SolarWinds
SolarWinds and its CISO not off the hook over “materially misleading” security statement
"Flat falsehoods" says district judge of public security statement -- but dismisses multiple other SEC claims.
SolarWinds
“Trivially exploitable” bug in SolarWinds file server needs prompt fixing
“CVE-2024-28995 is not known to be exploited in the wild as of 9 AM ET on June 11. We expect this to change."
SolarWinds
SolarWinds howls back at SEC, accuses agency of "revictimization"
Software firm calls for dismissal of SEC action
SolarWinds
SolarWinds sued by SEC over 2019 monster hack, CISO also charged with fraud, control failures
SolarWinds’ poor controls... false and misleading statements and omissions, and the other misconduct... would have violated the federal securities laws even if SolarWinds had not experienced a major, targeted cybersecurity attack"
Cybersecurity
The SolarWinds hackers are back -- now they're targeting resellers, cloud providers, and MSPs
Is Active Directory the problem here?
Featured
SolarWinds customers under active attack (again) via RCE bug in file share tool Serv-U
SolarWinds doesn't know how many customers are affected...
Cybersecurity
Microsoft customer support hacked in new campaign by SolarWinds attackers
Fresh attacks on US, UK targets being tracked.
Cybersecurity
Microsoft, FireEye identify new C2 malware, written in Go, persisting post-SolarWinds attacks.
Microsoft calls it GoldMax; FireEye calls it SUNSHUTTLE. They're talking about the same thing: sophisticated backdoor that evaded...
Cybersecurity
Microsoft admits breach, as SolarWinds hack fallout continues
"This is not 'espionage as usual' even in the digital age"
Cybersecurity
US issues rare Emergency Directive over trojanised SolarWind Orion IT updates: FireEye, govt, telcos, tech firms hit by global campaign
US's CISA: "Disconnect or power down SolarWinds Orion products immediately."