The Biden administration has a message for Russia: Rein in the criminal hackers operating from inside your borders who hit Western targets, or we'll do it for you. But experts say disrupting ransomware will take more than diplomacy or even using offensive cyber operations to target criminal infrastructure.
Global software vendor Kaseya worked in earnest for three months to resolve flaws in its VSA monitoring and management software but ultimately lost the race, Dutch researchers say. A timeline released on Wednesday gives insight into what happened before a devastating mass ransomware attack.
It was stealthy, and it was widespread. But perhaps the Kaseya VSA ransomware attack wasn't quite as effective and damaging as initially feared, says Michael Daniel, president and CEO of the Cyber Threat Alliance. He explains where defenses succeeded.
The Kaseya VSA ransomware attack was discussed exhaustively over the Fourth of July holiday weekend. But there's one big question that hasn’t been answered, says Tom Kellermann, head of cybersecurity strategy at VMware Carbon Black: "Who gave REvil the zero-day?"
Cue delays for customers of Kaseya waiting for their software-as-a-service and on-premises software to get emergency fixes and be restored, following the July 4 holiday weekend ransomware attack, which hit about 60 IT managed service provider customers and up to 1,500 of their collective managed service clients.
IT services provider Synnex Corp., which counts the Republican National Committee as a customer, said Tuesday that an intrusion attempt against it may be related to Friday's Kaseya supply chain ransomware attack. The RNC says no breach of its systems occurred.
Software vendor Kaseya suspects that 800 to 1,500 organizations - mostly small businesses - were compromised via a ransomware attack that exploited its VSA remote management software. The company won't say if it's negotiating with the attackers for a universal decryption tool that would unlock all victims' files.
A bipartisan bill introduced by Sens. Gary Peters and Ron Johnson would create a standardized cybersecurity training program for federal employees who purchase technology services. This bill follows a wave of attacks over the last two months that have targeted U.S. critical infrastructure.
Ransomware-wielding criminals continue to hone their illicit business models, as demonstrated by the strike against customers of Kaseya. A full postmortem of the attack has yet to be issued, but one question sure to be leveled at the software vendor is this: Should it have fixed the flaw more quickly?
The REvil ransomware operation behind the massive attack centering on Kaseya, which develops software used by managed service providers, has offered to decrypt all victims - MSPs as well as their customers - for $70 million in bitcoins. Experts note this isn't the first time REvil has hit MSPs, or even Kaseya.
Kaseya, the remote IT management vendor hit by a ransomware attack that has disrupted operations for numerous customers, was close to fixing a flaw in its software before the notorious REvil operation struck. One Dutch researcher says the attackers beat Kaseya's patching efforts in a "final sprint."
U.S. President Joe Biden has ordered federal intelligence agencies to investigate the incident involving IT management software vendor Kaseya. Attackers reportedly compromised Kaseya's remote monitoring system, VSA, potentially affecting scores of managed service providers and their clients.
Since Friday afternoon, Mark Loman of Sophos has been immersed in studying the scope and impact of the ransomware attack spread through Kaseya VSA's remote management platform. And he's learned enough about it to say without reservation: This the largest ransomware attack he's seen.
In its latest quarterly fraud and payments report, Outseer notes a 58% increase in brand abuse - a trend that's only going to grow, says COO Jim Ducharme. He analyzes this and other fraud trends, including how to reduce fraud without compromising user experience.
REvil, aka Sodinokibi, is one of today's most notorious - and profitable - ransomware operations, driven by highly skilled affiliates who share profits with the operators. And the operators are constantly improving the malware, including porting it to Linux to target network-attached storage and hypervisors.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.