News

CRN4y
Infected SolarWinds Updates Used To Compromise Multiple Organizations: FireEye
Nation-state hackers gained access to government, consulting, technology and telecom firms around the world through trojanized updates to SolarWinds’ Orion network monitoring tool, according to ...
Hosted on MSN5mon
Tech firms to pay millions in SEC penalties for misleading SolarWinds disclosures
The SEC said that Check Point sent it reports that were "virtually unchanged from the same disclosures in prior Check Point public filings" despite knowledge of the SolarWinds compromise ...
CRN4y
SolarWinds CEO Confirms Office 365 Email ‘Compromise’ Played Role In Broad-Based Attack
SolarWinds was first notified by Microsoft about a compromise related to its Office 365 environment on Dec. 13, the same day news of the hack went public. [Related: SolarWinds CEO: Attack Was ...
InfoWorld26d
Developers: apply these 10 mitigations first to prevent supply chain attacks
Current cybersecurity development risk frameworks don’t cover all of the tactics hackers used to compromise SolarWinds, log4j, or XZ Utils, says report, which offers a 'starter kit' of critical ...
Security1mon
From SolarWinds to PowerSchool: Growing menace of software supplier breaches
Highlighting recent cyber attacks on software suppliers, here are actionable steps for organizations and individuals to protect their data against these growing threats. Stolen credentials are a ...
Computing4y
Mimecast's source code stolen in SolarWinds breach
The firm first disclosed the compromise of a certificate used for ... The vendor says it has decommissioned SolarWinds Orion from its infrastructure,0 and replaced it with the Cisco NetFlow ...