In Memoriam, Kurt Wimmer

One of the most important contributors to this blog will be laid to rest this morning, and I am absolutely gutted. For more than one decade, Kurt Wimmer was this blog and this blogger’s First Amendment defender and counsel. It was only with Kurt’s pro bono help and that of Jason Criss, and their...

Cyber Breach Disclosures Still Take More Than a Month

Vincent Ryan reports: After being discovered, cybersecurity breaches are not consistently disclosed promptly, found an Audit Analytics study of public companies released on Friday. On average, publicly held companies took 53 days to disclose a breach incident after discovering it. The 53-day average disclosure timeframe is less than the 10-year average of 67 days,...

Attackers deliver legal threats, IcedID malware via contact form

Sergiu Gatlan reports: … IcedID is a modular banking trojan first spotted in 2017 and updated to also deploy second-stage malware payloads, including Trickbot, Qakbot, and Ryuk ransomware. Recently detected by the Microsoft 365 Defender Threat Intelligence Team, this phishing campaign seems to have found a way to bypass contact forms’ CAPTCHA protection to flood enterprises with a...