SolarWinds says it’s facing SEC ‘enforcement action’ over 2020 hack

SolarWinds says it’s facing SEC ‘enforcement action’ over 2020 hack

The long hangover from a 2020 state-sponsored compromise still isn’t over for SolarWinds, as the software giant targeted by Russian government hackers has to pony up $26 million to shareholders and face possible enforcement action from the federal government. In a recent 8-K filing with the U.S. Securities and Exchange Commission, SolarWinds said it reached […]

Read more
LockerGoGa ransomware victims can now recover their files for free

LockerGoGa ransomware victims can now recover their files for free

Victims of the LockerGoga ransomware can now recover their stolen files for free, thanks to a new decryptor released by Romanian cybersecurity firm Bitdefender and the NoMoreRansom Initiative. The LockerGoga ransomware family, known for its attacks against industrial organizations, first emerged in 2019.The file-encrypting malware was infamously used in an attack against Norsk Hydro in […]

Read more
North Korea’s Lazarus hackers are exploiting Log4j flaw to hack US energy companies

North Korea’s Lazarus hackers are exploiting Log4j flaw to hack US energy companies

Security researchers have linked a new cyber espionage campaign targeting U.S., Canadian and Japanese energy providers to the North Korean state-sponsored Lazarus hacking group. Threat intelligence company Cisco Talos said Thursday that it has observed Lazarus — also known as APT38 — targeting unnamed energy providers in the United States, Canada and Japan between February […]

Read more
US issues rare security alert as Montenegro battles ongoing ransomware attack

US issues rare security alert as Montenegro battles ongoing ransomware attack

The U.S. Embassy in Montenegro has warned Americans that an ongoing ransomware attack in the country could cause widespread disruption to key public services and government services. The ransomware attack, first confirmed by Montenegro’s Agency for National Security (ANB) last week, targeted government systems and other critical infrastructure and utilities, including electricity, water systems and […]

Read more
A ransomware attack on a debt collection firm is one of 2022’s biggest health data breaches

A ransomware attack on a debt collection firm is one of 2022’s biggest health data breaches

A ransomware attack on a little-known debt collection firm that serves hundreds of hospitals and medical facilities across the U.S. could be one of the biggest data breaches of personal and health information this year. The Colorado-based Professional Finance Company, known as PFC, which contracts with “thousands” of organizations to process customer and patient unpaid […]

Read more
Elden Ring gaming giant Bandai Namco says hackers may have stolen customer data

Elden Ring gaming giant Bandai Namco says hackers may have stolen customer data

Bandai Namco, the Japanese video game publisher behind titles including Pac-Man, Tekken and Elden Ring, has admitted that hackers accessed its systems and potentially made off with customer data. In a statement shared with TechCrunch, Bandai Namco said it detected “unauthorized access” to its systems by a third party on July 3, adding that it […]

Read more
US government says North Korean hackers are targeting American healthcare organizations with ransomware

US government says North Korean hackers are targeting American healthcare organizations with ransomware

The FBI, CISA and the U.S. Treasury Department are warning that North Korean state-sponsored hackers are using ransomware to target healthcare and public health sector organizations across the United States. In a joint advisory published Wednesday, the U.S. government agencies said they had observed North Korean-backed hackers deploying Maui ransomware since at least May 2021 […]

Read more
Cyber threat startup Cygilant hit by ransomware

Cyber threat startup Cygilant hit by ransomware

Cygilant, a threat detection cybersecurity company, has confirmed a ransomware attack. Christina Lattuca, Cygilant’s chief financial officer, said in a statement that the company was “aware of a ransomware attack impacting a portion of Cygilant’s technology environment.” “Our Cyber Defense and Response Center team took immediate and decisive action to stop the progression of the attack. We […]

Read more
What CISOs need to learn from WannaCry

What CISOs need to learn from WannaCry

In 2017 — for the first time in over a decade — a computer worm ran rampage across the internet, threatening to disrupt businesses, industries, governments and national infrastructure across several continents. The WannaCry ransomware attack became the biggest threat to the internet since the Mydoom worm in 2004. On May 12, 2017, the worm […]

Read more
Two years after WannaCry, a million computers remain at risk

Two years after WannaCry, a million computers remain at risk

Two years ago today, a powerful ransomware began spreading across the world. WannaCry spread like wildfire, encrypting hundreds of thousands of computers in more than 150 countries in a matter of hours. It was the first time that ransomware, a malware that encrypts a user’s files and demands cryptocurrency in ransom to unlock them, had […]

Read more