Kaseya announced a breach detection tool for clients of its VSA remote monitoring and management product, amid a weekend-long ransomware scare. The tool is not currently on the website, but can be obtained by emailing support@kaseya.com with the subject “Compromise Detection Tool Request.” On Friday, a REvil ransomware affiliate began exploiting a zero-day vulnerability in […]
On Friday, a flood of ransomware hit hundreds of companies around the world. A grocery store chain, a public broadcaster, schools, and a national railway system were all hit by the file-encrypting malware, causing disruption and forcing hundreds of businesses to close. The victims had something in common: a key piece of network management and […]
Bad news comes in threes, most particularly for Western Digital customers. As if things weren’t bad enough for the untold number of Western Digital customers whose data blinked out of existence last month, there’s another zero-day waiting for whoever can’t or won’t upgrade its My Cloud storage devices. The latest zero-day entails an attack chain […]
Attackers could use critical firmware vulnerabilities discovered by Microsoft in some NETGEAR router models as a stepping stone to move laterally within enterprise networks. The security flaws impact DGN2200v1 series routers running firmware versions before v1.0.0.60 and compatible with all major DSL Internet service providers. They allow unauthenticated attackers to access unpatched routers’ management pages […]
The Federal Bureau of Investigation has published its annual report on cybercrime affecting victims in the U.S., noting a record number of complaints and financial losses in 2020 compared to the previous year. The Internet Crime Complaint Center (IC3) received last year 791,790 complaints – up by 69% from 2019 – of suspected internet crime causing […]
A company that fell victim to a ransomware attack and paid cyber criminals millions for the decryption key to restore their network fell victim to the exact same ransomware gang under two weeks later after failing to examine why the attack was able to happen in the first place. The unnamed company fell victim to […]
Requesting ransoms in cryptocurrency like Bitcoin and Monero gives cybercriminals a stateless, decentralized, and anonymized method of transferring funds. This makes payments easier to facilitate than a wire transfer or international payment in fiat currencies and reduces the risk of apprehension. Unlike bank accounts, crypto wallets can be anonymously created and accessed by anyone who […]
The U.S. Department of Homeland Security’s Office of Intelligence and Analysis assess that ransomware attacks targeting US networks are likely to increase in the near and long term because cybercriminals have developed effective business models to increase their financial gain, likelihood for operational success, and anonymity. Growing demand for ransomware-as-a-service (RaaS) and the use of […]
Zoom went from having 10 million daily users in December 2019 to having 200 million daily users in March 2020. While several sectors suffer from the COVID-19 (coronavirus) pandemic, Zoom is one of the companies that is reaping huge benefits. Zoom gained over 1,900% in usage for claiming to offer end-to-end encryption and protecting the […]
Marriott International finds itself a victim of another major data breach, making it the second attack the hotel chain company has suffered in the past three years. The company announced on March 31st with details of the breach which affected 5.2 million hotel guests. The breach started in mid-January this year and went on for […]