-
News & Notes: Kaseya Suffers Massive REvil Ransomware Attack Over Weekend
Over the holiday July 4th weekend some big news hit. There was a massive REvil ransomare attack on Kaseya, an American software company. Reported to us by SANS Daily StormCenter Podcast, news is still developing here, here, and here about the extent of the damage, which is not fully known but expected to be significant. Kaseya provides IT management software to MSPs (Managed Service Providers) and IT teams to improve efficiency and security, and allowing small to medium-sized businesses to manage their IT assets, service desk and more. Biblio: SANS Storm Center Podcast
-
News & Notes: Print Spooler Vulnerability
(Updated July 7, 2021) The #printnightmare nightmare continues. Microsoft is looking at a serious remote code execution (RCE) vulnerability dubbed #printnightmare, or more officially CVE-2021-34527). [1] As reported by IT WORLD CANADA [2], a Chinese security company leaked a proof of concept exploit for a zero day vulnerability that they thought had been plugged, meaning patched or fixed. (It’s common to openly discuss such vulnerabilities after they have been disclosed to the company and a patch issued.) BUT. In this case, the bug, or vulnerability, had NOT yet been patched in that time span. Microsoft has now issued a patch to address the #PrintNightmare Windows Print Spooler vulnerability (CVE-2021-34527). The…
-
News & Notes–June 30, 2021
Data for 700 million Linked In Users Posted for Sale: Linked In says that no public breach occurred so the next likely theory for the source went to the scraping of public profiles, according to the Cybersecurity Headlines podcast. Or more probably the publicly available info of each user. For instance, you can set your profile to be fully open to the public, or private with certain information set to be publicly available. So that info could be publicly available to search engines and the wider internet. (Always check your settings.) This comes after the loss of 500 million records in April. No financial info was released. But the raw…
-
Current Events Breakdown: To unlock a terrorist’s iPhone, the FBI turned to an obscure company in Australia; a technique called an “Exploit Chain” was used.
So there’s quite a juicy, drama-filled story in the Washington Post that could be a Hollywood plot line about Apple, the FBI, a terrorist’s iPhone, and HACKERS!!! Azimuth Security, a publicity-shy company that says it sells its cyber wares only to democratic governments, secretly crafted the solution the FBI used to gain access to the device, according to several people familiar with the matter. The iPhone was used by one of two shooters whose December 2015 attack left more than a dozen people dead. So, yeah Azimuth is a hacking firm for the better good you can say. Azimuth is a poster child for “white hat” hacking, experts say, which…