Month: January 2023

Ransomware Payments Are Down

Posted on By infossl
crime, cryptocurrency, cybercrime, extortion, ransomware, Security technology, Uncategorized

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before. As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that … Read More “Ransomware Payments Are Down” »

NIST Is Updating Its Cybersecurity Framework

Posted on By infossl
cybersecurity, national security policy, nist, Security technology, Uncategorized

NIST is planning a significant update of its Cybersecurity Framework. At this point, it’s asking for feedback and comments to its concept paper. Do the proposed changes reflect the current cybersecurity landscape (standards, risks, and technologies)? Are the proposed changes sufficient and appropriate? Are there other elements that should be considered under each area? Do … Read More “NIST Is Updating Its Cybersecurity Framework” »

Kevin Mitnick Hacked California Law in 1983

Posted on By infossl
A Hacker's Mind, courts, hacking, Security technology, Uncategorized

Early in his career, Kevin Mitnick successfully hacked California law. He told me the story when he heard about my new book, which he partially recounts his 2012 book, Ghost in the Wires. The setup is that he just discovered that there’s warrant for his arrest by the California Youth Authority, and he’s trying to … Read More “Kevin Mitnick Hacked California Law in 1983” »

US Cyber Command Operations During the 2022 Midterm Elections

Posted on By infossl
cyberattack, cybersecurity, hacking, national security policy, Security technology, Uncategorized, voting

The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. He didn’t name names, of course: We did conduct operations persistently to make sure that our foreign adversaries couldn’t utilize infrastructure to impact us,” said Nakasone. … Read More “US Cyber Command Operations During the 2022 Midterm Elections” »

Bulk Surveillance of Money Transfers

Posted on By infossl
law enforcement, national security policy, privacy, Security technology, surveillance, Uncategorized

Just another obscure warrantless surveillance program. US law enforcement can access details of money transfers without a warrant through an obscure surveillance program the Arizona attorney general’s office created in 2014. A database stored at a nonprofit, the Transaction Record Analysis Center (TRAC), provides full names and amounts for larger transfers (above $500) sent between … Read More “Bulk Surveillance of Money Transfers” »

Publisher’s Weekly Review of A Hacker’s Mind

Posted on By infossl
A Hacker's Mind, books, Schneier news, Security technology, Uncategorized

Publisher’s Weekly reviewed A Hacker’s Mind—and it’s a starred review! “Hacking is something that the rich and powerful do, something that reinforces existing power structures,” contends security technologist Schneier (Click Here to Kill Everybody) in this excellent survey of exploitation. Taking a broad understanding of hacking as an “activity allowed by the system that subverts … Read More “Publisher’s Weekly Review of A Hacker’s Mind” »