3rd Party Risk Management , Breach Notification , Critical Infrastructure Security Tom Kellermann of VMware Carbon Black on the Timing, Impact of REvil Strike Tom Field (SecurityEditor) • July 7, 2021 Tom Kellermann, Head of Cybersecurity Strategy at VMware Carbon Black The Kaseya VSA…
WASHINGTON (Reuters) – Ransomware-hit IT firm Kaseya said on Sunday it hired cybersecurity company FireEye Inc to help deal with the fallout of a major breach that has affected hundreds of businesses worldwide. In a message posted to its website, Miami-based Kaseya said its employees “have been actively engaged with FireEye and other security assessment…
3rd Party Risk Management , Governance & Risk Management , Incident & Breach Response Avast: This Supply Chain Attack Used Cobalt Strike Prajeet Nair (@prajeetspeaks) • July 6, 2021 This bitmap image file was used for a steganography attack on MonPass. (Source: Avast) Researchers at Avast discovered a compromised server belonging to MonPass,…
Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Company Outlines Steps After REvil Ransomware Attack Dan Gunderman (dangun127) , Doug Olenick (DougOlenick) • July 6, 2021 Kaseya’s Tuesday update Watch for updates on this developing story. See Also: Live Panel | Zero Trusts Given- Harnessing the Value of…
Governance & Risk Management , Incident & Breach Response , Legislation & Litigation Class Actions Filed Against Each Company After Hacking Incidents Marianne Kolbasuk McGee (HealthInfoSec) , Doug Olenick (DougOlenick) • July 6, 2021 U.S.-based pharmacy and supermarket chain Kroger and U.K.-based British Airways have each agreed to settle class action lawsuits filed…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management 90 Days After Vulnerability ID Reserved, REvil Exploited Bug to Hit Kaseya Customers Mathew J. Schwartz (euroinfosec) • July 6, 2021 Kaseya’s vulnerability disclosure page on its website Ransomware-wielding criminals continue to hone their illicit business models,…
Google is still racing to pull Android apps that commit major privacy violations. Ars Technica notes that Google has removed nine apps from the Play Store after Dr. Web analysts discovered they were trojans stealing Facebook login details. These weren’t obscure titles — the malware had over 5.8 million combined downloads and posed as easy-to-find…
Google recently removed nine malicious apps from the Play Store after they were found stealing Facebook users’ logins and passwords. Discovered by security researchers at Dr. Web, these stealer trojans were found using a special mechanism to trick users into disclosing their Facebook login details by offering them photo editing and app lock features as well…
The headquarters of DiDi in Beijing Photo:VCG China’s cyberspace regulator on Monday put three more internet platforms under scrutiny, three days after it announced a review of cybersecurity into the country’s top ride-hailing platform Didi Chuxing, indicating the country’s resolve to clamp down on data breaches and misuse as part of a broader move to…
A man walks near the New York Stock Exchange (NYSE) on August 31, 2020 at Wall Street in New York City.Photo: CFP Chinese ride-hailing giant Didi’s US shares plunged in pre-market trading on Tuesday, in a rout that was joined by two other platform firms that have recently been in China’s cybersecurity crosshairs. As of…
