Citrix is warning its customers that attackers are taking advantage of the company's ADC products to conduct and amplify DDoS attacks, according to a notification published by the firm. A permanent fix to address this security issue won't be available until January.
More than two years after Europe's tough new General Data Protection Regulation came into full effect, EU privacy watchdogs are finding more consensus, and consumers have been benefiting, experts say. But how regulators apply sanctions, in particular, remains a work in progress.
Microsoft warned CrowdStrike of a failed attempt by unidentified attackers to access and read the company's emails, according to a blog post published by the security firm. The unsuccessful hacking incident is reportedly tied to the breach of SolarWinds.
He's commanded armed forces, directed the National Security Agency, and now he is president of vendor IronNet Cybersecurity. From this unique perspective, retired General Keith Alexander says the SolarWinds breach is "a call for action."
An investigation at the U.S. Treasury Department has found that it suffered a "significant" breach as a result of the SolarWinds Orion supply chain attack, a top Democrat on the Senate Finance Committee reports. Meanwhile President-elect Joe Biden said of the attack: "I promise you, there will be a response."
Hackers who infiltrated government and business networks via a stealthy backdoor added to SolarWinds' Orion software appear to have focused on only the most high-value targets, leading to about 50 organizations being "genuinely impacted," says FireEye CEO Kevin Mandia.
In light of calls from some quarters for the U.S. to launch online attacks in reprisal for the SolarWinds supply chain campaign - allegedly carried out by Russia's foreign intelligence service - it's time to pause and remember: Spies are going to spy.
In his first remarks about the massive hacking operation that leveraged a tainted SolarWinds Orion software update, President Donald Trump on Saturday downplayed the seriousness of the incident and contradicted Secretary of State Mike Pompeo, who had pointed a finger at Russia.
The NSA has issued a warning about two hacking techniques that could allow threat actors to access cloud resources by bypassing authentication mechanisms. The alert follows a week's worth of revelations over the SolarWinds breach that has affected government agencies and other organizations.
Lawmakers are pressing government agencies for answers following disclosures this week about an advanced persistent threat group's massive hacking campaign involving compromised SolarWinds Orion network management software. Secretary of State Mike Pompeo said Friday Russians "engaged in this activity."
The latest edition of the ISMG Security Report features an analysis of what we know so far about the impact of the SolarWinds supply chain hack and how to respond.
Intel and Cisco are among the thousands of SolarWinds Orion customers that were running a Trojanized version of the security software. FireEye, together with Microsoft and GoDaddy, have devised a "kill switch" to disrupt attackers' ability to access the malware on at least some infected systems.
A mighty effort is underway to figure out which organizations may have been deeply infiltrated by a suspected Russian hacking group following the SolarWinds hack. The hunt is difficult for many reasons, some experts say, and may never result in definitive answers about whether data was stolen.
In 2011, Sam Curry headed the response team for RSA's then-landmark breach. Today, as CSO at Cybereason, he looks at the SolarWinds supply chain attack and sees similarities - but also is struck by "the scale, the scope, the subtlety" of the incident.
Philip Reitinger has held senior cybersecurity leadership roles in both the public and private sectors. He's seen big breaches. And he says what he sees so far in the SolarWinds attack may be just the "tip of the iceberg" in terms of government and business entities that have been compromised.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.