CVE-2021-2369 Detail Current Description Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple…
BOSTON — The Florida company whose software was exploited in the devastating Fourth of July weekend ransomware attack, Kaseya, has received a universal key that will decrypt all of the more than 1,000 businesses and public organizations crippled in the global incident. Kaseya spokeswoman Dana Liedholm would not say Thursday how the key was obtained…
TSA tightens cyber rules for pipelines By Adam Mazmanian Jul 21, 2021 A new directive issued by the Transportation Security Administration requires fuel pipeline operators to institute mitigation and recovery measures to protect against ransomware attacks and other known cybersecurity threats. This is the second directive issued by TSA in the wake of…
Security researchers at Check Point Research (CPR) on Wednesday disclosed a new strain of cross-platform malware that steals sensitive information from Apple’s macOS users. The malware identified as “XLoader” is currently being is distributed in the form of malware-as-a-service (MaaS) on the dark web forum as a botnet loader service for as low as $49,…
Fraud Management & Cybercrime , Incident & Breach Response , Ransomware Extortionists Demand $50 Million – Payable in Monero Cryptocurrency – From Oil Giant Scott Ferguson (Ferguson_Writes) • July 22, 2021 Saudi Aramco’s gas processing plant in Khursaniyah, Saudi Arabia (Photo: Saudi Aramco) Saudi Aramco, one of the world’s largest oil and natural…
The latest edition of the ISMG Security Report features an analysis of ongoing investigations into how NSO Group’s Pegasus spyware is allegedly being used to spy on dissidents, journalists, political rivals, business leaders and even heads of state – and a discussion of whether the business model should be banned. In this report, you’ll hear…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management Software Vendor Said Approximately 60 MSPs and 1,500 Clients Affected by Attack Doug Olenick (DougOlenick) • July 22, 2021 Kaseya Executive Vice President Mike Sanders (Source: Kaseya) Three weeks after its software was used to facilitate a…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management Software Firm Helping Customers Affected by Ransomware to Recover Doug Olenick (DougOlenick) • July 22, 2021 Kaseya Executive Vice President Mike Sanders (Source: Kaseya) The software firm Kaseya said on Thursday it has obtained a universal key…
Rapid7 recently announced its purchase and acquisition of IntSights, a contextualized external threat intelligence and proactive threat remediation provider, for $335 million. Rapid7 offers an extensive cybersecurity portfolio for businesses, including user analytics behavior analytics, SIEM, SOAR, and vulnerability management. Additionally, it offers managed security services and security consulting. Meanwhile, IntSights provides the full benefits…
Another day, and it’s time for another Apple security scare: malware that can harvest keystrokes and log-ins and is available on the Darknet for only $49. Malware-as-a-service for Mac attacks Check Point Software’s research team claims to have identified the hack, which it is calling XLoader. Enterprise security specialists managing Macs and Apple devices (of which there…
