The REvil gang used a level of planning and sophistication closer to high-level, government-backed hackers, rather than a mere criminal operation, several cybersecurity experts say.
The Dutch Institute for Vulnerability Disclosure (DIVD) said in blog posts this week that it had discovered seven vulnerabilities in Kaseya’s system in April and confidentially informed the company.
Acquired for an unknown sum, the acquisition will see Sophos integrate Capsule8 technology, which is aimed at Linux cybersecurity, to its Adaptive Cybersecurity Ecosystem.
Researchers are urging everyone to patch multiple critical and high-severity vulnerabilities found in Windows Print Spooler, QNAP devices, and other systems.
Threat actors are trying to exploit the Kaseya ransomware attack crisis by targeting potential victims in a spam campaign pushing Cobalt Strike payloads disguised as Kaseya VSA security updates.
Health care entities should review system inventories to find PACS and ensure all vulnerabilities are patched or protected from public access, according to a recent HHS alert.
The hacker group has been tied to Russia’s foreign intelligence service and has previously been accused of breaching the Democratic National Committee in 2016 and SolarWinds more recently.
An analysis of off-the-shelf packages hosted on the NuGet repository has revealed 51 unique software components to be vulnerable to actively exploited, high-severity vulnerabilities.
In a series of tweets from Malwarebytes, researchers have disclosed that a malspam campaign is taking advantage of the Kaseya ransomware attack to drop Cobalt Strike.
China has reportedly warned local companies it will tighten oversight of data security and overseas listings days after unveiling Didi has been subject to a government cybersecurity review.