Kaseya, the remote IT management vendor hit by a ransomware attack that has disrupted operations for numerous customers, was close to fixing a flaw in its software before the notorious REvil operation struck. One Dutch researcher says the attackers beat Kaseya's patching efforts in a "final sprint."
U.S. President Joe Biden has ordered federal intelligence agencies to investigate the incident involving IT management software vendor Kaseya. Attackers reportedly compromised Kaseya's remote monitoring system, VSA, potentially affecting scores of managed service providers and their clients.
Since Friday afternoon, Mark Loman of Sophos has been immersed in studying the scope and impact of the ransomware attack spread through Kaseya VSA's remote management platform. And he's learned enough about it to say without reservation: This the largest ransomware attack he's seen.
In its latest quarterly fraud and payments report, Outseer notes a 58% increase in brand abuse - a trend that's only going to grow, says COO Jim Ducharme. He analyzes this and other fraud trends, including how to reduce fraud without compromising user experience.
REvil, aka Sodinokibi, is one of today's most notorious - and profitable - ransomware operations, driven by highly skilled affiliates who share profits with the operators. And the operators are constantly improving the malware, including porting it to Linux to target network-attached storage and hypervisors.
At least seven companies with annual revenue of over $1 billion have been hit so far this year by Hades ransomware, according to an Accenture Security report.
This edition of the ISMG Security Report features a discussion about why the head of Britain's National Cyber Security Center says the No. 1 cyber risk is not nation-state attackers but ransomware-wielding criminals. Also featured: Western Digital IoT flaws; an FBI agent tracks cybersecurity trends.
The NSA, the FBI and other U.S. government agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Office 365 and other cloud-based services.
Some 700 million records of LinkedIn users have reportedly been offered for sale on a hacker forum. The social media platform, and several security experts, say that the offering stems from the "scraping" of records from websites and not a data breach.
The University Medical Center of Southern Nevada acknowledged it had been the victim of a cyberattack after a newspaper discovered stolen data had been posted on the darknet site of ransomware-as-a-service gang REvil.
The U.S. Cybersecurity and Infrastructure Security Agency has released a Ransomware Readiness Assessment audit tool to help organizations size up their ability to defend against and recover from attacks.
In a multinational effort led by the Dutch National Police, authorities seized servers and web domains used by DoubleVPN, a Russia-based company that allegedly provided a safe operating infrastructure for cybercriminals, according to Europol.
The Justice Department has filed seven new criminal charges against Paige Thompson, who is suspected of hacking Capital One in 2019, compromising the data of 100 million Americans, including exposing hundreds of thousands of Social Security numbers. If convicted, She now faces a possible 20-year sentence.
Deputy national security adviser Anne Neuberger says the White House is preparing to release additional details, including attribution, about the attacks that targeted vulnerable on-premises Microsoft Exchange email servers at government agencies and other organizations earlier this year.
Sens. Maggie Hassan and John Cornyn have introduced legislation that would create a pilot apprenticeship program within CISA. The Federal Cybersecurity Workforce Expansion Act would also create a cyber-training program within the Department of Veterans Affairs, equipping veterans to hold careers in cyber defense.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.