News

3rd Party Risk Management , Endpoint Security , Fraud Management & Cybercrime Software Vendor Quiet on Whether It Might Pay for REvil’s Full Decryption Tool Jeremy Kirk (jeremy_kirk) • July 6, 2021     Screenshot of Kaseya’s remote IT management software VSA, which was compromised by ransomware attackers. (Source: Kaseya) Kaseya said late Monday that…

It’s now being called “the single biggest global ransomware attack on record,” with thousands of victims in at least 17 different countries breached with ransomware Friday, reports the Associated Press, citing new details provided by cybersecurity researchers. An affiliate of the Russia-linked gang REvil deployed the ransomware “largely through firms that remotely manage IT infrastructure…

This affects all versions of package Flask-User. When using the make_safe_url function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as /////evil.com/path or \evil.com/path. This vulnerability is only exploitable if an….

NEW YORK: China’s cybersecurity watchdog suggested Didi Global Inc delay its initial public offering and urged it to review its network security, weeks before the Chinese ride-hailing giant went public, the Wall Street Journal reported on Monday, citing people familiar with the matter. It isn’t known whether Didi carried out its own review, according to…

China’s cyberspace regulator has ordered app stores to remove Didi Chuxing, dealing a major blow to a ride-hailing giant that just days ago pulled off one of the largest U.S. initial public offerings of the past decade. The Cyberspace Administration of China announced the ban Sunday, citing serious violations on Didi Global Inc.’s collection and…

Chinese regulators have gained a reputation for aggressive action, but even hardened investors were shocked by the announcement of a probe into ride-hailing firm Didi just two days after its US$4.4 billion (A$5.8 billion) New York stock market debut. While Didi’s initial public offering (IPO) prospectus did mention some of the regulatory risks to its…

BOSTON — (AP) — In the past few weeks, ransomware criminals claimed as trophies at least three North American insurance brokerages that offer policies to help others survive the very network-paralyzing, data-pilfering extortion attacks they themselves apparently suffered. Cybercriminals who hack into corporate and government networks to steal sensitive data for extortion routinely try to…

“We must never let any internet giant control a super database that has more detailed personal information than the state, let alone giving it the right to use the data at will,” the paper said in the commentary. While it’s not clear how Didi illegally collected personal data, companies should gather the least amount of…

The ransomware gang who attacked Kaseya locked down systems and demanded ransom payments from end user organisations while passing over MSPs and Kaseya itself, according to Kaseya CEO Fred Voccola. Voccola told CRN USA the ransomware attacker sought money only from end customers rather than the approximately 50 MSPs who had been compromised through an…