Announcements
Voting is now open!
Members, make your selections in the annual (ISC)² Board of Directors election. Vote Now! Voting is open until Sept. 22.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Kaseya Management Software threat

Hi All

 

I am really surprised that others have not raised the alarms bells on this supply chain attack this weekend?

 

I know it is a national holiday, but there is no excuse to rest on your laurels.....

 

https://www.cert.govt.nz/it-specialists/advisories/kaseya-management-software-being-used-to-deploy-r...

 

https://www.rnz.co.nz/news/world/446144/kaseya-vsa-ransomware-attack-biden-orders-probe

 

https://www.washingtonpost.com/technology/2021/07/02/kaseya-ransomware-attack/

 

Having dug around, it is obvious almost everyone has gone to sleep at the wheel?

 

You cannot afford to sleep at the wheel, despite the long haul battle, unfortunately the attackers do not sleep and are happy to exploit any lapse - so everyone wake up, protect yourselves quickly and protect your organisations turn off any Kaseya VSA servers immediately. 

 

You have been warned!!

 

Regards

 

Caute_Cautim

5 Replies
Caute_cautim
Community Champion

Re: Kaseya Management Software threat

HI All

 

More details can be found here:  https://www.wired.com/story/kaseya-supply-chain-ransomware-attack-msps/?bxid=5cc9e0b62ddf9c1a7add2e3...

 

Well worth reading and taking appropriate action. 

 

Further information has come to light:

 

https://www.securityweek.com/it-software-firm-kaseya-hit-supply-chain-ransomware-attack

 

Regards

 

Caute_Cautim

Tags (1)
Caute_cautim
Community Champion

Re: Kaseya Management Software threat

Caute_cautim
Community Champion

Re: Kaseya Management Software threat

Hi All

 

Here is the next enthralling episode:  The attackers are now demanding US$70 Million ransom so you can have your data back - very nice you Rotters.   They are pricing themselves out of a market, and setting themselves up for failure, due to the fact more and more organisations are preparing their own countermeasures.

 

https://www.itnews.com.au/news/kaseya-boss-says-up-to-1500-businesses-affected-by-ransomware-attack-...

 

Regards

 

Caute_cautim

 

 

Caute_cautim
Community Champion

Re: Kaseya Management Software threat

Hi All, Another update, now they are demanding 50 Million in Bitcoin according to the Verizon report:

 

It also provides a concise update on how it works, so be prepared.

 

https://aliliaquat.com/kaseya-ransomware-attack-hackers-now-demand-us-50million-in-bitcoin-for-the-r...

 

Regards

 

Caute_Cautim

 

 

tmekelburg1
Community Champion

Re: Kaseya Management Software threat

Firm hacked to spread ransomware had previous security flaws (msn.com)

 

"Ensuring that each and every piece of database access code is immune to SQL injection is essentially impossible," said their lawsuit.

 

“In the business we’re in, and the number of endpoints we manage around the world, as you might expect, we take security extremely seriously," Ronan Kirby, president of the company's European operations, said at a Belgian cybersecurity conference Thursday.

 

Ah...well in that case, all transgressions can be forgiven. 🙄