Proprietary Software Glory
-
Bogus Kaseya VSA patches circulate, booby-trapped with remote-access tool
This month's Kaseya VSA ransomware attack took a turn for the worse on Wednesday with word that miscreants have launched a phishing campaign to ensnare victims with a remote-control tool disguised as a VSA update.
Since late last week, instances of VSA – Kaseya's monitoring and management software for fleets of PCs and other IT gear – have been exploited to distribute REvil ransomware, prompting the biz to shut down its Kaseya Cloud service and to tell customers to turn off their on-prem Kaseya VSA servers while it worked on a patch for whatever vulnerability is being abused.
The malware outbreak, which has yet to be resolved, is said to have affected as many as 1,500 businesses through compromised VSA systems, and has been compounded by Kaseya's decision to delay patch deployment on Wednesday. The company is currently hoping to restore its Cloud Service on the evening of Thursday, July 8.
-
You've patched that critical Sage X3 ERP security hole, yeah? Not exposing the suite to the internet, either, yeah?
Admins of on-premises Sage X3 ERP deployments should check they're not exposing the enterprise resource planning suite to the public internet in case they fall victim to an unauthenticated command execution vulnerability.
And said administrators should have installed by now the latest patches for the software, which address a bunch of bugs earlier discovered and reported by Rapid7. The infosec outfit described in detail the flaws, calling them "protocol-related issues involving remote administration of Sage X3."
The aforementioned command execution vulnerability (CVE-2020-7388) scores a perfect ten out of ten in CVSS severity. Hence, protect and patch: miscreants have everything they need now to exploit the bugs.
-
Report shines light on REvil's depressingly simple tactics: Phishing, credential-stuffing RDP servers... the usual
Palo Alto Networks' global threat intelligence team, Unit 42, has detailed the tactics ransomware group REvil has employed to great impact so far this year – along with an estimation of the multimillion-dollar payouts it's receiving.
REvil, also known as "Ransomware Evil" or "Sodinokibi," first hit the cybersecurity scene while working in partnership with a group called GandCrab. Initially it operated like many other ransomware outfits, distributing malicious code through faked adverts and trojan horse downloads – but it soon stepped up its game.
The group, which provides what security wonks have come to term "Ransomware as a Service" or RAAS, has been fingered in some high-profile attacks: Travelex, an entertainment-focused law firm with an A-lister client base; Apple supplier Quanta Computer; a major meat producer; a nuclear weapons contractor; and fashion giant French Connection UK – among many others.
-
White hats reported key Kaseya VSA flaw months ago. Ransomware outran the patch
One of the vulnerabilities in Kaseya's IT management software VSA that was exploited by miscreants to infect up to 1,500 businesses with ransomware was reported to the vendor in April – and the patch just wasn't ready in time.
As we've covered this week, deployments of Kaseya's flagship Virtual System Administrator (VSA) product were hijacked at the start of the month to inject REvil extortionware into networks around the world. Kaspersky Lab said it saw evidence of 5,000 infection attempts in 22 countries in the three days since the first attack was spotted.
Kaseya pulled the plug on its software-as-a-service offering of VSA, and urged all of its customers to switch off their VSA servers to avoid being hit by the ransomware. Kaseya's customers are primarily managed service providers looking after the IT estates of their own customers, and so by compromising VSA deployments, miscreants can hijack large numbers of downstream systems.
-
Cybersecurity Game Aims to Train 25K Specialists by 2025
The National Cyber Scholarship Foundation (NCSF) is taking aim at the U.S.’s cybersecurity talent gap, with recently announced plans to turn out 25,000 high-level specialists by 2025 — and it’s relying on a free game to recruit.
The U.S. would need to create 359,236 more cybersecurity professionals to have enough talent available for it to be possible to secure all organizations’ critical assets, according to (ISC)2’s April-June 2020 Cybersecurity Workforce Study.
-
Oracle files $7m copyright claim against NEC's US limb over 'unreported royalties' from database distribution
Oracle is seeking more than $7m in damages from long-time software partner NEC Corporation of America (NECAM) – a subsidiary of tech Japan-based tech giant NEC Corp – over a complaint about copyright and breach of contract.
According to papers lodged yesterday with the US court in the Northern District of California, in December 2019 Oracle carried out an audit of NECAM's use and distribution of its database software.
Although NECAM has been a member of the Oracle Partner Network (OPN) since 2004, the audit found issues related to "unreported royalties."
A letter sent by Oracle in October 2020 called on NECAM to "resolve the compliance findings within 30 days."
- Login or register to post comments
- Printer-friendly version
- 2844 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
Recent comments
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago
1 year 11 weeks ago