SolarWinds, top executives hit with class action lawsuit over Orion software breach
Stockholders who purchased company shares in 2020 are suing the IT management software company for materially misleading investors about their security practices.
About SC Media
Legal Action
Ticketmaster fined $10 million in corporate espionage scheme
Ticketmaster tried to steal both a client and design ideas from a competitor by logging into the back-end system with a former employer’s login credentials.
H&M not alone: Companies often fall short in privacy protections for employees
Many businesses treat information about their own employees differently than that of customers, which could place them squarely in violation of privacy regulations.
Lessons from Uber: Be crystal clear on the law and your bug bounty policies
Aside from following the law, companies should also take care that their bug bounty payments are adhering to responsible corporate policies that define what constitutes a legit payment and what constitutes extortion.
‘We want to have more protection’: Arrested pen testers push for Good Samaritan law
Prosecutors dropped felony criminal charges against a pair of ethical pen testers arrested while assessing the security of an Iowa courthouse. But the the two men are not ready move on just yet. Coalfire employees Gary DeMercurio, managing senior, and Justin Wynn, senior security consultant, lobbied Wednesday at the virtual Black Hat conference for a…
Unsealed indictment alleges Kazakh man is behind Fxmsp hacking group
Federal prosecutors have indicted Andrey Turchin, a 37-year-old citizen of Kazakhstan, on five criminal counts related to his alleged involvement in a financially motivated cybercriminal hacking collective known as Fxmsp that the Department of Justice says cost victims tens of millions of dollars. Turchin — who also individually goes by the alias Fxmsp — and…
Alleged Collection 1 hacker nabbed; ransomware campaign targeting hospitals disrupted
The Ukrainian Secret Service on Tuesday announced the arrest of a man who they say is the hacker who amassed hundreds of millions of stolen credentials and then used an internet message board to announce their availability as a data set known as Collection 1. And in another significant win for law enforcement officials, Romania…
DEER.IO caught in FBI’s headlights; cybercrime platform gets shut down
The FBI on Tuesday seized the website for DEER.IO, a Russian online platform used to conduct millions of dollars worth of cybercriminal transactions. The crackdown followed the March 7 arrest of alleged hacker/DEER.IO administrator Kirill Victorovich, who was taken into custody while in New York City. Active since October 2013, DEER.IO allows users to purchase…
Necurs botnet operation dismantled; millions of malicious domains disabled
A coalition of security-minded organizations led by Microsoft struck a major blow against the mighty Necurs botnet — one of the largest in world — dismantling its infrastructure in a global takedown. Empowered by a court order, Microsoft not only took control of the Necurs operators’ web domains, but it blocked an additional 6 million…
Jury spares accused Vault 7 leaker from espionage conviction
A Manhattan federal jury yesterday failed to reach a verdict on any major charges leveled against Joshua Schulte, a former CIA software engineer from Lubbock, Texas, who was accused of stealing the agency’s hacking tools and delivering them to WikiLeaks for publication. Schulte, 31, was convicted on contempt of court and making false statements, but…
Next post in Data Breach
