-Phishing Working Group stated in a report released on May 24. In March 2016, phishing emails seen by APWG members contained more than 123,000 unique URLs, up […]

In early February, online thieves were close to stealing nearly a billion dollars from the international banking transfer system run by the Society for Worldwide Interbank Financial Telecommunication (SWIFT) Alliance. They were stopped, not by the latest in defensive technology nor a well-honed security process, but by a typo. An error in the name of […]

In February, teachers at the 53 schools in Horry County, S.C., arrived at work to find they could not access the data on their computers. The first teacher to contact the IT department complained that she could not open her documents and presentations, and they had filenames ending with a .encryptedRSA extension. As other teachers […]

Bluelock, an Indianapolis-based cloud provider of disaster recovery services, has had to struggle to attract the right security staff to help the company develop and manage its cloud service. Being based in the Midwest, the company has to compete against both the West Coast and East Coast for talent. As Indianapolis becomes more of a […]

While the theft of medical information from health care organizations has become commonplace and prompted some companies and hospitals to strengthen information-security practices, the industry overall remains behind in protecting patient data and budgets remain flat, according to a survey co-authored by the Ponemon Institute and ID Experts. Based on multiple interviews with 91 health […]

Two databases collecting hundreds of millions of compromised credentials—usernames and passwords stolen by attackers or leaked to the Web—were exposed this week in separate incidents. On May 5, security services provider Hold Security reported that a Russian hacker had given the firm a database of 272 million unique credentials, more than 42 million of which […]

The Lansing Board of Water & Light (BWL), a public utility serving Lansing, Mich., is currently cleaning up its administrative systems after an undisclosed number of computers were infected with ransomware. While the attack, first detected on April 25, continues to impact BWL’s administrative services, the non-profit municipal utility stressed that the cyber incident “should […]

The Pentagon’s bug bounty program hit its midway point this past week, and already the initiative is, in some ways, a success. More than 500 security researchers and hackers have undergone background checks and begun to take part in the search for security flaws, according to HackerOne, the company managing the program. The “Hack the […]

When Hollywood Presbyterian Medical Center admitted in February to paying a $17,000 ransom to decrypt data scrambled by malware, the only surprise was that the hospital’s ordeal had become public. Health care organizations, such as HPMC, are under attack by cyber-criminals looking for easy money and nation-state actors seeking data. More than half of all […]