The Biggest Cybersecurity Crises of 2019 So Far

Six months of 2019 are on the books already, and certainly there have been six months' worth of data breaches, supply chain manipulations, state-backed hacking campaigns, and harbingers of cyberwar to show for it. But the hallmark of 2019, perhaps, is feeling like the worst is yet to come. Ransomware is an ever-growing threat, corporate and US government security is still a mess, and geopolitical tensions are rising worldwide. Before we see what the future holds, though, let's recap some of the major cybersecurity incidents that have cropped up so far this year. US Customs and Border Protection Contractor Perceptics In May, a surveillance contractor for Customs and Border Protection suffered a breach and hackers stole photos of travelers and …

Ransomware Hits Georgia Courts as Municipal Attacks Spread

Ransomware has no shortage of cautionary tales and wakeup calls from the past decade. But for local governments, this past year has been a particularly brutal reminder of the threat. Following a 2018 attack that paralyzed the City of Atlanta for weeks, more than half a dozen cities and public services across the country have fallen to ransomware so far in 2019, on a near-monthly basis; the Administrative Office of the Georgia Courts became the latest victim on Saturday, when an attack knocked its systems offline. The string of attacks on municipalities may seem like a new pattern. But it’s unclear how many of them, if any, were perpetrated by the same actors. And law enforcement officials emphasize that the …

Hack Brief: 885 Million Sensitive Financial Records Exposed Online

After a solid decade of nonstop corporate data breaches and exposures, you'd think large organizations would have at least fixed the most basic and obviously damaging types of data mishandling. But there's clearly still a long way to go. On Friday, independent security journalist Brian Krebs revealed that the real estate and title insurance giant First American had 885 million sensitive customer financial records, going back to 2003, exposed on its website for anyone to access. And while there isn't currently evidence that anyone actually found and stole the information, it was so easy to grab—and so obviously valuable to scammers—that it's hard to rule out that possibility. The Hack Krebs reports that the exposed records included Social Security numbers, …

Microsofts First Windows XP Patch in Years Is a Very Bad Sign

This week, Microsoft issued patches for 79 flaws across its platforms and products. One of them merits particular attention: a bug so bad that Microsoft released a fix for it on Windows XP, an operating system it officially abandoned five years ago. There’s maybe no better sign of a vulnerability’s severity; the last time Microsoft bothered to make a Windows XP fix publicly available was a little over two years ago, in the months before the WannaCry ransomware attack swept the globe. This week’s vulnerability has similarly devastating implications. In fact, Microsoft itself has drawn a direct parallel. “Any future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry …