Security News

A massive REvil ransomware attack affects multiple managed service providers and over a thousand of their customers through a reported Kaseya supply-chain attack. Starting this afternoon, the REvil ransomware gang, aka Sodinokibi, targeted MSPs with thousands of customers, through what appears to be a Kaseya VSA supply-chain attack.

A massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack. Starting this afternoon, the REvil ransomware gang targeted approximately six large MSPs, with thousands of customers, through what appears to be a Kaseya VSA supply-chain attack.

U.S. and U.K. authorities are warning that the APT28 advanced-threat actor - a.k.a. Fancy Bear or Strontium, among other names - has been using a Kubernetes cluster in a widespread campaign of brute-force password-spraying attacks against hundreds of government and private sector targets worldwide. The attackers are after the passwords of people who work at sensitive jobs in hundreds of organizations worldwide, including government and military agencies in the U.S. and Europe, defense contractors, think tanks, law firms, media outlets, universities and more.

Arthur J. Gallagher, a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September. "Working with the cybersecurity and forensic specialists to determine what may have happened and what information may have been affected, we determined that an unknown party accessed or acquired data contained within certain segments of our network between June 3, 2020 and September 26, 2020," AJG said.

Several critical and high-severity vulnerabilities have been identified in programmable logic controller and human-machine interface products made by WAGO, a German company specializing in electrical connection and automation solutions. "By chaining the shared memory overflow vulnerability and the out-of-bound read vulnerability, we were able to create a full blown pre-auth remote code execution to take over any WAGO PFC100/200 device remotely," Katz told SecurityWeek.

Armorblox announced a strategic technology partnership with Intermedia to protect customers from advanced email attacks that target potentially vulnerable users. Armorblox technology powers AI Guardian, included with Intermedia Email Protection, to detect and alert users to sophisticated email attacks that weaponize the context of communications to steal money and data.

Security agencies in the United States and United Kingdom issued an advisory on Thursday to warn organizations about an ongoing global campaign involving brute force techniques. According to the agencies, brute-force access attempts have been used against hundreds of organizations worldwide, particularly in the United States and Europe.

The National Security Agency warns that Russian nation-state hackers are conducting brute force attacks to access US networks and steal email and files. In a new advisory released today, the NSA states that the Russian GRU's 85th Main Special Service Center, military unit 26165, has been using a Kubernetes cluster since 2019 to perform password spray attacks on US and foreign organizations, including the US government and Department of Defense agencies.

Business Email Compromise attacks are skyrocketing as organizations rely on decades-old email protocols and standards, and bad actors perfect social engineering. The good news is that automated email certificates can help organizations avoid these attacks and protect their employees against spear phishing attacks.

Trend Micro released a new report highlighting the growing risk of downtime and sensitive data theft from ransomware attacks aimed at industrial facilities. "Given the US government is now treating ransomware attacks with the same gravity as terrorism, we hope our latest research will help industrial plant owners to prioritize and refocus their security efforts."