The REvil ransomware operation behind the massive attack centering on Kaseya, which develops software used by managed service providers, has offered to decrypt all victims - MSPs as well as their customers - for $70 million in bitcoins. Experts note this isn't the first time REvil has hit MSPs, or even Kaseya.
Kaseya, the remote IT management vendor hit by a ransomware attack that has disrupted operations for numerous customers, was close to fixing a flaw in its software before the notorious REvil operation struck. One Dutch researcher says the attackers beat Kaseya's patching efforts in a "final sprint."
U.S. President Joe Biden has ordered federal intelligence agencies to investigate the incident involving IT management software vendor Kaseya. Attackers reportedly compromised Kaseya's remote monitoring system, VSA, potentially affecting scores of managed service providers and their clients.
Since Friday afternoon, Mark Loman of Sophos has been immersed in studying the scope and impact of the ransomware attack spread through Kaseya VSA's remote management platform. And he's learned enough about it to say without reservation: This the largest ransomware attack he's seen.
In the latest weekly update, a panel of Information Security Media Group editors discusses key topics, including cybersecurity trends for the second half of the year, IoT device security and the planned security features for Windows 11.
Google says it's investigating how a text advertisement was injected into SMS messages containing two-step verification security codes. The text advertisement contained a link that redirected to a VPN product from antivirus vendor Avira.
This edition of the ISMG Security Report features a discussion about why the head of Britain's National Cyber Security Center says the No. 1 cyber risk is not nation-state attackers but ransomware-wielding criminals. Also featured: Western Digital IoT flaws; an FBI agent tracks cybersecurity trends.
At-home fitness gear and other connected health devices pose growing potential security and privacy risks not only to the health data of consumers, but also to the environments in which individuals use these products, says Ondrej Krehel, CEO of cybersecurity and digital forensics firm LIFARS LLC.
Taiwanese networking device manufacturer Zyxel is notifying customers about an ongoing series of attacks on some of its enterprise firewall and VPN products and is advising users to maintain proper remote access security policies as it prepares a hotfix.
The Centers for Medicare and Medicaid Services is considering new cybersecurity requirements for hospitals participating in Medicare after a watchdog agency recommended CMS should require the facilities to address the cybersecurity of their networked medical devices.
The saga around how scores of aging Western Digital NAS devices were remotely erased has deepened with the discovery of a new, unknown software vulnerability. The situation underscores the problems of still-used devices that have been abandoned by manufacturers.
A government watchdog is urging NASA to make multiple improvements to its cybersecurity and risk management policies to counter threats to the space agency's network, infrastructure and data. NASA, in turn, is working toward making some security improvements outlined by the GAO by the end of this year.
Microsoft recently released updates for its Edge browser, including a fix for a bypass vulnerability that could allow a remote attacker to bypass implemented security restrictions.
Legacy technology. Connected devices. Third-party access risks. Industrial sites face the same IT and OT challenges as other business enterprises, yet often they are overlooked. Michael Shannon of Cisco shares insights on IT/OT convergence and security transformation.
Security researchers at Eclypsium have reported that they had identified four vulnerabilities that could affect 30 million users of computer technology company Dell's laptops, desktops and tablets. The vulnerabilities have a cumulative CVSS score of 8.3 (high).
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.