Kaseya Victim Struggling with Decryption After REvil Goes Dark
Mike Hamilton, former CISO of Seattle and now CISO of ransomware remediation firm Critical Insight, told ZDNet that a customer, who asked not to be named, was one of the few Kaseya victims to pay a ransom to the REvil ransomware group. Hamilton explained that the company paid the ransom and received the decryption keys from REvil but have found that they aren't working. REvil typically offers a help desk function that aids victims with getting back their data.
Imminent Ransomware Campaign Targeting Older Appliances
Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware in an imminent ransomware campaign using stolen credentials. The exploitation targets a known vulnerability that has been patched in newer versions of firmware.
SonicWall Releases Urgent Security Notice About Actively Targeted EOL Devices
SonicWall, the California-based network security and network appliance company, has released an urgent security notice to inform its customers about a newly arisen danger of using unpatched EOL (end of life) SRA (Secure Remote Access) and SMA (Secure Mobile Access) devices.
REvil Ransomware Sites Are Down
REvil ransomware gang’s website and infrastructure has gone offline, about a week and a half after the news of the group’s cyberattack on IT software vendor Kaseya.
SonicWall: Ransomware Attacks Targeting End-of-Life Appliances
A new SonicWall urgent security notice warns of imminent ransomware attacks targeting unpatched, end-of-life appliances.
SonicWall: Fix Unpatched and End-of-Life 8.x Firmware for SMA and SRA Products
New notice from SonicWall that end-of-life firmware vulnerabilities exist.
Kaseya Ransomware Attack: What to Know About Supply Chain Security
Despite warnings about the dangers to software supply chains following the cyberespionage campaign that targeted SolarWinds and the company’s customers, organizations in the U.S. and around the world are dealing with the fallout of yet another attack that took advantage of security weaknesses in these IT ecosystems.
Fashion Retailer Guess Announces Data Breach
Fashion retailer Guess recently announced a data breach that compromised 1,300 people and their information, including account numbers, debit and credit card numbers, social security numbers, access codes and personal identification numbers.
Where Did REvil Ransomware Go? Will it Be Back?
Speculation swirled over why the prolific and dangerous REvil ransomware went offline – blog, payment processing, all suddenly went kaput – it’s important not to lose sight of the bigger issues. While the ransomware is gone, at least for the time being, there’s a good chance they’ll be back under another franchise. And ransomware threats still loom large.
Cybercriminals Employing Specialists To Maximize Ill-Gotten Gains
Ransomware gangs are increasingly turning to specialists to complete their capers on corporations, according to a Dark Net intelligence provider. A report issued by Tel Aviv-based Kela noted that the days when lone wolves conducted cyberattacks from start to finish are nearly extinct.
Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack
Attackers are actively exploiting a critical, pre-authorization remote-code execution (RCE) vulnerability in the popular Access Management platform from digital identity management firm ForgeRock.
Zeit der Unschuld ist für MSPs vorbei
Vor zwei Jahren Teamviewer, zur Jahreswende 2020/21 Solarwinds und jetzt Kaseya: Technologielieferanten von Managed Servive Providern rücken allmählich ins Visier von Angreifern. Die können und dürfen diese Tatsache nicht mehr ignorieren – und müssen lernen, damit umzugehen.
Letting Businesses ‘Hack Back’ Against Hackers Is a Terrible Idea, Cyber Veterans Say
Companies shouldn’t be allowed to strike back against hackers, cybersecurity specialists and former government officials warned, after senators last week introduced legislation floating the idea of such counterattacks.
Exclusive: Expert views on the Kaseya attack and the latest patchwork
Enterprise tech firm Kaseya has confirmed that around 1,500 businesses were impacted as a result of an attack on its remote device management software, which was used to spread ransomware.
Prevention and preparedness revisited: Cyber-defence after Kaseya ransomware attack
Hitesh Sheth, our CEO, shares his thoughts on the recent Kaseya ransomware attack and how it indicates the increased rise of ransomware.
Prevention and Preparedness Revisited: Cyber Defence After Kaseya Ransomware Attack
Our CEO, Hitesh Sheth, has guest wrote about the Kaseya ransomware attack. He shares how part of the job of cybersecurity leaders is to look at discrete events and connect the dots.
Kaseya attack prompts thinking on much do you really know your vendor
According to advisories posted on the Kaseya website, its VSA product has unfortunately been the victim of a sophisticated cyberattack. This has been localized to a number of on-premises customers. In an effort to be transparent with customers, Kaseya is sharing information concerning the recent ransomware attack in an Incident Overview and Technical Details document.
Crash Testing Your Business
As A.I. becomes more ubiquitous and powerful, it will be increasingly important to test and simulate all the ways in which A.I. systems can fail, either on their own, or because someone has decided to deliberately attack them. (This could be cybercriminals or fraudsters or state actors.) In essence, as we hand more control to intelligent software, companies will have to perform a kind of crash testing on larger parts of their business.
Up to 1500 Businesses Affected by Kaseya Supply Chain Ransomware Attack
Kaseya’s VSA product has been the victim of a sophisticated ransomware attack, affecting 60 Kaseya customers and an estimated 1,500 downstream businesses. Attackers are allegedly demanding $70 million in return for a universal decryptor software key that would unscramble all affected machines.
As Kaseya Works to bring SaaS Servers Online, Experts Laud Precautionary Measures as ‘Opposite of Complacency
Kaseya began the technical work for deployment of the company’s servers that support the software-as-a-service VSA product, configuring an additional layer of security to the SaaS infrastructure.
REvil crew wants $70m in Kaseya ransomware heist
More than 1,000 different organisations around the world – including many small and medium-sized enterprises (SMEs) – remain locked out of critical IT systems over 48 hours after a REvil/Sodinokibi ransomware attack against IT managed service providers (MSPs) orchestrated via a compromise of Kaseya’s VSA endpoint management and network monitoring service.
Kaseya attack leaves MSPs asking more security questions
The latest ransomware attack on a firm operating in the managed service sector further underlines the need to protect data and ensure supply chain integrity.
New Data Security Rules Instituted for US Payment Processing System
New data security rules governing how money changes hands in the US have gone into effect today, forcing major digital money processors to render deposit account information unreadable in electronic storage.
Lawmakers Introduce American Cybersecurity Literacy Act
Bipartisan House lawmakers introduced legislation to increase cybersecurity literacy and security awareness among the American public amid a spike in cybersecurity threats against critical infrastructure.
Researchers Publish Proof of Concept for Cisco ASA Flaw
Researchers at at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports of researchers pursuing bug bounties using this exploit.