Discussion:
Now It's Kaseya Injecting Ransomware
(too old to reply)
skreez214
2021-07-04 00:39:52 UTC
Permalink
dw.com

US technology company Kaseya urged customers to shut down their servers
on Friday after cyberattackers smuggled ransomware onto its network
platform.

The REvil gang, a major Russian-speaking ransomware syndicate, appears
to be behind the attack, said John Hammond of the security firm Huntress
Labs. He added that the criminals used Kaseya's network-management
package as a conduit to spread the ransomware through cloud-service
providers.

Huntress Labs said on Saturday that the software was manipulated "to
encrypt more than 1,000 companies."

- - -

Yes, yes, that wonderful remote server-management
software just makes life so GOOD - for the hackers.

Hire real sysadmins - no more software that can
administer a rectal injection of malware into
thousands of systems at once. That's proven
professional malpractice at this point - costing
millions, soon billions.
Andrei Z.
2021-07-04 08:35:37 UTC
Permalink
Post by skreez214
dw.com
US technology company Kaseya urged customers to shut down their servers
on Friday after cyberattackers smuggled ransomware onto its network
platform.
The REvil gang, a major Russian-speaking ransomware syndicate, appears
to be behind the attack, said John Hammond of the security firm Huntress
Labs. He added that the criminals used Kaseya's network-management
package as a conduit to spread the ransomware through cloud-service
providers.
Huntress Labs said on Saturday that the software was manipulated "to
encrypt more than 1,000 companies."
- - -
Yes, yes, that wonderful remote server-management
software just makes life so GOOD - for the hackers.
Hire real sysadmins - no more software that can
administer a rectal injection of malware into
thousands of systems at once. That's proven
professional malpractice at this point - costing
millions, soon billions.
'I scrounged through the trash heaps... now I'm a millionaire:' An
interview with REvil's Unknown

https://therecord.media/i-scrounged-through-the-trash-heaps-now-im-a-millionaire-an-interview-with-revils-unknown/
Aragorn
2021-07-04 10:46:15 UTC
Permalink
Post by skreez214
The REvil gang, a major Russian-speaking ransomware syndicate,
appears to be behind the attack, said John Hammond of the security
firm Huntress Labs.
He's in security now? I thought he had already long retired, and
especially after the fiasco with those dinosaurs on that island near
Costa Rica.
--
With respect,
= Aragorn =
FifthRootOfPi
2021-07-06 04:59:46 UTC
Permalink
Post by Aragorn
Post by skreez214
The REvil gang, a major Russian-speaking ransomware syndicate,
appears to be behind the attack, said John Hammond of the security
firm Huntress Labs.
He's in security now? I thought he had already long retired, and
especially after the fiasco with those dinosaurs on that island near
Costa Rica.
Well, dinosaurs ... bad investment. Too much upkeep :-)

But I'm not kidding about remote-management software.
It's a knife in your back. It is professional malpractice.
Hire HUMANS at the local levels. Have THEM install the
various updates and such.
Andrei Z.
2021-07-06 14:42:31 UTC
Permalink
Post by skreez214
dw.com
US technology company Kaseya urged customers to shut down their servers
on Friday after cyberattackers smuggled ransomware onto its network
platform.
The REvil gang, a major Russian-speaking ransomware syndicate, appears
to be behind the attack, said John Hammond of the security firm Huntress
Labs. He added that the criminals used Kaseya's network-management
package as a conduit to spread the ransomware through cloud-service
providers.
Huntress Labs said on Saturday that the software was manipulated "to
encrypt more than 1,000 companies."
<snip>

Incident Overview & Technical Details – Kaseya
https://helpdesk.kaseya.com/hc/en-gb/articles/4403584098961

Remote code execution in Kaseya VSA
https://www.cybersecurity-help.cz/vdb/SB2021070501

Loading...