This Week in Security News – July 9, 2021 VP, Threat Intelligence
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about the REvil ransomware attack on IT management platform Kaseya. Also, read the top security takeaways from this year’s Mobile World Congress conference.
Read on:
IT Management Platform Kaseya Hit with Sodinokibi REvil Ransomware Attack
Kaseya, a company that provides IT management software to managed service providers (MSPs) and IT companies, has been hit with a REvil (aka Sodinokibi) ransomware attack at the dawn of the Fourth of July weekend. The company describes it as a “sophisticated cyberattack” that was geared toward its on-premises VSA product. The company advised all its customers to shut down their on-premises VSA servers until further notice.
Top 3 Mobile Threat Takeaways from MWC
New threat reports from Trend Micro, McAfee, and Menlo Security released at Mobile World Congress Barcelona put security in sharp focus and illustrate the growing threats from malware, particularly ransomware, while also indicating that IoT devices and industrial systems are increasingly at risk for attacks.
Threats Ride on the Covid-19 Vaccination Wave
While the pandemic pushed enterprises and users to adapt to different changes, so did cybersecurity threats. Following the recent developments regarding the Covid-19 vaccine, cybercriminals have a growing interest in the inoculation process, from alarming the public with misinformation to riding on the trend of using the vaccines for malicious activities online.
Cyber’s New Era: Cyber Wars Continue, But the Industry Can Fight Back
Amidst the rise of ransomware attacks, everyone from the C-suite to the Justice Department and the Oval Office are all looking for long-term solutions against cyberattacks. In this article, I spoke with Permian Basin Oil & Gas Magazine about the Colonial Pipeline ransomware attack and top lessons corporations should take into consideration, including the convergence of IT and OT.
How to Navigate Open Source Licensing Risks
Vulnerabilities aren’t the only risk that comes with open source software use. In this blog, learn how to best mitigate licensing risks to ensure your team is meeting all legal requirements while building with open source code.
Emails Offering Kaseya Patches Deliver Malware
IT management software maker Kaseya is still working on patching the vulnerabilities exploited in their recent ransomware attack, but some cybercriminals are sending out emails offering the ‘patches’ in an effort to distribute malware.
Summer of Cybercrime Continues: What to Do
This is the Summer of Cybercrime. Major ransomware attacks continue to hit organizations globally. The attacks can cause significant damage, from a financial, reputation and productivity standpoint. In most cases, these attacks could be stopped with a concerted effort on cybersecurity hygiene. That is the key to stopping this growing trend of successful modern ransomware attacks.
White House Urges Mayors to Meet with State Cybersecurity Officials on Ransomware
The White House is urging mayors across the US to be more proactive about cybersecurity measures and meet with state-level officials to test their cybersecurity posture as attacks continue to plague both small towns and major metropolitan areas.
Tracking Cobalt Strike: A Trend Micro Vision One Investigation
Cobalt Strike is a well-known beacon or post-exploitation tool that has been linked to several ransomware campaigns. This report from Trend Micro focuses on the process of uncovering its tracks to fully contain and remove a malware infection.
Microsoft Issues Emergency Patch for Critical Windows PrintNightmare Vulnerability
Microsoft has shipped an emergency out-of-band security update to address a critical zero-day vulnerability — known as “PrintNightmare” — that affects the Windows Print Spooler service and can permit remote threat actors to run arbitrary code and take over vulnerable systems. Tracked as CVE-2021-34527, the remote code execution flaw impacts all supported editions of Windows.
What are your thoughts on the Kaseya ransomware attack? Share in the comments below or follow me on Twitter to continue the conversation: @JonLClay.
Read More HERE
