• Back

Blog

Author

Paul Roberts

Publisher & Editor in Chief, Security Ledger Senior Editor & Head of Content at QOMPLX, Inc.

Profile image for author

Paul is a reporter and editor who covers the information technology security space. His writing has appeared in publications including Forbes, The Christian Science Monitor, MIT Tech Review and more.

Profile image for author

Written by Paul Roberts

Written by Paul Roberts | October 02, 2020

Why haven't 17 annual Cyber Security Awareness months paid dividends? Probably because "awareness" itself isn't nearly enough to beat back a complex, global and societal ill like cybercrime.

Written by Paul Roberts | September 28, 2020

A CISA analysis of a hack of an unnamed federal agency suggests it may have started with the exploitation of a known (and patched) flaw in the Pulse VPN server.

Written by Paul Roberts | September 21, 2020

The Microsoft vulnerability dubbed Zerologon is a 10-on-a-10-scale critical flaw in Windows Netlogon. We explain what you need to know about this serious, new vulnerability.

Written by Paul Roberts | August 30, 2020

The new DarkSide ransomware variant and Lucifer’s Spawn, a DDoS and crypto-jacking tool, have one thing in common: privilege escalation features designed to fuel lateral movement.

Written by Paul Roberts | August 21, 2020

The new ransomware family RansomEXX is suspected in the hack of Konica Minolta, its second prominent victim in a month. Evidence suggests that human directed attacks are becoming more stealthy and effective.

Written by Paul Roberts | July 30, 2020

Why do firms like Garmin find themselves in the grips of ransomware cybercriminal groups? A tell-all by a former Maersk employee offers some clues.

Written by Paul Roberts | June 03, 2020

QOMPLX's Bill Solms and Paul Brooks of Dun & Bradstreet's Government Business Unit dig into the new DOD CMMC cyber security certification in a webinar June 3rd 2020 at 2:00 PM.

Written by Paul Roberts | April 03, 2020

Zoom is responding to a torrent of revelations about security and privacy issues in its platform. But enterprise concerns about application security holes and data privacy shouldn’t be limited to one platform.