Interesting #threatintel thread on Twitter this morning from Resecurity (Full disclosure: I worked with one of their team a number of years ago.). Their research findings do not seem to be up on their web site at this time, so hopefully you can access it on Twitter. The thread begins here. In light of the…
Category: Of Note
Sodinokibi hackers demand $70 mln to restore data held by companies hit in Kaseya cyberattack
Raphael Satter reports: Hackers suspected to be behind a mass extortion attack that affected hundreds of companies worldwide late on Sunday demanded $70 million to restore the data they are holding ransom, according to a posting on a dark web site. The demand was posted on a blog typically used by the REvil cybercrime gang,…
Canadian non-profit hit by malware gets help — from the threat actor
Good Shepherd Centres in Canada recently disclosed a breach involving protected health information that occurred on September, 27, 2020. On June 29, Good Shepherd posted a statement that explains that it had been the victim of an attempt to shut down its systems, but that the attacker(s) “quickly facilitated restoration after realizing that Good Shepherd…
Japan’s “K” Line Apologizes for Second Cyberattack in Months
The Maritime Executive reports: Japanese shipping company Kawasaki Kisen Kaisha, known as “K” Line issued a brief statement today confirming that its computer systems have once again been breached with “unauthorized access to overseas subsidiary systems.” One of Japan’s oldest and largest shipping companies, with a fleet of more than 400 ships, “K” Line had…
Kaseya supply chain attack delivers mass ransomware event to US companies
Kevin Beaumont (@Gossithedog) writes: Kaseya VSA is a commonly used solution by MSPs — Managed Service Providers — in the United States and United Kingdom, which helps them manage their client systems. Kaseya’s website claims they have over 40,000 customers. Four hours ago, an apparent auto update in the product has delivered REvil ransomware. By…
CISA’s CSET Tool Sets Sights on Ransomware Threat
CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks. CSET—applicable to both information technology (IT) and industrial control system (ICS) networks—enables users to perform…