Blog - Cyber Security Informer

Massive Kaseya VSA Supply Chain Attack Infects Businesses with Revil Ransomware

Heimadal Security

JULY 3, 2021

Another supply chain vulnerability was successfully exploited by malicious hackers in order to target thousands of businesses through the initial infected host. Today, the entry point was the Managed Service Provider (MSP) Kaseya VSA, a cloud-based platform that allows its customers to perform patch management and client monitoring.

Ransomware

Ransomware Cybersecurity

The Kaseya VSA REvil Ransomware Supply Chain Attack: How It Happened, How It Could Have Been Avoided

Security Boulevard

JULY 13, 2021

On July 2, 2021, the REvil ransomware group successfully exploited a zero-day vulnerability in the on-premise Kaseya VSA server, enabling a wide-scale supply chain cyber attack.

Ransomware

Ransomware Cyber Attacks

Revil ransomware operators are targeting new victims

Security Affairs

SEPTEMBER 12, 2021

Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown. SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Cybercrime Media Hacking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

REvil ransomware gang’s servers are mysteriously online again

Security Affairs

SEPTEMBER 7, 2021

The leak site of the popular REvil ransomware gang is it is not clear if the group resumed operations or the FBI turned on its servers. Today the servers of the REvil ransomware gang were back online after around two months since their shutdown. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware

Ransomware Media Hacking Cybercrime

Coop Supermarket Had to Close 500 Stores Following the Kaseya Ransomware Attack

Heimadal Security

JULY 5, 2021

The Coop supermarket chain had to close its stores after the REvil ransomware gang had targeted managed service providers (MSPs) and their customers in the massive supply-chain attack in which they exploited a vulnerability of Kaseya VSA.

Ransomware

Ransomware Cybersecurity

Supply chain attacks are closing in on MSPs

Webroot

AUGUST 18, 2021

If you attended Black Hat this year, you couldn’t avoid the topic of supply chain attacks. Supply chain attacks are cyberattacks targeting an upstream vendor for the ultimate purpose of compromising one or more of its customers. We all rely on the software supply chain,” he said. SolarWinds.

InfoSec

InfoSec Backups Software Small Business

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

Digital Shadows

JULY 5, 2021

On 02 July 2021, details started to emerge of a sophisticated supply-chain attack targeting Kaseya VSA, virtual system administrator software used to manage and monitor customers’ infrastructure. At the time of writing, the number of companies affected by this ransomware supply-chain attack is still unclear.

Ransomware

Ransomware Encryption Cryptocurrency System Administration

Bitdefender released free REvil ransomware decryptor that works for past victims

Security Affairs

SEPTEMBER 16, 2021

Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their files for free. On July 2, the REvil gang hit the Kaseya cloud-based MSP platform impacting MSPs and their customers. The Tor leak site, the payment website “decoder[.]re”,

Ransomware

Ransomware Encryption Media Hacking

It was a LONG weekend — Here’s the vital info on REvil and Kaseya VSA

Cisco Security

JULY 8, 2021

This week I spoke to Cisco Talos’ US Outreach Team lead Nick Biasini to talk about the unfolding events surrounding the REvil ransomware campaign and Kaseya VSA supply chain attack. To stay up to date on this attack, please take a look at the Talos response post which is being continually updated.

Ransomware

Ransomware Software Social Engineering Cyber Attacks

Threat Protection: The REvil Ransomware

Cisco Security

AUGUST 11, 2021

The REvil ransomware family has been in the news due to its involvement in high-profile incidents, such as the JBS cyberattack and the Kaseya supply chain attack. The threat actors behind REvil attacks operate under a ransomware-as-a-service model.

Ransomware

Ransomware DNS Encryption Backups

10 Lessons Learned from the Top Cyber Threats of 2021

Security Boulevard

JANUARY 10, 2022

As Picus, we published a detailed blog post about the Tactics, Techniques, and Procedures (TTPs) used by HAFNIUM to target Microsoft Exchange Servers. DarkSide Ransomware Campaign. The DarkSide ransomware group provided Ransomware as a Service (RaaS) to other threat actors. Remote Code Execution. CVE-2021-27065.

Cyber threats

Cyber threats Ransomware Risk Architecture

Ransomware: April 2022 review

Malwarebytes

MAY 6, 2022

The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of proprietary and open-source intelligence. Onyx is a new ransomware gang based on the old Chaos builder. Ransomware attacks in April 2022. Attacks by ransomware type.

Ransomware

Ransomware Encryption Accountability Technology

3 things the Kaseya attack can teach us about ransomware recovery

Malwarebytes

JULY 7, 2021

Only rarely do companies allow us a look inside their organization while they are recovering from a ransomware attack. A positive exception to this is found in the Dutch managed service provider (MSP) VelzArt, one of the many unfortunate victims of Friday’s enormous, cascading supply-chain attack on Kaseya.

Ransomware

Ransomware Backups Software System Administration

Malware Evolves to Present New Threats to Developers

Security Boulevard

FEBRUARY 10, 2022

However, recent attacks by advanced persistent threat (APT) groups have shown these longstanding security practices are no longer sufficient. Often, like in the case of ransomware, malicious code both benefits the attacker and harms the victim. Ransomware. Modern Malicious Code Sets Sights on Supply Chain.

Malware

Malware Software Ransomware Adware

How to protect your business from supply chain attacks

Malwarebytes

FEBRUARY 1, 2023

Threat actors know that attacking the supply chain is not just a smart strategy but also a winning one. Because a smaller, less secure company like Fazio has access to a bigger, more secure company's system, attackers took the path of least resistance to install malware and steal credentials.

Software

Software Risk Backups Technology

Emerging trends from a year of cybersecurity threats

Cisco Security

OCTOBER 6, 2021

There’s been no shortage of security headlines for us to reflect on, many of which are detailed on our Talos Threat Intelligence blog. The supply chain. Prior to 2021, supply chain attacks were assumed to exclusively be a tool for sophisticated state-sponsored threat actors only.

Cybersecurity

Cybersecurity Authentication Passwords Cryptocurrency

Up to 1,500 Companies Impacted by Kaseya Ransomware Attack

SecureWorld News

JULY 6, 2021

The latest update from the Kaseya CEO reveals the massive scope of a ransomware attack against the company's VSA service. The VSA service is used by managed service providers (MSPs) who help small and medium-sized businesses patch vulnerabilities and monitor endpoints. Who launched Kesaya ransomware attack?

Ransomware

Ransomware Small Business Government Hacking

Up to 1,500 Companies Impacted by Kaseya Ransomware Attack

SecureWorld News

JULY 6, 2021

The latest update from the Kaseya CEO reveals the massive scope of a ransomware attack against the company's VSA service. The VSA service is used by managed service providers (MSPs) who help small and medium-sized businesses patch vulnerabilities and monitor endpoints. Who launched Kesaya ransomware attack?

Ransomware

Ransomware Small Business Government Hacking

Connecting RaaS, REvil, Kaseya and your security posture

Security Boulevard

JULY 11, 2021

Ransomware is an epidemic that adversely affects the lives of both individuals and large companies, where criminals demand payments to release infected digital assets. The first ransomware, known as AIDS ( Aids Info Disk or PC Cyborg Trojan) , was observed in the wild already in 1989, spreading through the exchange of floppy disks.

Ransomware

Ransomware Software Encryption Risk

Cyber Security Informer

Massive Kaseya VSA Supply Chain Attack Infects Businesses with Revil Ransomware

The Kaseya VSA REvil Ransomware Supply Chain Attack: How It Happened, How It Could Have Been Avoided

Webinars

Trending Sources

Revil ransomware operators are targeting new victims

Webinars

REvil ransomware gang’s servers are mysteriously online again

Coop Supermarket Had to Close 500 Stores Following the Kaseya Ransomware Attack

Supply chain attacks are closing in on MSPs

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

Bitdefender released free REvil ransomware decryptor that works for past victims

It was a LONG weekend — Here’s the vital info on REvil and Kaseya VSA

Threat Protection: The REvil Ransomware

10 Lessons Learned from the Top Cyber Threats of 2021

Ransomware: April 2022 review

3 things the Kaseya attack can teach us about ransomware recovery

Malware Evolves to Present New Threats to Developers

How to protect your business from supply chain attacks

Emerging trends from a year of cybersecurity threats

Up to 1,500 Companies Impacted by Kaseya Ransomware Attack

Up to 1,500 Companies Impacted by Kaseya Ransomware Attack

Connecting RaaS, REvil, Kaseya and your security posture

Stay Connected