It will be interesting to see who buys out Kaseya in the next few months. Which of the other big players will "take advantage" of their demise and revaluation to swoop on the wounded company.
When warned about the zero-day, why didn't Kaseya just immediately advice their customers to promptly isolate the systems from, at least, unprotected access from the Internet? The flav making the zero-day effective is obviously the Internet connected systemes having too weak (no!) protection from access.
Not completely. If the device you connect through is compromised, or a device on the inside, you are in the same position. VPN dont provide you safety(quite the opposite) - only connectivity.
I agree. What possible reason could an MSP have for allowing their hosted VSA server to be Internet-facing (rather than only accessible behind a firewall that only allows VPN traffic inbound) ? Did the MSP client's devices require authenticated access to the VSA server (to check for updates etc) ? If so how was that access secured. Sounds like poor design to me
Funny how individuals are also not safe from ransomware attack. Hosting your website on AWS is what i think its the best bet if you chose a good machine image to start from. Most of the image available on AWS have good security built in. But you need to be fairly proficient on web server management to make sure you have your server secure as possible. You also need to make sure the code you are running on your AWS instance is good and solid. The big thing you want to make sure you have in place is a good recovery system. Meanwhile a cybersecurity firm like horuxx,com offers services ranging from hack-tracing to recovery to both companies and individuals and they are reliable too, started using them when i kept getting attacked Hackers are capable of hijacking almost anything on the internet, the best you can do is make it more difficult to get your application so they move to somebody else.
Thanks for your feedback. The intention here was to give an overview for general understanding of the situation and answer common questions. We have more details on our blog: blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
Very interesting information. I work at an affected store in Sweden. It's been some worrying days. But now some IT guy fixed some of the computers.
It will be interesting to see who buys out Kaseya in the next few months. Which of the other big players will "take advantage" of their demise and revaluation to swoop on the wounded company.
When warned about the zero-day, why didn't Kaseya just immediately advice their customers to promptly isolate the systems from, at least, unprotected access from the Internet? The flav making the zero-day effective is obviously the Internet connected systemes having too weak (no!) protection from access.
Hosted Kaseya behind a VPN would have stopped it. It's the public exposure to the Internet that made it possible to get in.
Not completely. If the device you connect through is compromised, or a device on the inside, you are in the same position. VPN dont provide you safety(quite the opposite) - only connectivity.
I agree. What possible reason could an MSP have for allowing their hosted VSA server to be Internet-facing (rather than only accessible behind a firewall that only allows VPN traffic inbound) ? Did the MSP client's devices require authenticated access to the VSA server (to check for updates etc) ? If so how was that access secured. Sounds like poor design to me
good vid . subbed
Funny how individuals are also not safe from ransomware attack.
Hosting your website on AWS is what i think its the best bet if you
chose a good machine image to start from. Most of the image available on
AWS have good security built in. But you need to be fairly proficient
on web server management to make sure you have your server secure as
possible.
You also need to make sure the code you are running on your AWS instance is good and solid.
The big thing you want to make sure you have in place is a good recovery
system. Meanwhile a cybersecurity firm like horuxx,com offers services
ranging from hack-tracing to recovery to both companies and individuals
and they are reliable too, started using them when i kept getting
attacked
Hackers are capable of hijacking almost anything on the internet, the
best you can do is make it more difficult to get your application so
they move to somebody else.
On how many videos are you going to write this on. You are clearly a spam account created on June 29th of this year.
IQLL, is a big problem I have in my 4 hd's . . .
These are getting bad. Good luck!
You never get 100% of the files decrypted after you pay. At best you can get around 65% decrypted/returned files. Take the loss and hunt them down.
Yo Stok!
Sophisticated attack. Must be state sponsored.
This just rambles and isn't very specific. Not sure what the target audience is for this.
IT Professionals; IT Security; and the computer savvy are the audience
@@frankbradford9616 I'm a senior IT person and I found this not helpful.
Yes, there isn't much out there but it's better than the 2 to 5 minute major network stories.
Thanks for your feedback. The intention here was to give an overview for general understanding of the situation and answer common questions. We have more details on our blog: blog.truesec.com/2021/07/04/kaseya-supply-chain-attack-targeting-msps-to-deliver-revil-ransomware/
@@TruesecPlay That is perfect. Thank you.