Security News

The DarkSide ransomware gang posted a new "Press release" today stating that they are apolitical and will vet all targets before they are attacked. Today, the DarkSide ransomware gang issued a press statement stating that their organization is 'apolitical' and is not associated with any government.

Texas-based IT management company SolarWinds on Friday shared more information on the impact of the significant breach disclosed late last year, and claimed that less than 100 of its customers were actually hacked. Initial reports said more than 250 organizations were actually breached, but the U.S. government later said that it had identified roughly 100 private sector companies and 9 federal agencies whose systems were targeted by the attackers.

The cyberextortion attempt that has forced the shutdown of a vital U.S. pipeline was carried out by a criminal gang known as DarkSide that cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, two people close to the investigation said Sunday. Commerce Secretary Gina Raimondo said Sunday that ransomware attacks are "What businesses now have to worry about," and that she will work "Very vigorously" with the Department of Homeland Security to address the problem, calling it a top priority for the administration.

Colonial Pipeline halts all fuel pipeline operations in response to ransomware attack. A cyberattack has forced an operational shutdown of the Colonial Pipeline, the largest refined products pipeline in the United States.

The company providing internet services for Belgium's parliament, government agencies, universities and scientific institutions said Tuesday that its network was under cyberattack, with connections to several customers disrupted. Belnet said in a statement the attack "Is still in progress and takes place in successive waves. Our teams are working hard to mitigate them." The company has around 200 customers.

To better defend their networks, systems, and devices from an ongoing barrage of attack techniques, healthcare organizations are increasingly turning to zero trust architecture, which does away with the traditional security perimeter, assuming that every user and every device on the network could potentially be malicious. Ransomware - widely prevalent in connected healthcare environments due to outdated and unpatched operating systems in myriad devices.

A new ransomware gang known as 'N3TW0RM' is targeting Israeli companies in a wave of cyberattacks starting last week. Like other ransomware gangs, N3TW0RM has created a data leak site where they threaten to leak stolen files as a way to scare their victims into paying a ransom.

Scripps Health, a hospital network based in San Diego, was hit by a cyberattack over the weekend, forcing some critical-care patients to be diverted, according to the San Diego Union-Tribune. Scripps acknowledged the attack in a statement but didn't specify whether it was a ransomware incident.

IT security teams faced unprecedented challenges last year fueled by dramatically expanded work-from-home programs, increased bring-your-own-device policy adoptions, and rising internal and third-party risks stemming from the COVID-19 pandemic, CyberEdge Group reveals. It's no surprise that many IT security teams are shifting their security infrastructure investments from traditional, on-premises offerings to modern, cloud-based solutions.

An information-disclosure security vulnerability has been discovered in the Linux kernel, which can be exploited to expose information in the kernel stack memory of vulnerable devices. It contains /proc/[pid] subdirectories, each of which contains files and subdirectories exposing information about specific processes, readable by using the corresponding process ID. In the case of the "Syscall" file, it's a legitimate Linux operating system file that contains logs of system calls used by the kernel.