Security News

As companies nudge their staff to return to communal workspaces, many workers don't actually want to - more than 50 percent of employees would rather quit, according to research by EY. While HR teams worry over the hearts and minds of staff, IT security professionals have a different battle plan to draft - how to make the new normal of the hybrid workplace secure. In a hybrid workplace, a Zero Trust strategy means ever-tightening security.

This month's Kaseya VSA ransomware attack took a turn for the worse on Wednesday with word that miscreants have launched a phishing campaign to ensnare victims with a remote-control tool disguised as a VSA update. Since late last week, instances of VSA - Kaseya's monitoring and management software for fleets of PCs and other IT gear - have been exploited to distribute REvil ransomware, prompting the biz to shut down its Kaseya Cloud service and to tell customers to turn off their on-prem Kaseya VSA servers while it worked on a patch for whatever vulnerability is being abused.

The Secure Remote Access product of industrial cybersecurity firm Claroty is affected by a vulnerability that could be useful to threat actors targeting industrial organizations. Claroty SRA is a secure remote access solution specifically built for OT environments, including in terms of operational, administrative and security needs.

Dubbed ChaChi by researchers at BlackBerry, the RAT has recently shifted its focus from government agencies to schools in the US. A Remote Access Trojan is targeting schools and universities with ransomware attacks. Specifically, ChaChi has been discovered in data breaches of K-12 schools and higher education facilities in the U.S. as well as the U.K. SEE: Special report: A winning strategy for cybersecurity.

Microsoft says that apps may encounter issues accessing event logs on remote Windows 10 devices unless KB5003637 or later updates are installed on both systems. "Event logs might not be accessible from remote devices unless both devices have updates released June 8, 2021 or later," Microsoft states on the Windows 10 health dashboard.

Linux Remote Sound - enables users to listen to audio files from the remote machine on their local device. Linux Headless Server Remote Access Support - users can access a Linux server without any monitor connected to it.

G/On has proved particularly effective where organizations need to scale remote access provision fast. The solution only allows access to authorised users and devices.

WALLIX announced a new initiative to support the healthcare sector. Following a year of high demand and accelerated digital transformation, WALLIX now provides enhanced data monitoring and secure remote access through an all-in-one-bundle.

Today, researchers have exposed common weaknesses lurking in the latest smart sex toys that can be exploited by attackers. In examples provided by the researchers, technologies like Bluetooth and inadequately secured remote APIs make these IoT personal devices vulnerable to attacks that go beyond just compromising user privacy.

The actor received the name LazyScripter and has been active since 2018, using phishing to target individuals seeking immigration to Canada for a job, airlines, and the International Air Transport Association. The researchers from Malwarebytes also found other examples where the attacker dropped other remote access trojans that are common to multiple hacking groups: LuminosityLink, RMS, Quasar, njRat, and Remcos.