Articles by Joseph Menn

Microsoft Finds New Breach When Probing Suspected SolarWinds Hackers

Microsoft said on Friday an attacker had won access to one of its customer-service agents and then used information from that to launch hacking attempts against customers. The company said it had found the compromise during its response to hacks …

Under Pressure, Ransomware Gangs Claim They’re Shutting Down

Multiple ransomware groups claimed they were shutting down or scaling back operations on Friday as the U.S. government ramped up pressure while tech companies, cryptocurrency exchanges and others worried about getting caught in the crossfire. DarkSide, the Russian-speaking gang blamed …

Colonial Pipeline Ransomware Attackers Say They Seek Cash, Not Chaos

The ransomware gang accused of crippling the leading U.S. fuel pipeline operator said on Monday that it never meant to create havoc, an unusual statement that experts saw as a sign the cybercriminals’ scheme had gone awry. The FBI accused …

White House to Require Software Firms to Disclose Breaches to Government Customers

A planned Biden administration executive order will require many software vendors to notify their federal government customers when the companies have a cybersecurity breach, according to a draft seen by Reuters. A National Security Council spokeswoman said no decision has …

Hacks of Microsoft Outlook Email Program Continue Despite Patch

More than 20,000 U.S. organizations have been compromised through a back door installed via recently patched flaws in Microsoft Corp.’s email software, a person familiar with the U.S. government’s response said on Friday. The hacking has already reached more places …

Senator Says Microsoft Failed to Fix Cloud Software Issue Used by SolarWinds Hackers

Microsoft Corp.’s failure to fix known problems with its cloud software facilitated the massive SolarWinds hack that compromised at least nine federal government agencies, according to security experts and the office of U.S. Senator Ron Wyden. A vulnerability first publicly …

How Dominance of One Management Software Became Cyber Liability for U.S.

On an earnings call two months ago, SolarWinds Chief Executive Kevin Thompson touted how far the company had gone during his 11 years at the helm. There was not a database or an IT deployment model out there to which …

Suspected Russian Cyber Espionage Has U.S. Government, Businesses Scrambling

The U.S. Department of Homeland Security and thousands of businesses scrambled Monday to investigate and respond to a sweeping hacking campaign that officials suspect was directed by the Russian government. Emails sent by officials at DHS, which oversees border security …

FireEye, Major Cybersecurity Firm for Business and Government, Is Hacked

FireEye, one of the largest cybersecurity companies in the United States, said on Tuesday that it had been hacked, likely by a government, and that an arsenal of hacking tools used to test the defenses of its clients had been …

Top Biden Tech Advisor Is Critic of Internet Firms; Helped Craft California Privacy Law

President-elect Joe Biden’s top technology adviser helped craft California’s landmark online privacy law and recently condemned a controversial federal statute that protects internet companies from liability, indicators of how the Biden administration may come down on two key tech policy …