Hi All
I am really surprised that others have not raised the alarms bells on this supply chain attack this weekend?
I know it is a national holiday, but there is no excuse to rest on your laurels.....
https://www.rnz.co.nz/news/world/446144/kaseya-vsa-ransomware-attack-biden-orders-probe
https://www.washingtonpost.com/technology/2021/07/02/kaseya-ransomware-attack/
Having dug around, it is obvious almost everyone has gone to sleep at the wheel?
You cannot afford to sleep at the wheel, despite the long haul battle, unfortunately the attackers do not sleep and are happy to exploit any lapse - so everyone wake up, protect yourselves quickly and protect your organisations turn off any Kaseya VSA servers immediately.
You have been warned!!
Regards
Caute_Cautim
HI All
More details can be found here: https://www.wired.com/story/kaseya-supply-chain-ransomware-attack-msps/?bxid=5cc9e0b62ddf9c1a7add2e3...
Well worth reading and taking appropriate action.
Further information has come to light:
https://www.securityweek.com/it-software-firm-kaseya-hit-supply-chain-ransomware-attack
Regards
Caute_Cautim
Hi All
Some interesting updates to keep you on your toes:
https://us-cert.cisa.gov/ncas/current-activity/2021/07/02/kaseya-vsa-supply-chain-ransomware-attack
Regards
Caute_Cautim
Hi All
Here is the next enthralling episode: The attackers are now demanding US$70 Million ransom so you can have your data back - very nice you Rotters. They are pricing themselves out of a market, and setting themselves up for failure, due to the fact more and more organisations are preparing their own countermeasures.
Regards
Caute_cautim
Hi All, Another update, now they are demanding 50 Million in Bitcoin according to the Verizon report:
It also provides a concise update on how it works, so be prepared.
Regards
Caute_Cautim
Firm hacked to spread ransomware had previous security flaws (msn.com)
"Ensuring that each and every piece of database access code is immune to SQL injection is essentially impossible," said their lawsuit.
“In the business we’re in, and the number of endpoints we manage around the world, as you might expect, we take security extremely seriously," Ronan Kirby, president of the company's European operations, said at a Belgian cybersecurity conference Thursday.
Ah...well in that case, all transgressions can be forgiven. 🙄