Media coverage - 2021

The National Security Council is sending a memo to U.S. companies urging them to take the ransomware threat more seriously as the Biden Administration ramps up its responses following recent attacks linked to Russia-based hacker groups on two major corporations.

Speculation swirled over why the prolific and dangerous REvil ransomware went offline – blog, payment processing, all suddenly went kaput – it’s important not to lose sight of the bigger issues. While the ransomware is gone, at least for the time being, there’s a good chance they’ll be back under another franchise. And ransomware threats still loom large.

Fashion retailer Guess recently announced a data breach that compromised 1,300 people and their information, including account numbers, debit and credit card numbers, social security numbers, access codes and personal identification numbers.

Despite warnings about the dangers to software supply chains following the cyberespionage campaign that targeted SolarWinds and the company’s customers, organizations in the U.S. and around the world are dealing with the fallout of yet another attack that took advantage of security weaknesses in these IT ecosystems.

Ransomware gangs are increasingly turning to specialists to complete their capers on corporations, according to a Dark Net intelligence provider. A report issued by Tel Aviv-based Kela noted that the days when lone wolves conducted cyberattacks from start to finish are nearly extinct.

Attackers are actively exploiting a critical, pre-authorization remote-code execution (RCE) vulnerability in the popular Access Management platform from digital identity management firm ForgeRock.

Vor zwei Jahren Teamviewer, zur Jahreswende 2020/21 Solarwinds und jetzt Kaseya: Technologielieferanten von Managed Servive Providern rücken allmählich ins Visier von Angreifern. Die können und dürfen diese Tatsache nicht mehr ignorieren – und müssen lernen, damit umzugehen.

Enterprise tech firm Kaseya has confirmed that around 1,500 businesses were impacted as a result of an attack on its remote device management software, which was used to spread ransomware.

Companies shouldn’t be allowed to strike back against hackers, cybersecurity specialists and former government officials warned, after senators last week introduced legislation floating the idea of such counterattacks.

Kaseya began the technical work for deployment of the company’s servers that support the software-as-a-service VSA product, configuring an additional layer of security to the SaaS infrastructure.

Hitesh Sheth, our CEO, shares his thoughts on the recent Kaseya ransomware attack and how it indicates the increased rise of ransomware.

Kaseya’s VSA product has been the victim of a sophisticated ransomware attack, affecting 60 Kaseya customers and an estimated 1,500 downstream businesses.  Attackers are allegedly demanding $70 million in return for a universal decryptor software key that would unscramble all affected machines.

As A.I. becomes more ubiquitous and powerful, it will be increasingly important to test and simulate all the ways in which A.I. systems can fail, either on their own, or because someone has decided to deliberately attack them. (This could be cybercriminals or fraudsters or state actors.) In essence, as we hand more control to intelligent software, companies will have to perform a kind of crash testing on larger parts of their business.

According to advisories posted on the Kaseya website, its VSA product has unfortunately  been the victim of a sophisticated cyberattack. This has been localized to a number of on-premises customers.  In an effort to be transparent with customers, Kaseya is sharing information concerning the recent ransomware attack in an Incident Overview and Technical Details document.

Our CEO, Hitesh Sheth, has guest wrote about the Kaseya ransomware attack. He shares how part of the job of cybersecurity leaders is to look at discrete events and connect the dots.

The latest ransomware attack on a firm operating in the managed service sector further underlines the need to protect data and ensure supply chain integrity.

More than 1,000 different organisations around the world – including many small and medium-sized enterprises (SMEs) – remain locked out of critical IT systems over 48 hours after a REvil/Sodinokibi ransomware attack against IT managed service providers (MSPs) orchestrated via a compromise of Kaseya’s VSA endpoint management and network monitoring service.

New data security rules governing how money changes hands in the US have gone into effect today, forcing major digital money processors to render deposit account information unreadable in electronic storage.

The National Institute of Standards and Technology has published its definition of what "critical software" means for the U.S. federal government, as the standards agency begins fulfilling some of the requirements laid out in President Joe Biden's executive order on cybersecurity.

Autrefois considéré comme un avantage stratégique, le cloud est rapidement devenu indispensable au sein des entreprises. Son adoption, ainsi que l’efficacité et l’agilité qu’il procure, figurent en bonne place de l’ordre du jour des conseils d’administration depuis plusieurs années maintenant.

Le plan de gestion assure la gestion et l’orchestration du déploiement du Cloud dans une entreprise. C’est à ce niveau que les configurations de référence sont définies, que l’accès des utilisateurs et des rôles est fourni, ainsi que l’emplacement des applications afin qu’elles puissent s’exécuter avec les services associés— on peut le comparer au contrôle du trafic aérien dans le cadre des applications.

Researchers at at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports of researchers pursuing bug bounties using this exploit.

Bipartisan House lawmakers introduced legislation to increase cybersecurity literacy and security awareness among the American public amid a spike in cybersecurity threats against critical infrastructure.

A bipartisan group of U.S. House members introduced legislation to establish a cybersecurity literacy and public awareness campaign. The cybersecurity literacy bill comes amid the increasing onslaught of cyberattacks. These include headline-grabbing attacks on SolarWinds and Microsoft Exchange, and ransomware attacks such as Colonial Pipeline and JBS USA.

Researchers have dropped a proof-of-concept (PoC) exploit on Twitter for a known cross-site scripting (XSS) vulnerability in the Cisco Adaptive Security Appliance (ASA). The move comes as reports surface of in-the-wild exploitation of the bug.