Threatpost
JULY 5, 2021
Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware. InfoSec Insider Malware
WIRED Threat Level
JULY 6, 2021
Everyone hates the old ways of authentication. But while change is closer than ever, it comes with its own drawbacks.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
JULY 4, 2021
REvil Malware Suspected of Infecting Scores of IT Management Companies, Clients U.S. President Joe Biden has ordered federal intelligence agencies to investigate the incident involving IT management software vendor Kaseya. Attackers reportedly compromised Kaseya's remote monitoring system, VSA, potentially impacting scores of managed service providers and their clients.
Security Affairs
JULY 9, 2021
Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance giant CNA is notifying customers of a data breach after the ransomware attack that it suffered in March. The insurance firm paid a $40 ransom to restore access to its files following the ransomware attack. According to Bloomberg, CNA Financial opted to pay the ransom two weeks after the security breach because it was not able to restore its operations.
Advertiser: ZoomInfo
AI adoption is reshaping sales and marketing. But is it delivering real results? We surveyed 1,000+ GTM professionals to find out. The data is clear: AI users report 47% higher productivity and an average of 12 hours saved per week. But leaders say mainstream AI tools still fall short on accuracy and business impact. Download the full report today to see how AI is being used — and where go-to-market professionals think there are gaps and opportunities.
Krebs on Security
JULY 9, 2021
Last summer, financial institutions throughout Texas started reporting a sudden increase in attacks involving well-orchestrated teams that would show up at night, use stolen trucks and heavy chains to rip Automated Teller Machines (ATMs) out of their foundations, and make off with the cash boxes inside. Now it appears the crime — known variously as “ ATM smash-and-grab ” or “ chain gang ” attacks — is rapidly increasing in other states.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
JULY 5, 2021
Yet Another Ransomware Attack Targets Managed Service Providers to Maximize Profits The REvil ransomware operation behind the massive attack centering on Kaseya, which develops software used by managed service providers, has offered to decrypt all victims - MSPs as well as their customers - for $70 million in bitcoins. Experts note this isn't the first time REvil has hit MSPs, or even Kaseya.
Security Affairs
JULY 5, 2021
Revil ransomware gang hit Spanish telecom giant MasMovil and claims to have stolen sensitive data from the group. MasMovil is one of the largest Spanish telecom operators, last week the group was hit by the REvil ransomware gang that claims to have stolen sensitive data from the company. “We have downloaded databases and other important data” reads the message published by REvil ransomware gang on its Tor leak site.
Krebs on Security
JULY 7, 2021
Microsoft on Tuesday issued an emergency software update to quash a security bug that’s been dubbed “ PrintNightmare ,” a critical vulnerability in all supported versions of Windows that is actively being exploited. The fix comes a week ahead of Microsoft’s normal monthly Patch Tuesday release, and follows the publishing of exploit code showing would-be attackers how to leverage the flaw to break into Windows computers.
WIRED Threat Level
JULY 9, 2021
The company released a patch this week, but security researchers say the root of the problem is beyond its control—and symptomatic of a larger issue.
Speaker: Ben Epstein, Stealth Founder & CTO | Tony Karrer, Founder & CTO, Aggregage
When tasked with building a fundamentally new product line with deeper insights than previously achievable for a high-value client, Ben Epstein and his team faced a significant challenge: how to harness LLMs to produce consistent, high-accuracy outputs at scale. In this new session, Ben will share how he and his team engineered a system (based on proven software engineering approaches) that employs reproducible test variations (via temperature 0 and fixed seeds), and enables non-LLM evaluation m
Data Breach Today
JULY 6, 2021
Software Vendor Quiet on Whether It Might Pay for REvil's Full Decryption Tool Software vendor Kaseya suspects that 800-1,500 organizations - mostly small businesses - were compromised via a ransomware attack that exploited its VSA remote management software. The company won't say if it is negotiating with the attackers for a universal decryption tool that would unlock all victims' files.
Security Affairs
JULY 7, 2021
Wiregrass Electric Cooperative, a rural Alabama electric cooperative was hit by a ransomware attack. Wiregrass Electric Cooperative, a rural Alabama electric cooperative that serves about 25,000 members, was hit by a ransomware attack. The cyberattack temporarily blocked the customers’ access to their account information, the cooperative is working to restore the impacted system.
Krebs on Security
JULY 8, 2021
Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya , a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.
WIRED Threat Level
JULY 5, 2021
Thinking about selling your smart speaker? Be aware that you can't completely delete personal content from the device.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
Data Breach Today
JULY 6, 2021
Class Actions Filed Against Each Company After Hacking Incidents U.S.-based pharmacy and supermarket chain Kroger and U.K.-based British Airways have each agreed to settle class action lawsuits filed in the wake of two massive data breaches.
Security Affairs
JULY 6, 2021
Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya announced that fewer than 60 of its customers and less than 1,500 businesses have been impacted by the recent supply-chain ransomware attack. Up to 1,500 downstream organizations, which were customers of MSPs using Kaseya VSA management platform, were impacted by the attack. “While impacting approximately 50 of Kaseya’s customers, this attack was n
AIIM
JULY 8, 2021
The unprecedented COVID-19 pandemic has, almost overnight, forced many organizations to modify their business practices and transition to a remote workforce. Of course, the first focus during this transition is deploying the connectivity and infrastructure necessary to support your remote workers. Don’t, however, lose sight of the fact that information scattered across a dispersed workforce can significantly raise the risk of a data breach or other security concerns.
WIRED Threat Level
JULY 4, 2021
More details have come to light as to how the notorious hacking group pulled off its unprecedented attack.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Data Breach Today
JULY 9, 2021
Ransomware-as-a-Service Operations Tap Expert Intrusion Specialists and Negotiators As ransomware attacks become more prolific, their success is being driven by the increasing use of specialists who can refine every stage of an attack. It's a reminder that the goal of cybercrime remains to maximize illicit profits as easily and quickly as possible.
Security Affairs
JULY 4, 2021
Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply chain attack made the headlines, on Friday the REvil ransomware gang hit the Kaseya cloud-based MSP platform impacting MSPs and their customers. The REvil ransomware operators initially compromised the Kaseya VSA’s infrastructure, then pushed out malicious updates for VSA on-premise servers to deploy ransomware on enterprise networks.
AIIM
JULY 6, 2021
The COVID-19 pandemic crisis has changed most everything. Technology, social, and cultural disruptions have forced organizations to shift rapidly, expanding remote work capabilities. As we approach the post-pandemic era, a new normal has emerged in workstyles. Businesses now look to foster and enable a hybrid workplace. With this massive transition underway, many organizations struggle to maximize productivity and resilience while building a seamless and secure digital workplace.
WIRED Threat Level
JULY 9, 2021
Companies are racing to track everything about you. It could be a convenient way to reduce fraud—or seriously creepy and discriminatory.
Advertiser: ZoomInfo
ZoomInfo customers aren’t just selling — they’re winning. Revenue teams using our Go-To-Market Intelligence platform grew pipeline by 32%, increased deal sizes by 40%, and booked 55% more meetings. Download this report to see what 11,000+ customers say about our Go-To-Market Intelligence platform and how it impacts their bottom line. The data speaks for itself!
Data Breach Today
JULY 8, 2021
White House Tells Moscow: Take Action, or We 'Reserve the Right' to Do So The Biden administration has a message for Russia: Rein in the criminal hackers operating from inside your borders who hit Western targets, or we'll do it for you. But experts say disrupting ransomware will take more than diplomacy or even using offensive cyber operations to target criminal infrastructure.
Security Affairs
JULY 4, 2021
Threat actors compromised the servers of Mongolian certificate authority (CA) MonPass and used its website to spread malware. Hackers compromised the servers of the Mongolian certificate authority (CA) MonPass and used its website to spread malware, reported Avast researchers. According to the experts, the security breach took place at least six months ago, MonPass was breached potentially eight separate times and Avast researchers found eight different webshells and backdoors on a CA’s co
Schneier on Security
JULY 8, 2021
ArsTechnica has a good story on the REvil ransomware attack of last weekend, with technical details: This weekend’s attack was carried out with almost surgical precision. According to Cybereason, the REvil affiliates first gained access to targeted environments and then used the zero-day in the Kaseya Agent Monitor to gain administrative control over the target’s network.
WIRED Threat Level
JULY 8, 2021
For the second time in a month, the company issued an update that doesn't fully address a severe security vulnerability in Windows.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Data Breach Today
JULY 9, 2021
Phishing Emails Contain Malicious Link, Attachment Spammers posing as software vendor Kaseya are waging a malspam campaign to target users of the company's VSA remote IT management software that was hit by a ransomware attack, the security firm Malwarebytes reports.
Security Affairs
JULY 6, 2021
ENISA publishes Cybersecurity guide for SMEs, a document that aims at providing suggestions to secure their business. During the COVID-19 pandemic, most of organizations increased their presence online, enlarging their surface of attacks. The surface of attack for SMEs was enlarged, many of them took business continuity measures, such as adopting cloud services, improving their internet services, upgrading their websites and enabling staff to work remotely.
Schneier on Security
JULY 6, 2021
A vulnerability (just patched) in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator included in Kaspersky Password Manager had several problems. The most critical one is that it used a PRNG not suited for cryptographic purposes. Its single source of entropy was the current time.
Expert insights. Personalized for you.
136 
Let's personalize your content