Posted on 07/02/2021 5:44:10 PM PDT by dynachrome
Hundreds of American businesses have been hit by a ransomware attack ahead of the Fourth of July holiday weekend, according to the cybersecurity company Huntress Labs.
Huntress Labs said on Friday that 200 American businesses were hit after an incident at the Miami-based IT firm Kaseya, potentially marking the latest in a line of hacks destabilizing US companies.
“This is a colossal and devastating supply chain attack,” John Hammond, a senior security researcher with Huntress, said in an email, referring to an increasingly high profile hacker technique of hijacking one piece of software to compromise hundreds or thousands of users at a time.
Hammond added that because Kaseya is plugged in to everything from large enterprises to small companies “it has the potential to spread to any size or scale business.”
Kaseya, in a statement posted on its own website, said it was investigating a “potential attack” on VSA, a widely used tool to reach into corporate networks across the United States.
In the statement, Kaseya said the tool offers to monitor and manage servers, desktops, network devices and printers and that it may have been attacked. Such an attack can be particularly insidious to address, said Chris Grove, a security expert at the cybersecurity firm Nozomi Networks.
(Excerpt) Read more at theguardian.com ...
It is a conspiracy theory that China would have anything to do with this all you insurrectionists!
I take it this company wasn’t on the ‘hands-off’ list Biden gave to Putin??
It’s gonna get real ugly soon.
L
“Kaseya has 40,000 customers for its products, though not all use the affected tool.”
And who are they?
In remembrance to the movie Independence Day: nuke the bastards
Two days ago a friend’s company was hit. He said it was probably Conti and it came from the Russians. Apparently they paid the ransom.
Spatula City
Mel’s Char Palace
Mainway Enterprises...
There is a company called “recyber.net” with their site hosted in Panama and supposedly based in the Netherlands who has been banging on most of the firewalls in the USA trying to get in.
This could be one of them.
I assume none of these business are on Biden's critical list of 16.
So what's the problem ¿
........ Well ... These companies are fair game because they weren’t on Biden’t Don’t Hack List ......
Thing is, you can never, ever trust these outfits again. I’ve been a longtime user of SolarWinds products, but never again. Kaseya sure wanted my business back in the day, but SolarWinds Orion was there first. Glad I wasn’t around when it hit the shitter.
We use Huntress.
L
I’ll check that out. Thanks for the tip!
Agreed. These cloud based monitoring services will never be used by us. Just too much information they require such as SNMPv3 credentials, ssh credentials, device IPs, etc.
A company who wants to manage their AV gear on our network wants to use -their- MFA solution, I said no and hell no - you will use our MFA solution. They have rolled out the “you’re the first customer that won’t let us use our MFA solution” claim. If that’s true, I’m shocked, as how can you control or monitor their access into your network?
Contractor access into networks is getting exploited as of late. We try to keep that locked down as much as possible.
I had the same issue with a security company who contracted to monitor the cams we set up at the Yakima Oldcastle yards. My response was similar to yours: NFW. To make this work, I set up a parallel net that I isolated on selected switch and router ports.
This will probably be the second time my company was hit by ransomware in 11 months and the first one nearly killed the company. Our moronic IT team should have been dropped last October, when we recovered last year but they were kept around.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.