SolarWinds has agreed to pay $26 million to settle a shareholder lawsuit, and it's also expecting to be slapped with an enforcement action by Uncle Sam - both related to its infamous 2020 supply chain security fiasco, according to the software maker's most recent US regulatory filing. At the end of October, SolarWinds reached a deal with investors who sued the company, alleging they were misled about its security posture in advance of the Russian cyberattack on the business. READ MORE...
Australian health insurer Medibank today confirmed that the data of 9.7 million customers was compromised in a recent cyberattack. The incident was identified on October 12, before threat actors could deploy file-encrypting ransomware, but not before they stole data from the company's systems. Medibank, which immediately initiated incident response and launched an investigation into the attack, could not determine whether customer data was compromised until contacted by the threat actor behind the data breach. READ MORE...
The Federal Bureau of Investigation (FBI) said on Friday that distributed denial-of-service (DDoS) attacks coordinated by hacktivist groups have a minor impact on the services they target. As the law enforcement agency explained in a private industry notification issued today, this happens because they target public-facing infrastructure like websites instead of the actual services, leading to limited disruption. READ MORE...
Attackers continue to create fake Python packages and use rudimentary obfuscation techniques in an attempt to infect developers' systems with the W4SP Stealer, a Trojan designed to steal cryptocurrency information, exfiltrate sensitive data, and collect credentials from developers' systems. According to an advisory published this week by software supply chain firm Phylum, a threat actor has created 29 clones of popular software packages on Python Package Index. READ MORE...
The RomCom threat group is actively using trojanized versions of popular software products, including SolarWinds Network Performance Monitor, KeePass Open-Source Password Manager, and PDF Reader Pro, to target various English-speaking countries - especially the UK - with a remote access Trojan (RAT). It's a departure in tactics, techniques, and procedures for the advanced persistent threat (APT). READ MORE...
The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities. The goal is to assess UK's vulnerability to cyber-attacks and to help the owners of Internet-connected systems understand their security posture. READ MORE...
Microsoft has asserted that China's offensive cyber capabilities have improved, thanks to a law that has allowed Beijing to create an arsenal of unreported software vulnerabilities. China's 2021 law required organizations to report security vulnerabilities to local authorities before disclosing them to any other entity. The rules mean Beijing can use local research to hoard vulnerability information. READ MORE...