Kaseya – Page 6 – WindowsTechs.com

How REvil evolved into a ransomware collective capable of extorting Kaseya, JBS

Posted on July 8, 2021 by Tim Starks

The Russian ransomware gang REvil is loud, ambitious and particularly nasty. Even by hackers’ standards. Before claiming responsibility for a breach at the software company Kaseya, which has resulted in breaches at perhaps thousands of other businesses and newfound attention from the White House, the group accounted for less than 10% of known ransomware victims, according to the threat intelligence firm Recorded Future. Now, it accounts for 42%. As U.S. national security officials and much of the cybersecurity community race to mitigate the fallout from the Kaseya incident, the incident serves as yet another reminder of how groups of scammers are making millions of dollars after years of honing their tradecraft. A “conservative estimate” by IBM placed REvil’s 2020 profits at $123 million, first among ransomware gangs, while multiple firms said the gang’s malware was the most common digital extortion tool. That was before the REvil group also struck the […]

The post How REvil evolved into a ransomware collective capable of extorting Kaseya, JBS appeared first on CyberScoop.

Continue reading How REvil evolved into a ransomware collective capable of extorting Kaseya, JBS→

Smashing Security podcast #235: REvil returns, TikTok grows, and Gettr defaced

Posted on July 7, 2021 by Graham Cluley

A ransomware gang has exploited a security hole in software used by many businesses, and are demanding $70 million for a decryption tool. Plus we take a close look at TikTok, and a website which seems to have entirely ripped-off Twitter.

All this a… Continue reading Smashing Security podcast #235: REvil returns, TikTok grows, and Gettr defaced→

Malware spammers aim to leverage Kaseya ransomware drama in email campaign

Posted on July 7, 2021 by Tim Starks

First came the ransomware rampage stemming from the breach of Miami-based software firm Kaseya. Now comes a wave of malicious emails seeking capitalize on the rush to find a fix. Security vendor MalwareBytes highlighted the malware spam campaign Tuesday, describing how unidentified attackers send “malspam” messages with both a URL and a file that purports to be a Microsoft update of the Kaseya VSA vulnerability. Clicking on the the link, or “SecurityUpdates.exe,” drops Cobalt Strike on a victim. Cybercriminals have increasingly leveraged that security testing tool for attacks, according to recent research. It’s another example of how cyberattacks can have long tails after their initial infections. The zero-day vulnerability that the ransomware gang REvil apparently used to infiltrate Kaseya systems turned into a way for intruders to access the systems of Kaseya’s managed service provider customers, who provide IT services to a wider range of potential victims. It has turned […]

The post Malware spammers aim to leverage Kaseya ransomware drama in email campaign appeared first on CyberScoop.

Continue reading Malware spammers aim to leverage Kaseya ransomware drama in email campaign→

Malware campaign targets companies waiting for Kaseya security patch

Posted on July 7, 2021 by Graham Cluley

While the world continues to wait for Kaseya to issue an update to patch VSA installations against a vulnerability exploited by the REvil ransomware gang, security researchers spotted a malware campaign which is taking advantage of the vacuum. Continue reading Malware campaign targets companies waiting for Kaseya security patch→

White House rebukes ransomware gang as number of apparent REvil victims remains uncertain

Posted on July 6, 2021 by Tonya Riley

The White House responded to Russia-based ransomware group REvil’s most recent attack against a U.S. company with a promise to take on cybercriminals if the Kremlin will not. “As the president made clear to President Putin when they met, if the Russian government cannot or will not take action against criminal actors in Russia we will take action or reserve the right,” White House Press Secretary Jen Psaki said Tuesday when asked about a major data breach at Florida-based IT software firm Kaseya. Psaki noted that the U.S. intelligence community has not attributed the attack on Kaseya to the REvil group. However the recent hack — in which hundreds of businesses were affected, according to the company — adds to escalating tensions with Russia over its apparent willingness to tolerate ransomware gangs. Psaki said that the White House will meet with high-level Russian officials to discuss ransomware attacks next week. […]

The post White House rebukes ransomware gang as number of apparent REvil victims remains uncertain appeared first on CyberScoop.

Continue reading White House rebukes ransomware gang as number of apparent REvil victims remains uncertain→

Kaseya Starts Recovery After REvil Attack

Posted on July 6, 2021 by Michael Vizard

Kaseya is now reporting the software-as-a-service (SaaS) instance of its Virtual System Administrator (VSA) platform will be back online sometime between 4:00 p.m. and 7:00 p.m. EST today. It expects the on-premises editions of VSA to be patched withi… Continue reading Kaseya Starts Recovery After REvil Attack→

REvil Makes Monkeys out of Kaseya Customers

Posted on July 6, 2021 by Richi Jennings

Over the long weekend, a huge ransomware attack emerged. Kaseya seems to have been the common component.
The post REvil Makes Monkeys out of Kaseya Customers appeared first on Security Boulevard.
Continue reading REvil Makes Monkeys out of Kaseya Customers→

Kaseya says up to 1,500 victims affected by ransomware, as Biden directs ‘full resources’ to investigate

Posted on July 6, 2021 by Tim Starks

One of the largest mass ransomware attacks ever has compromised up to 1,500 businesses, according to a Tuesday update from the Florida IT company Kaseya, which the hackers used to spread their malicious software. The self-proclaimed culprit of the Friday outbreak, the Russia-based ransomware gang REvil, is seeking $70 million in cryptocurrency collectively from what it says are actually more than 1 million victims to unlock affected systems, reportedly ranging from Swedish supermarket chains to New Zealand kindergartens that were closed or knocked offline. It’s the latest of three recent huge ransomware incidents to draw White House attention, with President Joe Biden over the weekend directing “the full resources of the government to investigate this incident,” according to a statement by Deputy National Security Adviser for Cyber and Emerging Technology Anne Neuberger. Unlike the last two major incidents that affected single victims in fuel transporter Colonial Pipeline and meat supplier […]

The post Kaseya says up to 1,500 victims affected by ransomware, as Biden directs ‘full resources’ to investigate appeared first on CyberScoop.

Continue reading Kaseya says up to 1,500 victims affected by ransomware, as Biden directs ‘full resources’ to investigate→

Revil ransomware increases ransom to $70M in Kaseya attack

Posted on July 5, 2021 by Sudais Asif

By Sudais Asif
The Revil ransomware group has released a notice stating that more than 1 million systems have been infected – far more than initially believed. A couple of days ago, we reported on how the infamous REvil ransomware had targeted ov… Continue reading Revil ransomware increases ransom to $70M in Kaseya attack→

REvil ransomware rampages following Kaseya supply-chain attack

Posted on July 5, 2021 by Graham Cluley

Hundreds – if not thousands – of companies have been by a huge supply-chain REvil ransomware attack that struck on Friday July 2nd, just as companies in the United States were closing down for the Independence Day holiday weekend. Continue reading REvil ransomware rampages following Kaseya supply-chain attack→