President and CEO Sudhakar Ramakrishna says SolarWinds has done massive work implementing security into the build process since the company was hacked in late 2020. Testing, validating and qualifying the integrity of the company's source code has required significant effort, Ramakrishna tells ISMG.
The shift to remote work during COVID-19 has prompted hackers to dramatically boost phishing attacks. The pandemic has led to users reading more corporate email on personal devices and opening messages while distracted by children or pets, increasing the chances they'll click on something malicious.
French defense multinational Thales confirmed that ransomware-as-a-service group LockBit published internal documents but emphasized its operations remain unaffected by the hack. The company says the source of the leak is likely a compromised user account of an online partner collaboration site.
The Cyber Police of Ukraine arrested five cybercrime gang members for their participation in a transnational scheme to fleece buyers into a supposed cryptocurrency and securities investment platform. The gang has established call centers around Europe, including three in Kyiv and Ivano-Frankivsk.
A recent ransomware attack at a Texas hospital that knocked out phone and email systems for weeks is now even worse following OakBend Medical Center's admission that the hackers downloaded data from the medical records of up to 500,000 individuals.
In the latest weekly update, ISMG editors discuss implications of the seizure of $3.36 billion in stolen bitcoin, whether the EU is complicit in the spread of advanced spyware, and the departure of the U.K.'s Dr. Ian Levy, technical director of NCSC, with some important parting words.
The Australian government says hackers from Russia are behind the attack on Medibank, the country's largest private health insurer. Prime Minister Anthony Albanese said not just hackers but "the nation where these attacks are coming from should also be held accountable."
The United Kingdom and many other countries are considering ways to make banks liable for authorized payment fraud and lift the burden from millions of victims of online scams. Trace Fooshee, strategic adviser at Aite-Novarica Group, shares his views on why this might not be such a great idea.
Police in Ontario arrested a dual Canadian-Russian national for his involvement with the LockBit ransomware-as-a-service gang. The United States is asking for the extradition of Mikhail Vasiliev, 33, to face a criminal charge in a New Jersey federal court of conspiracy to commit computer intrusion.
A U.S. federal district judge said users would be "shocked to realize" that Facebook collects patient data. Plaintiffs suing the social media giant asked the judge to enjoin the company from intercepting health data and communications through its Pixel web tracking tool embedded into patent portals.
Embattled social media platform Twitter lost its chiefs of security, privacy and compliance, and the resignations put the company and its new owner, Elon Musk, at greater risk of regulatory enforcement. The company signed a binding two-decade agreement with the U.S. Federal Trade Commission in May.
Hacktivists fighting a proxy online battle against Russia after its invasion of Ukraine claim to have dumped online a trove of files from the Central Bank of Russia. The IT Army of Ukraine also claimed to have disrupted payments processing at Moscow's Alfa Bank.
The Red Cross symbol has marked people and facilities off-limits to attack across a century of wars, but security experts are skeptical about a proposal to create a digital Red Cross marker to protect healthcare and humanitarian groups from cyberattacks. The reason? You can't trust cybercriminals.
Microsoft released patches fixing a pair of Exchange vulnerabilities revealed publicly in late September and collectively known as ProxyNotShell. The computing giant assesses with "medium confidence" that state-sponsored hackers have exploited the now-squashed bugs.
A Dutch member of the European Parliament accused the European Union of weakness in the face of a threat to democracy posed by advanced spyware apps such as the NSO Group's Pegasus. Sophie in ’t Veld called for a moratorium on such apps and for a supranational crackdown.