News

Business Email Compromise (BEC),Fraud Management & Cybercrime,Fraud Risk Management West African Crime Group Used Homoglyph Techniques to Trick Victims, Company SaysDoug Olenick (DougOlenick) •July 21, 2021     Microsoft has announced the takedown of 17 domains that a threat group operating out of West Africa used to host fake Microsoft websites when conducting business email…

Safe Security, a Silicon Valley cyber risk management startup, has secured a $33 million investment from U.K. telco BT.  Founded in 2012, Safe Security — formerly known as Lucideus — helps organizations measure and mitigate enterprise-wide cyber risk using its security assessment framework for enterprises (SAFE) platform. The service, which is used by a number…

CVE-2021-2369 Detail Current Description Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple…

BOSTON — The Florida company whose software was exploited in the devastating Fourth of July weekend ransomware attack, Kaseya, has received a universal key that will decrypt all of the more than 1,000 businesses and public organizations crippled in the global incident. Kaseya spokeswoman Dana Liedholm would not say Thursday how the key was obtained…

TSA tightens cyber rules for pipelines By Adam Mazmanian Jul 21, 2021 A new directive issued by the Transportation Security Administration requires fuel pipeline operators to institute mitigation and recovery measures to protect against ransomware attacks and other known cybersecurity threats. This is the second directive issued by TSA in the wake of…

Security researchers at Check Point Research (CPR) on Wednesday disclosed a new strain of cross-platform malware that steals sensitive information from Apple’s macOS users. The malware identified as “XLoader” is currently being is distributed in the form of malware-as-a-service (MaaS) on the dark web forum as a botnet loader service for as low as $49,…

Fraud Management & Cybercrime , Incident & Breach Response , Ransomware Extortionists Demand $50 Million – Payable in Monero Cryptocurrency – From Oil Giant Scott Ferguson (Ferguson_Writes) • July 22, 2021     Saudi Aramco’s gas processing plant in Khursaniyah, Saudi Arabia (Photo: Saudi Aramco) Saudi Aramco, one of the world’s largest oil and natural…