• Home
  • Authors
  • David Bisson

About David Bisson

David Bisson

David Bisson is an information security writer and security junkie. He's a contributing editor to IBM's Security Intelligence and Tripwire's The State of Security Blog, and he's a contributing writer for Bora. He also regularly produces written content for Zix and a number of other companies in the digital security space.

All posts by David Bisson

DOJ Recovers $2.3M in Bitcoin Ransom Paid by Colonial Pipeline

The enormity of the cybercrime ecosystem makes it nearly impossible to recover most ransoms - that’s the way things stand now...

June 8, 2021 / 3 minute read

Record Setting $40M Ransom Paid to Attackers

There have been significant advances in EPP to better prevent ransomware, but quality EDR is the ransomware killer that can counter its proliferation...

May 24, 2021 / 3 minute read

Inside the DarkSide Ransomware Attack on Colonial Pipeline

Lengthy detection, investigation and response periods following a ransomware attack is too little, too late - prevention is key to defending against ransomware attacks...

May 10, 2021 / 4 minute read

REvil/Sodinokibi Ransomware Gang Extorts Apple Through Supply Chain Attack

"Either REvil is benefitting indirectly from pariah policies related to cybercrime in Russia or is directly taking orders from a government." ~Sam Curry, Cybereason CSO...

April 22, 2021 / 3 minute read

Personal Info for More Than Half a Billion Facebook Users Leaked Online

Cybereason CSO Sam Curry shares insights on the news that attackers publicly exposed information from 533 million Facebook users based in 106 countries, including phone numbers, Facebook IDs, birthdates, bios, full names and locations. The dumped data also included the email addresses for a portion of the affected users.

April 5, 2021 / 3 minute read

Whistleblower Accuses Ubiquiti of Downplaying Major Data Breach

The US-based technology company explained in its statement that it had found no evidence of those responsible for the intrusion having misused a user account or having gained access to its databases - but according to the whistleblower, this isn’t what happened...

March 31, 2021 / 3 minute read

FBI Pegs 2020 Cybercrime Costs at $4 Billion - Actual Losses Likely Higher

Complaints represented a 69% increase over 2019, and Cybereason CSO Sam Curry suspects that the reported losses likely represent just a fraction of the actual costs to Americans in 2020...

March 31, 2021 / 3 minute read

SolarWinds Attacks Recovery Effort Could Take U.S. Government 18 Months

“It’s one thing to have solutions in place that can detect one component of an attack, but it’s another thing to understand that individual events represent aspects of a larger malicious operation." Yonatan Striem-Amit, CTO and co-founder of Cybereason

March 15, 2021 / 3 minute read

Live Feeds of 150K Surveillance Cameras Compromised in Verkada Breach

Digital attackers compromised the live feeds of 150,000 surveillance cameras made by enterprise security camera system manufacturer Verkada.

March 11, 2021 / 3 minute read

Kia Motors America: Ransomware Not Behind Extended Systems Outage

Kia Motors America stated that a ransomware attack was not the apparent cause of an extended systems outage affecting the automobile dealer’s IT systems. It all started with an error message…

February 19, 2021 / 3 minute read

Global Law Firm Attributes Data Breach to Compromise at File Sharing Provider

"The size of the leak is not as important as the substance... The big concern here is where that data went and how threat actors might use it." ~Sam Curry, Cybereason CSO

February 17, 2021 / 3 minute read

Attacker Tries to Poison Florida City’s Water Supply

"For nearly one year since the beginning of the COVID-19 pandemic, threat actors have carried numerous acts of war against research companies, hospitals and other first responders. These attacks have been brazen, shocking and downright maniacal..." ~ Sam Curry, CSO at Cybereason

February 9, 2021 / 3 minute read

Extortionists Publish Data Stolen from Two Healthcare Service Providers

An attacker group published information stolen from two healthcare service providers in a reported attempt to extort them for money.

February 8, 2021 / 3 minute read

Nearly One-Third of Attack Targets Weren’t Running SolarWinds

Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency (CISA), said in an interview that 30% of victims weren’t running SolarWinds’ Orion platform but suffered a compromise anyway.

February 3, 2021 / 3 minute read

NHS Warns of New COVID-19 Vaccine-Related Phishing Campaigns

The United Kingdom’s National Health Service (NHS) warned that scammers are in the process of sending out fake COVID-19 vaccine invitations.

February 1, 2021 / 3 minute read

Emotet Botnet Infrastructure Disrupted in International Takedown

Law enforcement entities and judicial authorities located around the world succeeded in disrupting the Emotet botnet’s infrastructure through a coordinated takedown effort.

January 28, 2021 / 3 minute read

Last Hurrah: Executive Order to Protect IaaS Platforms from Malicious Actors

“What matters is whether this is useful to Biden as a tool for his strategy, not the parting shot of the outbound President. This is a chip in a political game and not significant to cyber security unless there’s momentum and more to follow. It’s all up to Biden now...”

January 22, 2021 / 3 minute read

SolarWinds Attacks Highlight Importance of Operation-Centric Approach

“We need to arm security analysts with tools to make the connection between disparate indicators of compromise—and, more importantly, the more subtle indicators of behavior associated with an attack—so that they can quickly detect and respond to malicious operations with surgical precision."

January 21, 2021 / 3 minute read

Contextualizing Microsoft’s Source Code Exposure in the SolarWinds Attacks

In a December 31 blog update, Microsoft revealed that its investigation into Solarwinds had found no evidence of unauthorized access to its production services or customer data, but that effort did uncover another attack attempt.

January 5, 2021 / 3 minute read

Molerats APT: New Malware and Techniques in Middle East Espionage Campaign

Security researchers observed a politically motivated APT called “Molerats” using three new malware variants to conduct espionage in the Middle East. Download the Indicator's of Compromise to search for Molerats in your own environment.

December 15, 2020 / 3 minute read