about - MEDIA COVERAGE

2021 | 2020 | 2019 | 2018 | 2017 | 2016 | 2015 | 2014

Media coverage published in 2021

Kaseya Victim Struggling with Decryption After REvil Goes Dark

July 16, 2021

ZDNet

Mike Hamilton, former CISO of Seattle and now CISO of ransomware remediation firm Critical Insight, told ZDNet that a customer, who asked not to be named, was one of the few Kaseya victims to pay a ransom to the REvil ransomware group. Hamilton explained that the company paid the ransom and received the decryption keys from REvil but have found that they aren't working. REvil typically offers a help desk function that aids victims with getting back their data.

Read article

Imminent Ransomware Campaign Targeting Older Appliances

July 15, 2021

Security Magazine

Through the course of collaboration with trusted third parties, SonicWall has been made aware of threat actors actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware in an imminent ransomware campaign using stolen credentials. The exploitation targets a known vulnerability that has been patched in newer versions of firmware.

Read article

SonicWall Releases Urgent Security Notice About Actively Targeted EOL Devices

July 15, 2021

Tech Nadu

SonicWall, the California-based network security and network appliance company, has released an urgent security notice to inform its customers about a newly arisen danger of using unpatched EOL (end of life) SRA (Secure Remote Access) and SMA (Secure Mobile Access) devices.

Read article

REvil Ransomware Sites Are Down

July 15, 2021

Security Magazine

REvil ransomware gang’s website and infrastructure has gone offline, about a week and a half after the news of the group’s cyberattack on IT software vendor Kaseya.

Read article

SonicWall: Ransomware Attacks Targeting End-of-Life Appliances

July 15, 2021

Channel Futures

A new SonicWall urgent security notice warns of imminent ransomware attacks targeting unpatched, end-of-life appliances.

Read article

SonicWall: Fix Unpatched and End-of-Life 8.x Firmware for SMA and SRA Products

July 15, 2021

SC Magazine

New notice from SonicWall that end-of-life firmware vulnerabilities exist.

Read article

Kaseya Ransomware Attack: What to Know About Supply Chain Security

July 14, 2021

DICE Insights

Despite warnings about the dangers to software supply chains following the cyberespionage campaign that targeted SolarWinds and the company’s customers, organizations in the U.S. and around the world are dealing with the fallout of yet another attack that took advantage of security weaknesses in these IT ecosystems.

Read article

Fashion Retailer Guess Announces Data Breach

July 14, 2021

Security Magazine

Fashion retailer Guess recently announced a data breach that compromised 1,300 people and their information, including account numbers, debit and credit card numbers, social security numbers, access codes and personal identification numbers.

Read article

Where Did REvil Ransomware Go? Will it Be Back?

July 14, 2021

Security Boulevard

Speculation swirled over why the prolific and dangerous REvil ransomware went offline – blog, payment processing, all suddenly went kaput – it’s important not to lose sight of the bigger issues. While the ransomware is gone, at least for the time being, there’s a good chance they’ll be back under another franchise. And ransomware threats still loom large.

Read article

Cybercriminals Employing Specialists To Maximize Ill-Gotten Gains

July 13, 2021

Tech News World

Ransomware gangs are increasingly turning to specialists to complete their capers on corporations, according to a Dark Net intelligence provider. A report issued by Tel Aviv-based Kela noted that the days when lone wolves conducted cyberattacks from start to finish are nearly extinct.

Read article

Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack

July 12, 2021

Threatpost

Attackers are actively exploiting a critical, pre-authorization remote-code execution (RCE) vulnerability in the popular Access Management platform from digital identity management firm ForgeRock.

Read article

Zeit der Unschuld ist für MSPs vorbei

July 9, 2021

Channel Partner

Vor zwei Jahren Teamviewer, zur Jahreswende 2020/21 Solarwinds und jetzt Kaseya: Technologielieferanten von Managed Servive Providern rücken allmählich ins Visier von Angreifern. Die können und dürfen diese Tatsache nicht mehr ignorieren – und müssen lernen, damit umzugehen.

Read article

Letting Businesses ‘Hack Back’ Against Hackers Is a Terrible Idea, Cyber Veterans Say

July 8, 2021

Wall Street Journal

Companies shouldn’t be allowed to strike back against hackers, cybersecurity specialists and former government officials warned, after senators last week introduced legislation floating the idea of such counterattacks.

Read article

Exclusive: Expert views on the Kaseya attack and the latest patchwork

July 8, 2021

AMEinfo

Enterprise tech firm Kaseya has confirmed that around 1,500 businesses were impacted as a result of an attack on its remote device management software, which was used to spread ransomware.

Read article

Prevention and preparedness revisited: Cyber-defence after Kaseya ransomware attack

July 7, 2021

SecurityBrief Asia

Hitesh Sheth, our CEO, shares his thoughts on the recent Kaseya ransomware attack and how it indicates the increased rise of ransomware.

Read article

Prevention and Preparedness Revisited: Cyber Defence After Kaseya Ransomware Attack

July 6, 2021

Tahawul Tech

Our CEO, Hitesh Sheth, has guest wrote about the Kaseya ransomware attack. He shares how part of the job of cybersecurity leaders is to look at discrete events and connect the dots.

Read article

Kaseya attack prompts thinking on much do you really know your vendor

July 6, 2021

Enterprise Channels MEA

According to advisories posted on the Kaseya website, its VSA product has unfortunately  been the victim of a sophisticated cyberattack. This has been localized to a number of on-premises customers.  In an effort to be transparent with customers, Kaseya is sharing information concerning the recent ransomware attack in an Incident Overview and Technical Details document.

Read article

Crash Testing Your Business

July 6, 2021

Fortune

As A.I. becomes more ubiquitous and powerful, it will be increasingly important to test and simulate all the ways in which A.I. systems can fail, either on their own, or because someone has decided to deliberately attack them. (This could be cybercriminals or fraudsters or state actors.) In essence, as we hand more control to intelligent software, companies will have to perform a kind of crash testing on larger parts of their business.

Read article

Up to 1500 Businesses Affected by Kaseya Supply Chain Ransomware Attack

July 6, 2021

Security Magazine

Kaseya’s VSA product has been the victim of a sophisticated ransomware attack, affecting 60 Kaseya customers and an estimated 1,500 downstream businesses.  Attackers are allegedly demanding $70 million in return for a universal decryptor software key that would unscramble all affected machines.

Read article

As Kaseya Works to bring SaaS Servers Online, Experts Laud Precautionary Measures as ‘Opposite of Complacency

July 6, 2021

SC Magazine

Kaseya began the technical work for deployment of the company’s servers that support the software-as-a-service VSA product, configuring an additional layer of security to the SaaS infrastructure.

Read article

REvil crew wants $70m in Kaseya ransomware heist

July 5, 2021

Computer Weekly

More than 1,000 different organisations around the world – including many small and medium-sized enterprises (SMEs) – remain locked out of critical IT systems over 48 hours after a REvil/Sodinokibi ransomware attack against IT managed service providers (MSPs) orchestrated via a compromise of Kaseya’s VSA endpoint management and network monitoring service.

Read article

Kaseya attack leaves MSPs asking more security questions

July 5, 2021

MicroScope

The latest ransomware attack on a firm operating in the managed service sector further underlines the need to protect data and ensure supply chain integrity.

Read article

New Data Security Rules Instituted for US Payment Processing System

June 30, 2021

ZDNet

New data security rules governing how money changes hands in the US have gone into effect today, forcing major digital money processors to render deposit account information unreadable in electronic storage.

Read article

Lawmakers Introduce American Cybersecurity Literacy Act

June 28, 2021

Security Magazine

Bipartisan House lawmakers introduced legislation to increase cybersecurity literacy and security awareness among the American public amid a spike in cybersecurity threats against critical infrastructure.

Read article

Researchers Publish Proof of Concept for Cisco ASA Flaw

June 28, 2021

Security Magazine

Researchers at at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports of researchers pursuing bug bounties using this exploit.

Read article