Troy Hunt
JULY 3, 2021
This week is a bit of everything again, although the main difference this time was an update on the COVID situation we're facing in Australia. We've been largely virus-free (relative speaking) but as a result, vaccine rollout has been really slow (as in about 5% of the country being covered) and following some outbreaks of the Delta strain this past couple of weeks, everyone is feeling a bit nervous.
The Hacker News
JULY 3, 2021
Google intervened to remove nine Android apps downloaded more than 5.8 million times from the company's Play Store after the apps were caught furtively stealing users' Facebook login credentials. "The applications were fully functional, which was supposed to weaken the vigilance of potential victims.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
We Live Security
JULY 3, 2021
As news breaks about the supply-chain ransomware attack against Kaseya's IT management software, here’s what we know so far. The post Kaseya supply‑chain attack: What we know so far appeared first on WeLiveSecurity.
Bleeping Computer
JULY 3, 2021
Friday afternoon, we saw the largest ransomware attack ever conducted after the REvil ransomware gang used a zero-day vulnerability in the Kaseya VSA management software to encrypt MSPs and their customers worldwide. [.].
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Boulevard
JULY 3, 2021
Kaseya, an IT service management (ITSM) tools provider employed by managed service providers (MSPs) and internal IT teams, announced it will keep the software-as-a-service (SaaS) edition of its platform offline until further notice after a ransomware attack impacted approximately 40 of its customers. Some of those customers are MSPs, which resulted in this attack impacting.
Bleeping Computer
JULY 3, 2021
Swedish supermarket chain Coop has shut down approximately 500 stores after they were affected by an REvil ransomware attack targeting managed service providers through a supply-chain attack. [.].
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Bleeping Computer
JULY 3, 2021
World-leading chemical distribution company Brenntag has shared additional info on what data was stolen from its network by DarkSide ransomware operators during an attack from late April 2021 that targeted its North America division. [.].
Heimadal Security
JULY 3, 2021
Another supply chain vulnerability was successfully exploited by malicious hackers in order to target thousands of businesses through the initial infected host. Today, the entry point was the Managed Service Provider (MSP) Kaseya VSA, a cloud-based platform that allows its customers to perform patch management and client monitoring. Just like the notorious SolarWinds supply chain […].
Trend Micro
JULY 3, 2021
Kaseya has been hit with a REvil (aka Sodinokibi) ransomware attack at the dawn of the Fourth of July weekend. The attack was geared toward their on-premises VSA product.
The Hacker News
JULY 3, 2021
The threat actors behind the REvil ransomware gang appear to have pushed ransomware via an update for Kaseya's IT management software, hitting around 40 customers worldwide, in what's an instance of a widespread supply-chain ransomware attack.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
CyberSecurity Insiders
JULY 3, 2021
There are two types of payments: online and offline. You can decide which options work best for you, your convenience, and your payment experience. Every time you make a payment, whether on or offline, there is a risk that thieves or hackers might steal your payment information. So, how do you make payments securely? . In this article, we are going to outline how you can make secure payments both on and offline.
The Hacker News
JULY 3, 2021
Whether you are looking to turn into a full-time developer or simply increasing your earnings in your current niche, learning to code can be a smart move. It is a well-known fact that recruiters strive to recruit people with technical skills, and these skills are a great way to build your own startup.
WIRED Threat Level
JULY 3, 2021
A PrintNightmare exploit, a VPN takedown, and more of the week's top security news.
eSecurity Planet
JULY 3, 2021
The internet and, now, cloud computing transformed the way we conduct business. It’s insurmountable to succeed without the resources available online today. The downside to this long-term trend is that communications online, never mind on public cloud platforms, present vulnerabilities via web attacks and malware. Enter VPN technology. One longtime cybersecurity solution for small teams up to global enterprise networks is virtual private networks (VPN).
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
CyberSecurity Insiders
JULY 3, 2021
Identity security is the greatest weakness in enterprise security. As any infosec manager will tell you, no matter how secure your infrastructure, anyone with the right credentials can walk through the front door. Identity and user authentication continue to be a concern for IT managers. It’s still entirely too easy to steal someone’s credentials, which is why identity theft continues to be a primary cause of data breaches.
SC Magazine
JULY 3, 2021
Kaseya ransomware attacks strike at software at the center of the enterprise: the remote monitoring and management (RMM) platform. (“Server room” by torkildr is licensed under CC BY-SA 2.0 ). The flurry of ramsomware attacks starting Friday, targeting on-premises Kaseya VSA applications are particularly frightening to managed service providers, because they strike at software at the center of the enterprise: the remote monitoring and management (RMM) platform.
SC Magazine
JULY 3, 2021
A man walks through a server farm in Switzerland. Ransomware attacks leveraging a zero-day in the on-premises Kaseya VSA remote IT management product started Friday afternoon and struck dozens of managed service providers and thousands of their customers. It’s still unknown which specific MSPs were attacked. (Amy Sacka for Microsoft). In a Saturday update to the ongoing VSA ransomware attacks, Kaseya warned victims not to click on links sent in communications with the ransomware operators.
Expert insights. Personalized for you.
260 
Let's personalize your content