Nick Schneider, president and CEO, Arctic Wolf (Image: Arctic Wolf)

Arctic Wolf Gets $401M From Owl Rock to Pursue Acquisitions

Michael Novinson • October 6, 2022

Security operations stalwart Arctic Wolf has taken on more than $400 million in debt to pursue acquisitions in the cloud, SIEM, endpoint and XDR markets. The money will fuel an upcoming launch in the Asia-Pacific region and expansion in markets such as South Africa, Benelux and the Nordics.

Finance & Banking

Tim Eades of vArmour on Expanding From Banking to Government

Latest

Critical Infrastructure Security

Should Public Utilities Get Paid to Secure the Power Grid?

Cal Harrison • October 6, 2022

Made up of 3,000 public utilities, the U.S. power grid has many weak links in its cyber defenses. Regulators can fine utilities for service outages, but a proposed federal program and recent Purdue University study say financial incentives will help firms make the right security investments.

Breach Notification

Health Entity Agrees to Pay $7.9 Million to Improve Security

Marianne Kolbasuk McGee • October 6, 2022

A Baltimore, Maryland-based healthcare organization has agreed to spend nearly $8 million improving and maintaining its data security as "injunctive relief" to settle a class action lawsuit involving two data breaches that affected a total of about 540,000 individuals.

Endpoint Security

BD, CISA Warn of Security Flaw in Cancer Testing System

Marianne Kolbasuk McGee • October 6, 2022

If exploited, a hard-coded credential vulnerability in certain BD medical laboratory equipment used for cancer screenings could allow an attacker to access, modify or delete sensitive patient information, the manufacturer and federal authorities warn.

Cybercrime

Australia Police Charge Teen With Extorting Optus Victims

Mihir Bagwe • October 6, 2022

Police arrested a teenager in his suburban Sydney home for allegedly attempting to extort AU$2,000 from victims of the Optus data breach. The unnamed 19-year-old allegedly threatened to conduct financial crimes using the information of 93 individuals unless he received a payout.

Fraud Management & Cybercrime

NetWalker Ransomware Affiliate Faces 20 Years in US Prison

David Perera • October 5, 2022

Canadian Sebastien Vachon-Desjardins received a 20 year prison sentence from a U.S. judge based in Florida after copping to four felonies stemming from a stint as an affiliate of the NetWalker ransomware-as-a-service gang. "This is Jesse James meets the 21st century," said Judge William F. Jung.

Endpoint Security

Ring Login Issues Wednesday Stem From System Error, Not Hack

Michael Novinson • October 5, 2022

A claim Wednesday by high-profile security researcher Kevin Beaumont that video doorbell manufacturer Ring was experiencing a security issue sent Twitter atwitter. Amazon says some users experienced logon issues due to a back-end system error made during a routine system update.

Cybercrime

Patients Affected By Cybersecurity Event at Hospital Chain

Marianne Kolbasuk McGee • October 5, 2022

A cybersecurity incident at Chicago-based CommonSpirit Health, a system of 1,500 healthcare sites across 21 states and one of the nation’s largest nonprofit healthcare systems, is disrupting medical care after the healthcare system took offline some of its electronic health records systems.

Leadership & Executive Communication

Why Aren't More Women in Security Leadership Positions?

Anna Delaney • October 5, 2022

A man in the cybersecurity field is seven times more likely than a woman to have applied for or been offered the job of CISO, according to a new report from Accenture on the need for more inclusion in the workplace. Experts discuss strategies to close the gap and make hiring more inclusive.

3rd Party Risk Management

How to Deal With Endemic Software Vulnerabilities

Steve King • October 5, 2022

In this episode of "Cybersecurity Unplugged," Amit Shah, director of product marketing at Dynatrace, discusses the implications of the Log4Shell software vulnerability and the need for organizations to take an observability-led approach to software development and security going forward.

3rd Party Risk Management

Another Telco Breach Rocks Australia

Mihir Bagwe • October 4, 2022

Australia's largest telecom provider acknowledged Tuesday a data breach, but said the data came from a now-defunct employee rewards program from 2017. A company executive accused the hacker behind the breach of seeking to profit from a tense climate created by a much larger breach at rival Optus.

Blockchain & Cryptocurrency

Scammers Get Scammed, Crypto Worth Thousands Stolen

Rashmi Ramesh • October 4, 2022

A cryptocurrency thief is hacking into other scammers' fraudulent liquidity mining websites to reach directly into the digital wallets of victims. The threat actor, dubbed "Water Labbu" by Trend Micro, has so far filched 316,728 USDT and infected 45 fraudulent decentralized applications.

Governance & Risk Management

More Action Needed on Telehealth Privacy, Security Risks

Marianne Kolbasuk McGee • October 4, 2022

At the onset of the novel coronavirus public health emergency, regulators said they would not enforce certain potential HIPAA violations involving telehealth. But with that 2020 policy still in play, patients need to be better informed of telehealth's privacy and security risks.