Podcasts about kaseya vsa

In this episode, Senior AI Research Fellow April Sawhill hosts Cisco Principal Engineer, Chris Shenefiel, and CLCT Cybersecurity Researcher, Daniel Shin, to discuss recent supply chain ransomware attacks in the United States. Examining the cyberattacks on SolarWinds and Kaseya VSA, our guests explain how threat actors infiltrated these systems to push out malicious code to service provider customers. Critical information about incident response plans and mitigation tactics is provided, as well as considerations on ransom payments. For resources and additional information found in this episode, click here for a PDF: https://law.wm.edu/academics/intellectuallife/researchcenters/clct/exhibit-ai/additional-resources/exhibit-ai---exhibit-14-additional-resources.pdf The views and opinions expressed in this interview are the personal views of the speakers, and do not represent the official position of William & Mary Law School or any other affiliated institutions.

The cybersecurity basics should be just that—basic. Easy to do, agreed-upon, and adopted at a near 100 percent rate by companies and organizations everywhere, right? You'd hope. But the reality is that basic cybersecurity blunders have led to easy-to-discover vulnerabilities in companies including John Deere, Clubhouse, and Kaseya VSA (which we've all talked about on this show), and at least for Kaseya VSA, those vulnerabilities led to one of the worst ransomware attacks in recent history. Today, on the Lock and Code podcast with host David Ruiz, we speak with security professional and recovering Windows systems administrator Jess Dodson about why we seem to keep getting the cybersecurity basics so wrong, and why getting up to speed—which can take a company more than a year—is so necessary.

All links and images for this episode can be found on CISO Series When a senior person at your company asks you, "Are we secure?" how should you respond? Check out this post for the basis for our conversation on this week's episode which features me, David Spark (@dspark), producer of CISO Series, co-host Steve Zalewski, and our guest Paul Truitt, principal US cyber practice leader, Mazars. Thanks to our podcast sponsor, Varonis Still in the news is REvil's ransomware attack on Kaseya VSA servers. Varonis is here to help mitigate the blast radius of such attacks. Want a step-by-step guide on what you should be looking for? Learn more about how to prevent ransomware. In this episode: When a senior, non-technical person asks, "Are we secure?" how do you respond?" What does this question say about an executive's engagement level? Why are they asking this now? How relevant/accurate is this question anyway?  

Welcome to the Nucleon Cyber Intelligence podcast. This podcast will give you a summary of the latest news related to cyber intelligence and proactive cyber security in only a few minutes. The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world. The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand. https://news.nucleon.sh/2021/09/23/intelligence-briefing-74/ If you have been following the adventures of the hackers group called Revil cyber gang then they have fully returned and are once again attacking new victims and publishing stolen files on a data leak site. If you haven't heard about Revil gang, here is a short recap, Since 2019, the REvil ransomware operation, also known as Sodinokibi, has been conducting attacks on organizations worldwide where they demand million-dollar ransoms to receive a decryption key and prevent the leaking of stolen files. We covered some of their attacks right here on big cases such as JBS, Coop, Travelex and many others. REvil shut down their infrastructure and completely disappeared after their biggest hack yet. A massive attack on July 2nd that encrypted over 50 service providers and over 1,500 businesses using a zero-day vulnerability in the Kaseya VSA remote management platform which had no patch. This attack had such wide-ranging consequences worldwide that it brought the full attention of international law enforcement to bear on the group. Maybe because of the pressure, the REvil gang suddenly shut down all their servers and went offline, leaving many victims in a lurch with no way of decrypting their files. Few days later, Kaseya (the company that have been hacked) received a universal decryptor that victims could use to decrypt files for free. It is unclear how Kaseya received the decryptor but stated it came from a "trusted third party.".... ---- On a different subject, cybersecurity experts warned that cybercriminal forums had in recent months been selling access to login credentials for software that the United Nations uses to manage internal projects. The software could provide valuable access to intruders looking to extort the UN or steal data. The cyber security firm Resecurity contacted UN officials after noticing the login credentials for sale on the dark web. Another Security firm reported to observe one prominent cybercriminal gang claiming access to the UN software. This caused the UN to release an official statement saying: “Unidentified hackers breached computer systems at the United Nations in April and the multinational body has had to fend off related hacks in the months since.” There are different rumors and stories about this incident, so we just thought to briefly mention it here in case this case evolves and we will pay more attention to it in the future. ----- That's it for this podcast, stay safe and see you in the next podcast. Don't forget to visit www.nucleoncyber.com for the latest podcasts on cyber intelligence.

This podcast will give you a summary of the latest news related to cyber intelligence and proactive cybersecurity in only a few minutes. The podcast is aimed at professionals who are short on time, or for anyone who would like to know a bit more about what is REALLY happening out there in the cyber world. The focus of this podcast will be on the latest cyber events for non-technical people; anyone can listen and understand. In this special podcast, we will discuss Kaseya. Kaseya is a software company located in Florida, USA. They claim to have more than 40,000 organizations around the world using one of Kaseya's industry-leading IT solutions. KASEYA has a product named VSA, it's a Remote Monitoring & Management set of tools aimed for different organizations and service providers. one of its features is Automating software patch management and vulnerability management to ensure that all systems are up to date and another feature is managing backups and antiviruses on remote systems. By design KASEYA VSA needs to have privileged access to the remote computers it manages. Kaseya said in a statement that approximately 50 of its direct customers were breached in a cyber attack. The attackers were able to gain access using the update server to the clients' networks and from there encrypt remote computers. Since many of Kaseya's customers provide IT services to small businesses such as restaurants and accounting firms it is difficult to estimate the number of businesses that were impacted because of this cyber attack. Another consequence was that the Swedish coop grocery store chain was forced to close 800 stores during several days. Experts say it was no coincidence that REvil launched the attack at the start of the Fourth of July holiday weekend, knowing U.S. offices would be lightly staffed. Many victims may not learn of it until they are back at work on Monday. Short time after the incident Kaseya said it sent a detection tool to nearly 900 customers. https://news.nucleon.sh/2021/07/29/cyber-news-update-67/ -------------------------------------------------------------------------------------------- That's it for this podcast, stay safe and see you in the next podcast. Don't forget to visit www.nucleoncyber.com for the latest podcasts on cyber intelligence.

French president pushes for Israeli inquiry into NSO spyware concerns Microsoft shares mitigations for new PetitPotam NTLM relay attack Fake Windows 11 installers already distributing malware Thanks to our episode sponsor, Varonis Still in the news is REvil's ransomware attack on Kaseya VSA servers. Varonis is here to help mitigate the blast radius of such attacks. Want a step-by-step guide on what you should be looking for? Visit varonis.com/risk to help make sure your data is protected. For the stories behind the headlines, head to CISOseries.com.

## End-of-Sale Ankündigungen Neue Produkte kommen und alte müssen gehen. Bei Sophos herrscht im Moment eine aufregende Phase. Die neue XGS Serie schickt die XG-Firewalls in Pension und auch das Lizenzmodell wurde etwas angepasst. Alle relevanten Änderungen und welche Produkte es bald nicht mehr zu kaufen gibt, erfahrt ihr in dieser Podcastfolge. ## Sophos Central XDR XDR kann seit dem 19. Mai als Overlay-Lizenz erworben werden. Dadurch erhalten XDR-fähigen Produkte die Möglichkeit, Daten bis zu 30 Tagen im Data Lake zu speichern. Bestandskunden, die bisher eine Lizenz mit EDR aktiv hatten, dürfen sich über ein kostenloses Update auf XDR freuen. Sophos hat nämlich am 10. Juli den EDR und XDR Teil zusammengefasst. ## Sophos Central bekommt neuen Speicherort in Kanada (Montreal) Neben den bisherigen Standorten in U.S., Deutschland und Irland, kommt mit Kanada ein weiteres Land hinzu. Sophos bietet Kunden mit einem Enterprise Dashboard bereits die Möglichkeit, ihre Central Daten auf einem Server in Montreal zu speichern. Worauf man aber trotzdem noch achten sollte, erwähnen wir in dieser Podcastfolge. ## Supply-Chain-Angriff auf Kaseya VSA Im Dezember 2020 wurde der Solarwinds-Hack publik und schon im März 2021 sprachen alle von HAFNIUM. Die Welle mit solchen Angriffen reisst nicht ab und der neuste Fall betrifft nun Kaseya VSA. Was dort genau passiert ist, erfährst du ganz am Schluss dieser Podcastfolge.

Israeli firm uses Windows zero-days to deploy spyware Cyberattacks increased 17% in Q1 of 2021, with 77% being targeted attacks Another unpatched bug in Windows print spooler Thanks to our episode sponsor, Varonis Still in the news is REvil's ransomware attack on Kaseya VSA servers. Varonis is here to help mitigate the blast radius of such attacks. Want a step-by-step guide on what you should be looking for? Visit varonis.com/risk to help make sure your data is protected. For the stories behind the headlines, head to CISOseries.com.

On April 1, a volunteer researcher for the Dutch Institute for Vulnerability Disclosure (DIVD) began poking around into Kaseya VSA, a popular software tool used to remotely manage and monitor computers. Within minutes, he found a zero-day vulnerability that allowed remote code execution—a serious flaw. Within weeks, his team had found seven or eight more.  In today's episode, DIVD Chair Victor Gevers describes the race to prevent one of the most devastating ransomware attacks in recent history. It's a race that Gevers and his team almost won. Almost.    

Two by two, folks, two by two. It's the best way to survive both a world-destroying flood and an RMM outage, for reasons that will become clear as Matt, Rich, and guest host Antwine Jackson, of Enitech Solutions, discuss Microsoft's new Windows 365 product, the latest developments from NinjaRMM, and (especially) the Kaseya VSA breach. And if you really want to get the inside story on what happened to VSA, don't miss this week's interview with Huntress CEO and threat expert extraordinaire Kyle Hanslovan, who shares previously undisclosed details about how attackers compromised that product. It may not be a tale of biblical proportions, but it's definitely an interesting one. Subscribe to ChannelPro Weekly! iTunes: https://itunes.apple.com/us/podcast/channelpro-weekly-podcast/id1095568582?mt=2 Google Play Podcasts: https://play.google.com/music/m/Igodza5l63vd5w5mdybtpq2cr7e?t=ChannelPro_Weekly_Podcast Spotify: https://open.spotify.com/show/7hWuOWbrIcwtrK6UJLSHvU Amazon Music: https://music.amazon.com/podcasts/a1d93194-a5f3-46d8-b625-abdc0ba032f1/ChannelPro-Weekly-Podcast More here: https://www.channelpronetwork.com/download/podcast/channelpro-weekly-podcast-episode-192-noahs-ark-approach Topics and Related Links Mentioned: Microsoft Launches First "Cloud PC" - https://www.channelpronetwork.com/news/microsoft-launches-first-cloud-pc NinjaRMM Ships RMM Update With Documentation Functionality - https://www.channelpronetwork.com/news/ninjarmm-ships-rmm-update-documentation-functionality NinjaRMM Invests in Partner Program - https://www.channelpronetwork.com/news/ninjarmm-invests-partner-program 5 Ways Kaseya VSA Users Are Keeping Customers Up, Running, and Satisfied - https://www.channelpronetwork.com/slideshow/5-ways-kaseya-vsa-users-are-keeping-customers-running-and-satisfied Huntress advice on what to do if your RMM is compromised - https://www.reddit.com/r/msp/comments/ocxamc/couldnt_sleep_last_night_because_of_this_question/h3xsd6r/?utm_source=share&utm_medium=web2x&context=3 Huntress video recreation of Kaseya VSA exploit - https://www.youtube.com/watch?v=dK4kvZ7n4eM Rich's ICYMI plug and quickie preview of the week ahead - https://www.channelpronetwork.com/tags/icymi

Subscribe to our Weekly Threat Intelligence Center News Feed! - https://www.securitymetrics.com/lp/education/threat-intelligence-subscribeJoin Heff and Forrest this week as they go over the latest in the Kaseya VSA Zero Day.Watch to learn more about additional stories:-The MONSOON of patches released in Patch Tuesday.-Mint Mobile breach sending many users phones to other services.-HUGE CNA Insurance breach.Hosted by Matthew Heffelfinger (Director of SIEM Operations, GSTRT, CyRP (Pepperdine), GRCP, SSAP, ITIL4-F, GISF, PECB) and Forrest Barth (SOC Analyst, CISSP, CMNO, Security+).

We hate it when we are right, but on the podcast this week we discuss the fallout from the Kaseya VSA hack. Learn what happened and how over 1500 businesses were impacted by ransomware because of a flaw in the Kaseya VSA software. We also discuss what businesses can do to overcome supply chain cyber attacks like this. Security Squawk - Episode 29 - with Bryan Hornung, Reginald Andre & Randy Bryan - This is a business podcast with a cybersecurity twist. Security Squawk podcast is dedicated to providing CEOs and business owners with insights around trending cybersecurity topics and how they affect you and your business.

The past week has been a lot for people in the security industry. Last Friday in the US, people were just about to clock off for what would hopefully be a relaxing Fourth of July long weekend. Only for cybercriminals to have other plans.This episode contains the audio from a recent live stream, where Hazel sat down with Cisco Talos' US Outreach Team lead Nick Biasini. We talked about the unfolding events surrounding the REvil ransomware campaign and Kaseya VSA supply chain attack. Nick broke down the complicated scenario, and talked about how the two attacks worked together. We also spoke about the impact for organizations around the world, as well as what we're seeing with ransomware on a general level at the moment.  The audio includes questions that we received during the live stream from our audience, and Nick's answers.To stay up to date on this attack, please take a look at the Talos response post which is being continually updated.

Video: Kaseya VSA a REvil - největší ransomware útok v historii? – SecurityCast Ep#66 - YouTube Po útoku skrze dodavatelský řetězec Kaseya ransomware REvil napadl přes 1500 společností; německý region vyhlásil po kybernetickém útoku stav katastrofy; společnost Microsoft vydala nouzovou aktualizaci zabezpečení která má řešit zranitelnost ve Windows Print Spooler známou jako PrintNightmare. Sledujte nás na Twitteru @AlefSecurity a @Jk0pr.

Cyber-attack hits Iran's transport ministry and railways Hackers use a new technique to disable macro security warnings in weaponized docs MacOS targeted in WildPressure APT malware campaign Thanks to our episode sponsor, Varonis Still in the news is REvil's ransomware attack on Kaseya VSA servers. Varonis is here to help mitigate the blast radius of such attacks. Want a step-by-step guide on what you should be looking for? Visit varonis.com/risk to help make sure your data is protected. For the stories behind the headlines, head to CISOseries.com.

Under den gångna veckan fick hela svenska folket se hur digitala attacker kan påverka samhället. Matkedjan Coop höll merparten av butikerna stängda i flera dagar och SJ kunde inte ta betalt i sina tågbistroer. Dessa företag hade tillsammans med många andra fallit offer för en världsomspännande IT-attack. I veckans podd förklarar vi hur attacken gick till och hur fjärrmanageringsverktyget Kaseya VSA spelade en central roll. Se fullständiga shownotes på https://go.nikkasystems.com/podd128.

Subscribe to our Threat Intelligence Center News Feed! - https://www.securitymetrics.com/lp/education/threat-intelligence-subscribeTune in for this breaking news segment where Heff and Forrest dive into all you need to know about the Kaseya VSA Zero Day.Resources: -https://vimeo.com/571285457-https://www.lawfareblog.com/kaseya-ransomware-attack-really-big-deal

Afgelopen weekend werden we opgeschrikt door wat mogelijk de grootste ransomware aanval ooit had kunnen worden. De Russische groep REvil misbruikte een kwetsbaarheid in Kaseya VSA beheersoftware die door duizenden ICT beheerders gebruikt wordt om hun klanten te beheren. Ik praat met cyberhelden Wietse Boonstra en Frank Breedijk van DIVD die uitvoerig vertellen over hun rol in het stoppen van de aanval.

CISA and the Federal Bureau of Investigation (FBI) continue to respond to the recent supply-chain ransomware attack leveraging a vulnerability in Kaseya VSA software against multiple managed service providers (MSPs) and their customers. CISA and FBI strongly urge affected MSPs and their customers to follow the guidance below.CISA and FBI recommend affected MSPs:Download the Kaseya VSA Detection Tool.  This tool analyzes a system (either VSA server or managed endpoint) and determines whether any indicators of compromise (IoC) are present.    Enable and enforce multi-factor authentication (MFA) on every single account that is under the control of the organization, and—to the maximum extent possible—enable and enforce MFA for customer-facing services.Implement allowlisting to limit communication with remote monitoring and management (RMM) capabilities to known IP address pairs, and/orPlace administrative interfaces of RMM behind a virtual private network (VPN) or a firewall on a dedicated administrative network.CISA and FBI recommend MSP customers affected by this attack take immediate action to implement the following cybersecurity best practiceshttps://www.zdnet.com/article/kaseya-ransomware-supply-chain-attack-everything-you-need-to-know-updated/

The US Government strikes down the Joint Enterprise Defense Infrastructure (JEDI) and we have another ransomware attack as the prolific REvil ransomware crew exploited Kaseya VSA. We discuss these stories and more on this week's Rundown. For show notes visit: https://gestaltit.com/

So the trio this week discusses what the U.S. government is attempting to do to help with the increasing threats of cyber attacks on businesses. There are several proposals on the table from various government officials and the crew looks at those. Durin g the discussion, Bryan casually predicts a major cyber attack over the 4th of July holiday - and of course, we have the largest ransomware attack to date with the Kaseys VSA hack. Security Squawk - Episode 28 - with Bryan Hornung, Reginald Andre & Randy Bryan - This is a business podcast with a cybersecurity twist. Security Squawk podcast is dedicated to providing CEOs and business owners with insights around trending cybersecurity topics and how they affect you and your business.

PrintNightmare es el nombre de la nueva vulnerabilidad crítica que afecta a casi todos los sistemas de Windows y para la cual Microsoft aún no ha publicado un parche. Si vas a deshacerte de tus dispositivos IoT de Amazon, piénsatelo dos veces y primero restaura la configuración de fábrica, o para los más paranoicos, destroza el dispositivo con un martillo. Un investigador español demuestra cómo puede atacar cajeros automáticos y puntos de venta con su móvil a través del protocolo NFC. Usuarios de sistemas de almacenamiento con acceso remoto de Western Digital se encuentran que todos sus archivos han sido eliminados de sus dispositivos que llevan más de 6 años sin actualizaciones de seguridad. Ojo a las redes Wi-Fi a las que exponéis a vuestros iPhone. Investigadores demuestran cómo afectar a estos móviles usando nombre de Wi-Fis específicos. REvil vuelve y probablemente haya causado el mayor ataque de ransomware de la historia abusando un ataque de cadena de suministro en un software de gestión remota llamado Kaseya VSA e infectando a miles de empresas y hasta a un millón de sistemas. Notas y referencias en tierradehackers.com Twitch: twitch.tv/tierradehackers

Kaseya VSA, a remote management software, experienced a breach over the holiday weekend that is already impacting a number of clients. It appears that this attack is connected to the Russian hacker gang known as REvil—but it has not been determined whether or not it is the work of REvil itself or an affiliate in their Ransomware as a Service (RaaS) program (and yes, that's a thing).Evan and Brad break down the attack on this week's UNSECURITY episode.Additionally, and flying under the radar because of Kaseya, news broke on June 30th about an impressive and potentially very damaging vulnerability in the Microsoft Print Spooler service. This has actually impacted a larger number of customers than Kaseya (millions of servers) and likely would have been bigger news had it not been for Kaseya.If you feel you've been impacted by the Kaseya attack directly, or would like more information, visit: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689Here is more information on the Microsoft bug: https://www.yahoo.com/entertainment/microsoft-sounds-urgent-warning-windows-022541397.html?Additionally, Evan was on KARE 11 discussing Kaseya yesterday (July 5): https://www.kare11.com/video/news/local/breaking-the-news/ransomware-crime-wave-keeps-us-on-edge/89-44bed2c8-bbb1-4572-abc9-53551c6c74fa?jwsource=clGive episode 138 a watch/listen and send questions, comments, and feedback to unsecurity@protonmail.com.

Cyberattackers are getting smarter and the attacks more sophisticated. A North Island kindergarten association is among hundreds of groups hit at the weekend by a cybercriminal gang believed to be based in Russia. The REvil group is believed to be responsible for the attack targeting users of its remote IT management software Kaseya VSA. Andrew Hampton is the director-general of the Government Communications Security Bureau - the country's foreign intelligence agency. He told reporter Katie Doyle the international "threat-scape" is changing.

On this episode we're joined by Brian Weiss, Founder of ITech Solutions as we unpack the third REvil and Kaseya incident that began Friday July 2nd 2021. Despite Kaseya VSA not being FedRAMP, by it's own disclosure VSA was being used by Federal Agencies. While details continue to emerge we're getting the outline of what may have caused potentially over one million computers to have been encrypted and an initial ransom request for 70 millions dollars. Eric Taylor | LinkedInTwitter: barricadecyberwww.barricadecyber.comShiva Maharaj | LinkedInTwitter: kontinuummspwww.kontinuum.com   Brian J. Weiss | LinkedInITECH Solutions: Overview | LinkedInwww.itech-solutions.com Buy Eric a Coffee Eric Taylor is Educating folks around cyber securityBuy Shiva a Coffee IT support that's actually supportive.FASTMAIL Your data is for you, no one else. That includes your email, calendars, contacts, notes, and files! --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app Support this podcast: https://anchor.fm/amplifiedandintensified/support

The full impact of the global ransomware attack on New Zealand organisations will become more apparent this morning. Some service providers in New Zealand that use Kaseya VSA management software may not yet know if they've been affected. It is known that some schools seem to have been affected, with the Ministry of Education confirming it's investigating. So far hundreds, if not thousands, of organisations globally are affected - including five hundred Swedish supermarkets and hundreds of American businesses. CERT NZ incident response manager Nadia Yousef spoke to Corin Dann.

More information should emerge this morning as to how many New Zealand organisations are caught up in a global ransomware attack. The attack on the IT management software provider Kaseya VSA has spread to hundreds of its end users - but the full extent of the damage isn't known yet. Authorites are pointing at Russian-based cybercrimial gang REvil as being responsible. Datacom Cybersecurity's strategic communications manager Paul Brislen spoke to Corin Dann.

The full impact of the global ransomware attack on New Zealand organisations will become more apparent this morning. Some service providers in New Zealand that use Kaseya VSA management software may not yet know if they've been affected. It is known that some schools seem to have been affected, with the Ministry of Education confirming it's investigating. So far hundreds, if not thousands, of organisations globally are affected - including five hundred Swedish supermarkets and hundreds of American businesses. CERT NZ incident response manager Nadia Yousef spoke to Corin Dann.

More information should emerge this morning as to how many New Zealand organisations are caught up in a global ransomware attack. The attack on the IT management software provider Kaseya VSA has spread to hundreds of its end users - but the full extent of the damage isn't known yet. Authorites are pointing at Russian-based cybercrimial gang REvil as being responsible. Datacom Cybersecurity's strategic communications manager Paul Brislen spoke to Corin Dann.