As investigators probe the SolarWinds hack, they're finding that the supply chain campaign appears to have deeply compromised more than the 50 organizations originally suspected. Meanwhile, the federal agencies overseeing the investigation now officially believe a Russian-linked hacking group is responsible.
A SolarWinds shareholder has filed a lawsuit claiming the company included misleading statements - regarding the security of its products - in its filings with the U.S. Securities and Exchange Commission.
Citrix is urging customers to implement a newly provided enhancement to its ADC and Gateway devices that is designed to block attackers from abusing the Datagram Transport Layer Security, or DTLS, protocol to amplify distributed denial-of-service attacks.
What compliance lessons can be learned from major fraud cases in 2020, including the Goldman Sachs bribery case, the Wirecard mass corruption case and the Novartis bribery case? A panel of experts offers in-depth analysis.
Lawmakers who participated in the bipartisan Cyberspace Solarium Commission applauded Congress' override of President Donald Trump's veto of the National Defense Authorization Act, pointing to its 77 cybersecurity provisions, including restoration of the position of national cyber director at the White House.
A British judge has denied a Justice Department request to extradite WikiLeaks founder Julian Assange to the U.S. to face criminal charges related to hacking government computers and then publishing classified information. U.S. prosecutors plan to appeal.
A firmware vulnerability in about 100,000 Zyxel products, including VPN gateways, access point controllers and firewalls, can be used to install a hardcoded backdoor that could give threat actors remote administrative privileges, according to the security firm Eye Control. Users are urged to patch the flaw.
In 2020, the "zero trust" conversation evolved from "What is it?" to "How do we achieve a zero trust architecture?" Chase Cunningham, principal analyst serving security and risk professionals at Forrester, offers an outlook for what we can expect in 2021.
The attorneys general of 27 states have entered into a $2.4 million settlement with Sabre Corp. to resolve a lawsuit tied to a 2017 data breach that struck the company's Sabre Hospitality Solutions hotel booking system, compromising 1.3 million payment cards.
The major appliances giant Whirlpool acknowledges it was hit with a ransomware attack in November, with the cyber gang Nefilim taking responsibility for the cyber incident and claiming to have stolen company data.
The FBI is warning of a rise in "swatting attacks," which see hackers use compromised email accounts to access poorly-secured home smart devices that are equipped with cameras and voice capabilities to make hoax calls to emergency services.
The Cybersecurity and Infrastructure Security Agency has released an emergency directive requiring all federal organizations running the vulnerable SolarWinds Orion software to immediately update to the latest version.