CRN

SEC: SolarWinds, CISO Tim Brown ‘Defrauded’ Investors Before Cyberattack

‘SolarWinds’ poor controls, Defendants’ false and misleading statements and omissions, and the other misconduct described in this Complaint, would have violated the federal securities laws even if ...
Ars Technica

SEC sues SolarWinds and CISO, says they ignored flaws that led to major hack

The US Securities and Exchange Commission sued SolarWinds Corp. and Chief Information Security Officer Timothy Brown yesterday, alleging that they concealed security failures that led to a nearly ...
Bleeping Computer

SolarWinds patches critical code execution bug in Orion Platform

SolarWinds has released security updates to address four vulnerabilities impacting the company's Orion IT monitoring platform, two of them allowing attackers to execute arbitrary code remotely. The ...
CSOonline

SEC sues SolarWinds and its CISO for fraudulent cybersecurity disclosures

SEC has accused SolarWinds and its CISO of understating cybersecurity risks to stakeholders and said the company missed numerous red flags. The Security and Exchange Commission (SEC) has filed charges ...
Dark Reading

Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack

On Dec. 8, 2020, FireEye announced the discovery of a breach in the SolarWinds Orion software while it investigated a nation-state attack on its Red Team toolkit. Five days later, on Dec. 13, 2020, ...
Bleeping Computer

SolarWinds patches critical Serv-U vulnerability exploited in the wild

SolarWinds is urging customers to patch a Serv-U remote code execution vulnerability exploited in the wild by "a single threat actor" in attacks targeting a limited number of customers. "Microsoft has ...