Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management 90 Days After Vulnerability ID Reserved, REvil Exploited Bug to Hit Kaseya Customers Mathew J. Schwartz (euroinfosec) • July 6, 2021 Kaseya’s vulnerability disclosure page on its website Ransomware-wielding criminals continue to hone their illicit business models,…
Онлайн-мошенники ввели в заблуждение как минимум 93 тыс. пользователей Android-смартфонов, обманом заставив их приобрести приложения для майнинга криптовалюты. Об этом рассказали в своём отчёте специалисты компании Lookout. В общей сложности эксперты насчитали (PDF) 172 фейковые программы, которые разделили на два семейства: BitScam (83 800 установки) и CloudScam (9 600 установок). Мошенники преподносили их как облачные…
Google intervened to remove nine Android apps downloaded more than 5.8 million times from the company’s Play Store after the apps were caught furtively stealing users’ Facebook login credentials. “The applications were fully functional, which was supposed to weaken the vigilance of potential victims. With that, to access all of the apps’ functions and, allegedly,…
3rd Party Risk Management , Breach Notification , Critical Infrastructure Security Tom Kellermann of VMware Carbon Black on the Timing, Impact of REvil Strike Tom Field (SecurityEditor) • July 7, 2021 Tom Kellermann, Head of Cybersecurity Strategy at VMware Carbon Black The Kaseya VSA…
WASHINGTON (Reuters) – Ransomware-hit IT firm Kaseya said on Sunday it hired cybersecurity company FireEye Inc to help deal with the fallout of a major breach that has affected hundreds of businesses worldwide. In a message posted to its website, Miami-based Kaseya said its employees “have been actively engaged with FireEye and other security assessment…
3rd Party Risk Management , Governance & Risk Management , Incident & Breach Response Avast: This Supply Chain Attack Used Cobalt Strike Prajeet Nair (@prajeetspeaks) • July 6, 2021 This bitmap image file was used for a steganography attack on MonPass. (Source: Avast) Researchers at Avast discovered a compromised server belonging to MonPass,…
Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Company Outlines Steps After REvil Ransomware Attack Dan Gunderman (dangun127) , Doug Olenick (DougOlenick) • July 6, 2021 Kaseya’s Tuesday update Watch for updates on this developing story. See Also: Live Panel | Zero Trusts Given- Harnessing the Value of…
Governance & Risk Management , Incident & Breach Response , Legislation & Litigation Class Actions Filed Against Each Company After Hacking Incidents Marianne Kolbasuk McGee (HealthInfoSec) , Doug Olenick (DougOlenick) • July 6, 2021 U.S.-based pharmacy and supermarket chain Kroger and U.K.-based British Airways have each agreed to settle class action lawsuits filed…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management 90 Days After Vulnerability ID Reserved, REvil Exploited Bug to Hit Kaseya Customers Mathew J. Schwartz (euroinfosec) • July 6, 2021 Kaseya’s vulnerability disclosure page on its website Ransomware-wielding criminals continue to hone their illicit business models,…
Google is still racing to pull Android apps that commit major privacy violations. Ars Technica notes that Google has removed nine apps from the Play Store after Dr. Web analysts discovered they were trojans stealing Facebook login details. These weren’t obscure titles — the malware had over 5.8 million combined downloads and posed as easy-to-find…
