The SEC has accused SolarWinds and its CISO Timothy Brown of fraud and disclosure control violations, marking its first formal action against a CISO. The SEC alleges SolarWinds and Brown made misstatements regarding cybersecurity in its SEC filings and on its website. This action underscores the SEC’s increased focus on cybersecurity disclosures following new rules for public companies. The complaint also alleges SolarWinds did not report potentially material cybersecurity risks.
The first UEFI bootkit malware for Linux has been detected, so users beware
ESET researchers have revealed a first-of-its-kind Linux UEFI bootkit, named ‘Bootkitty’, which could pose a significant risk despite being in early stages of development. The
