The Maritime Executive reports: Japanese shipping company Kawasaki Kisen Kaisha, known as “K” Line issued a brief statement today confirming that its computer systems have once again been breached with “unauthorized access to overseas subsidiary systems.” One of Japan’s oldest and largest shipping companies, with a fleet of more than 400 ships, “K” Line had…
Category: Of Note
Kaseya supply chain attack delivers mass ransomware event to US companies
Kevin Beaumont (@Gossithedog) writes: Kaseya VSA is a commonly used solution by MSPs — Managed Service Providers — in the United States and United Kingdom, which helps them manage their client systems. Kaseya’s website claims they have over 40,000 customers. Four hours ago, an apparent auto update in the product has delivered REvil ransomware. By…
CISA’s CSET Tool Sets Sights on Ransomware Threat
CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks. CSET—applicable to both information technology (IT) and industrial control system (ICS) networks—enables users to perform…
Coordinated Action Cuts Off Access To VPN Service Used By Ransomware Groups
This week, law enforcement and judicial authorities in Europe, the US and Canada have seized the web domains and server infrastructure of DoubleVPN. This is a virtual private network (VPN) service which provided a safe haven for cybercriminals to attack their victims. This coordinated takedown, led by the Dutch National Police (Politie), under jurisdiction of the…
Hackers use zero-day to mass-wipe My Book Live devices
Lawrence Abrams reports that preliminary reports attributing a mass-wipe to a CVE from 2018 were not quite the whole story. Western Digital had originally told BleepingComputer that the attacks were being conducted through a 2018 vulnerability tracked as CVE-2018-18472, which was not fixed as the device has been out of support since 2015. It turns out that…
University Medical Center of Southern Nevada attacked by REvil threat actors
See update at bottom of this post for statement from UMCSN. They do confirm that there was a breach. The University Medical Center of Southern Nevada, who proudly proclaims itself the official healthcare provider for the Vegas Golden Knights, has allegedly been the victim of a cyberattack by REvil (Sodinokibi) threat actors. The well-known ransomware…