BOSTON: In the past few weeks, ransomware criminals claimed as trophies at least three North American insurance brokerages that offer policies to help others survive the very network-paralyzing, data-pilfering extortion attacks they themselves apparently suffered. Cybercriminals who hack into corporate and government networks to steal sensitive data for extortion routinely try to learn how much…
Governance & Risk Management , IT Risk Management , Patch Management Company Also Updates Risk Mitigation Advice Prajeet Nair (@prajeetspeaks) • July 6, 2021 Install updates now or disconnect Print Spooler to mitigate PrintNightmare vulnerability. (Source: Wikihow) This story has been updated. See Also: Live Panel | Zero Trusts Given- Harnessing the Value…
Endpoint Security , Fraud Management & Cybercrime , Ransomware Dutch Researchers First Notified Kaseya in April of Vulnerabilities Dan Gunderman (dangun127) • July 7, 2021 Kaseya CEO Fred Voccola has defended his company’s actions but acknowledged those affected by a ransomwware attack are “very, very frustrated.” (Source: Kaseya) Miami-based software company Kaseya worked…
Over 1,000 businesses from around the world have reportedly been impacted in a supply-chain attack where hackers exploited a vulnerability in a remote computer management tool called Kaseya VSA to deploy the REvil ransomware. Kaseya shut down its cloud-based service and urged all users with on-premises deployments, which includes many managed services providers (MSPs), to…
Background On July 2, 2021, Kaseya, an IT Management software firm, disclosed a security incident impacting their on-prem version of Kaseya VSA software. Kaseya VSA is a cloud-based MSP platform that allows service providers to perform patch management, backups, and client monitoring for their customers. As per Kaseya, the majority of their customers that rely…
BEIJING: China’s cyberspace regulator has announced a cybersecurity investigation into Chinese ride-hailing giant Didi Global and ordered that Chinese app stores halt downloads of its app, days after the company’s US initial public offering. Following are key events in Didi’s IPO: Advertisement Advertisement Oct 20, 2020 – Didi is considering Hong Kong for an IPO in…
Выявлена новая вредоносная кампания, инициатором которой предположительно является северокорейская APT-группа Lazarus. Злоумышленники рассылают поддельные письма, предлагая инженерную должность в крупной американской или европейской компании. В AT&T Cybersecurity (ранее AlienVault) проанализировали три образца вредоносных документов Word, распространявшихся в мае и июне от имени Airbus, General Motors и германского производителя военной техники Rheinmetall. Оказалось, что все эти…
Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime Synnex, a Supplier for the RNC, Detected an Intrusion Attempt Doug Olenick (DougOlenick) • July 6, 2021 IT services provider Synnex Corp., which counts the Republican National Committee as a customer, said Tuesday that an intrusion attempt against it may be…
Last week a vulnerability made its way to the internet after researchers accidentally published a proof of concept. That proof of concept exploited a series of vulnerabilities in the Windows Print Spooler service. The vulnerability was dubbed PrintNightmare and until now the best way to avoid it was to disable the Print Spooler service which…
Microsoft has released an emergency patch to address a critical flaw in the Windows Print Spooler service that bad actors are actively exploiting, as noticed by The Verge. A few days ago, the tech giant has published a security advisory to notify users about the flaw called PrintNightmare, though it didn’t name the bad actors…
