Kaseya says the REvil supply-chain ransomware attack breached the systems of roughly 60 of its direct customers using the company's VSA on-premises product. In all, the cloud-based MSP software provider added that it's aware of up to 1,500 downstream victims who had their networks managed by MSPs using Kaseya remote management tools. "The attack had limited impact, with only approximately 50 of the more than 35,000 Kaseya customers being breached," Kaseya said in a press release. READ MORE...
The group behind the crippling supply chain ransomware attack on a US software company has reportedly demanded $70 million in return for a 'universal' decryption key, as researchers claim there could be thousands of global victims. It's believed that the REvil strain was used to compromise Kaseya's VSA IT management software, although which ransomware affiliate is unknown. However, as reported by the BBC, there has been surprise at the group's request that the money be paid in Bitcoin. READ MORE...
The discovery of Russia's devastating SolarWinds spy campaign put the spotlight on the sophisticated supply chain hijacking techniques of Moscow's foreign intelligence hackers. But it's now apparent that, throughout that SolarWinds spying and its fallout, another group of Kremlin hackers has kept up up their usual daily grind, using basic but often effective techniques to pry open practically any vulnerable network they could find across the US and the global Internet. READ MORE...
Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can't or won't upgrade to the latest operating system. READ MORE...