Cyber Security Today: SolarWinds demands fraud drop, ransomware sentencing, and more

SolarWinds is fighting back against allegations of fraud made by the U.S. Securities and Exchange Commission (SEC) relating to the cybersecurity company’s practices leading up to the 2020 Orion software update breach. SolarWinds has asked a court to dismiss the charges, claiming they are unfounded and that the SEC is unfairly changing the rules for cybersecurity disclosure. Meanwhile, a Canadian man has been sentenced to two years in prison for running cyber attacks, including ransomware campaigns, against over 1,100 victims. In other news, the Medusa ransomware gang has claimed responsibility for an attack on the Kansas City transportation authority, and threat actors are increasingly using the Greatness Phishing Kit to target Microsoft 365 users. It is important for companies to have effective cybersecurity controls in place and to take warnings seriously in order to prevent breaches and attacks. Finally, a California judge ruled that Israeli company Bright Data did not breach any laws by scraping public data from Facebook and Instagram, and U.S. Senator Ron Wyden released documents alleging that the National Security Agency illegally obtains Americans’ internet records without a warrant.