NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses

Kate Hanniford of Alston & Bird writes:

Following the SolarWinds cyber espionage attack (the “Attack”) and the resulting focus on supply chain risk, the New York Department of Financial Services (NYDFS) has issued a report detailing the impact on and responses by its regulated covered entities to the Attack. Although there have been no reported instances of active exploitation of DFS-regulated companies as a result of the Attack, the networks of approximately 100 DFS-regulated companies were compromised as a result of the Attack.

Some lower-tier ransomware gangs have formed a new RaaS alliance -- or have they? (1)
Another plastic surgery practice fell prey to a cyberattack that acquired patient photos and info
How a hacking gang held Italy’s political elites to ransom
Uncovering Qilin attack methods exposed through multiple cases
Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Iran's Critical Infrastructure
Ex-CISA head thinks AI might fix code so fast we won't need security teams

Related: