Over 1,000 businesses from around the world have reportedly been impacted in a supply-chain attack where hackers exploited a vulnerability in a remote computer management tool called Kaseya VSA to deploy the REvil ransomware. Kaseya shut down its cloud-based service and urged all users with on-premises deployments, which includes many managed services providers (MSPs), to…
Background On July 2, 2021, Kaseya, an IT Management software firm, disclosed a security incident impacting their on-prem version of Kaseya VSA software. Kaseya VSA is a cloud-based MSP platform that allows service providers to perform patch management, backups, and client monitoring for their customers. As per Kaseya, the majority of their customers that rely…
BEIJING: China’s cyberspace regulator has announced a cybersecurity investigation into Chinese ride-hailing giant Didi Global and ordered that Chinese app stores halt downloads of its app, days after the company’s US initial public offering. Following are key events in Didi’s IPO: Advertisement Advertisement Oct 20, 2020 – Didi is considering Hong Kong for an IPO in…
Выявлена новая вредоносная кампания, инициатором которой предположительно является северокорейская APT-группа Lazarus. Злоумышленники рассылают поддельные письма, предлагая инженерную должность в крупной американской или европейской компании. В AT&T Cybersecurity (ранее AlienVault) проанализировали три образца вредоносных документов Word, распространявшихся в мае и июне от имени Airbus, General Motors и германского производителя военной техники Rheinmetall. Оказалось, что все эти…
Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime Synnex, a Supplier for the RNC, Detected an Intrusion Attempt Doug Olenick (DougOlenick) • July 6, 2021 IT services provider Synnex Corp., which counts the Republican National Committee as a customer, said Tuesday that an intrusion attempt against it may be…
Last week a vulnerability made its way to the internet after researchers accidentally published a proof of concept. That proof of concept exploited a series of vulnerabilities in the Windows Print Spooler service. The vulnerability was dubbed PrintNightmare and until now the best way to avoid it was to disable the Print Spooler service which…
Microsoft has released an emergency patch to address a critical flaw in the Windows Print Spooler service that bad actors are actively exploiting, as noticed by The Verge. A few days ago, the tech giant has published a security advisory to notify users about the flaw called PrintNightmare, though it didn’t name the bad actors…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management 90 Days After Vulnerability ID Reserved, REvil Exploited Bug to Hit Kaseya Customers Mathew J. Schwartz (euroinfosec) • July 6, 2021 Kaseya’s vulnerability disclosure page on its website Ransomware-wielding criminals continue to hone their illicit business models,…
Онлайн-мошенники ввели в заблуждение как минимум 93 тыс. пользователей Android-смартфонов, обманом заставив их приобрести приложения для майнинга криптовалюты. Об этом рассказали в своём отчёте специалисты компании Lookout. В общей сложности эксперты насчитали (PDF) 172 фейковые программы, которые разделили на два семейства: BitScam (83 800 установки) и CloudScam (9 600 установок). Мошенники преподносили их как облачные…
Google intervened to remove nine Android apps downloaded more than 5.8 million times from the company’s Play Store after the apps were caught furtively stealing users’ Facebook login credentials. “The applications were fully functional, which was supposed to weaken the vigilance of potential victims. With that, to access all of the apps’ functions and, allegedly,…
