Tag Archive for: Triggers

Kaseya Ransomware Attack Triggers Race to Hack Other Managed Services Providers

/in


A ransomware attack in July that paralyzed as many as 1,500 organizations by compromising tech-management software from a company called Kaseya has set off a race among criminals looking for similar vulnerabilities, cyber security experts said.

An affiliate of a top Russian-speaking ransomware gang known as REvil used two gaping flaws in software from Florida-based Kaseya to break into about 50 managed services providers (MSPs) that used its products, investigators said.

Now that criminals see how powerful MSP attacks can be, “they are already busy, they have already moved on and we don’t know where,” said Victor Gevers, head of the non-profit Dutch Institute for Vulnerability Disclosure, which warned Kaseya of the weaknesses before the attack.

“This is going to happen again and again.”

Gevers said his researchers had discovered similar vulnerabilities in more MSPs. He declined to name the firms because they have not yet fixed all the problems.

Managed service providers include companies such as IBM and Accenture offering cloud versions of popular software and specialist firms devoted to specific industries. They typically serve small and medium-sized firms that lack in-house technology capabilities and often boost security.

But MSPs also make an efficient vehicle for ransomware because they have wide access inside many of their customers’ networks. Kaseya’s software serves many MSPs, so the attacks multiplied before Kaseya could warn everyone, rapidly encrypting data and demanding ransoms of as much as $5 million per victim.

The business of MSPs has boomed during the coronavirus pandemic alongside the rapid increase in remote work.

“That’s where you find the trusted access to customers’ systems,” said Chris Krebs, the first leader of the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which has made ransomware a top priority. “It’s a much more economical approach to launch a breakout attack. And it’s hard for the customer to defend.”

Bugcrowd Inc, one of several platforms where researchers can report vulnerabilities, has also seen security flaws as bad as Kaseya’s, said Bugcrowd Chief…

Source…

New Android Ransomware MalLocker.B Triggers Upon Pressing Home Key – Cyber Security News

/in

New Android Ransomware MalLocker.B Triggers Upon Pressing Home Key  Cyber Security News
“android security news” – read more

Ingenious! The Android malware which only triggers if you’re moving

/in
Ingenious! The Android malware which only activates if you're moving

Android malware in the Google Play Store could tell whether it was likely to be running on a genuine victim’s device or being analysed by a security team.

Graham Cluley

Trump’s apparent security faux-pas-palooza triggers call for House investigation

/in

Enlarge / U.S. President Donald Trump met with a group of government cyber security at the White House January 31, 2017 in Washington, DC, and said the government must do more to protect against cyber attacks. But he doesn’t seem to be taking that advice himself, some members of Congress fear.

Representative Ted Lieu, a congressman from Los Angeles County, California, led fourteen other House Democrats on Friday in urging the House Government Oversight Committee to investigate “troubling reports” of President Donald Trump’s apparently poor security practices and the potential danger to national security posed by them—including his continued use of an unsecured Android device to post to Twitter, discussion of sensitive information (including nuclear strategy) in the restaurant at his Mar-A-Lago resort, and leaving classified material unlocked while visitors were in the Oval Office.

In a letter to Oversight Committee chairman Jason Chaffetz and ranking Democratic member Elijah Cummings, the fifteen representatives wrote:

Referring to the complex problem of cybersecurity, President Trump recently said in an interview, “I’m not sure you have the kind of security that you need.” We fully agree—which is why we are writing to request that the House Oversight and Government Reform Committee hold a hearing into troubling reports that the President is jeopardizing national security by egregiously failing to implement commonsense security measures across the board, from using an insecure, consumer-grade Android smartphone to discussing nuclear strategy openly in a dining room at his Mar-a-Lago Club in Florida. Cybersecurity experts universally agree that an ordinary Android smartphone, which the President is reportedly using despite repeated warnings from the Secret Service, can be easily hacked.

Lieu and the other signatories of the letter expressed concern that Trump’s Android device, “most likely the Samsung Galaxy S3,” is particularly vulnerable to attack, and that someone could alter the information the President viewed on it—which could “have a huge impact on his beliefs and actions.” They also feared that someone could gain control of his Twitter account, “causing disastrous consequences for global stability,” or use it as a listening device to pick up sensitive conversations.

Read 4 remaining paragraphs | Comments

Technology Lab – Ars Technica