Security News > 2021 > May

IP Infusion and Edgecore Networks jointly announced that the full network migration of its disaggregated networking solution at the London Internet Exchange Manchester interconnection point has been completed. Connecting over 980 networks in over 80 countries, LINX is one of the largest operators of Internet Exchange Point services and was the first IXP in the world to adopt a disaggregated model at a large scale.

Sontiq announced the appointment of Jeremy Haas as chief technology officer. Haas spent 24 years at the Central Intelligence Agency and U.S. Air Force supporting intelligence activities as a cybersecurity expert.

An industry veteran, Raghuram is a strategic business leader who currently holds the position of Executive Vice President and Chief Operating Officer, Products and Cloud Services at VMware. "I am thrilled to have Raghu step into the role of CEO at VMware. Throughout his career, he has led with integrity and conviction, playing an instrumental role in the success of VMware," commented Michael Dell, chairman of the VMware Board of Directors.

Chemical distribution company Brenntag paid a $4.4 million ransom in Bitcoin to the DarkSide ransomware gang to receive a decryptor for encrypted files and prevent the threat actors from publicly leaking stolen data. From the information shared with BleepingComputer by an anonymous source, the DarkSide ransomware group claimed to have stolen 150GB of data during their attack.

"This investment from KKR and Ten Eleven Ventures allows NetSPI to better meet this demand while simultaneously fueling growth and innovation as a leader in the booming cyber security market. With our investors' support, NetSPI will continue to transform the industry with a focus on attack surface management, enterprise security testing, and vulnerability management." "NetSPI has built a differentiated suite of tech-enabled services and test orchestration and reporting software that is not only enhancing cyber security for complex global enterprises across a wide range of industries, but is simultaneously disrupting the traditional penetration testing market in order for these enterprises to continuously test their applications, networks, and cloud infrastructures at scale," said Ben Pederson, Principal at KKR. "We are excited to invest in NetSPI's growth as they build and deliver these critically important offensive security solutions."

Colonial Pipeline Co., operator of the largest U.S. fuel pipeline, reportedly paid $5 million to criminals behind a ransomware attack that has sent fuel prices spiking up and down the East Coast. Sources familiar with the payout told Bloomberg that representatives of Colonial Pipeline paid the cybergang known as DarkSide the ransom it demanded in return for a decryption tool that allowed the firm to restore its computer network disabled in last week's attack.

US cybersecurity firm Rapid7 has disclosed that some source code repositories were accessed in a security incident linked to the supply-chain attack that recently impacted customers of the popular Codecov code coverage tool. Only internal credentials and tooling source code accessed.

In the cybercriminal underground, ransomware samples and builders are going for anywhere between $300 to $4,000, with ransomware-as-a-service rentals costing $120 to $1,900 per year. That's according to an analysis by Kaspersky of the three main underground forums where ransomware is circulated.

Security researchers have discovered a way to leverage Apple's Find My's Offline Finding network to upload data from devices, even those that do not have a Wi-Fi or mobile network connection. Using Bluetooth Low Energy, the data is being sent to nearby Apple devices that do connect to the Internet, and then sent to Apple's servers, from where it can be retrieved at a later date.

On Wednesday, President Biden signed an executive order that aims to strengthen the nation's ability to prevent and respond to cyberattacks that threaten vital assets and systems. Noting that the country's insufficient cybersecurity defenses leave the public and private sectors more vulnerable to cyber incidents, the Executive Order on Improving the Nation's Cybersecurity addresses several key areas for improvement.