Security News

Beleaguered IT management firm Kaseya says sixty per cent of its SaaS services have been successfully restored. An update to the firm's advisory regarding the attack on its VSA product, time-stamped 10:00PM Eastern Daylight Time on July 11th, states: "The restoration of services is progressing according to plan, with 60% of our SaaS customers live and servers coming online for the rest of our customers in the coming hours."

Recognizing the importance of SaaS security, Gartner named a new category, SaaS Security Posture Management, to distinguish solutions that have the capabilities to offer a continuous assessment of security risks arising from a SaaS application's deployment. The results of the 2021 SaaS Security Survey Report present a picture of widespread SaaS application security concerns as well as uncovers less-than-best practices organizations are turning to de facto, while trying to manage the overwhelming amount of SaaS security configurations.

Beleaguered IT management software vendor Kaseya has delayed the restoration of its SaaS services until Sunday, July 11. An update to the company's incident guidance report includes a video message from CEO Fred Voccola, who took personal responsibility for the delay.

Kaseya's attempt to recover its SaaS services has failed, and its CEO has attempted to play down the significance of the incident that has seen its VSA services offline since July 2nd and over 1,000 ransomware infections. The company had previously advised that SaaS restoration had commenced, with individual SaaS servers due to come online "Throughout the night US time".

Kaseya has said it's been unable to find signs its code was maliciously modified, and offered its users a ray of hope with news that it is testing a patch for its on-prem software and is considering restoring its SaaS services on Tuesday, US Eastern Daylight Time. The beleaguered IT for service providers company is fighting a supply chain attack on its VSA product that it has documented with a rolling advisory that was updated at 09:30PM on July 5th EDT. The update has good news and bad news.

IT management software provider Kaseya has deferred an announcement about restoration of its SaaS services, after falling victim to a supply chain attack that has seen its products become a delivery mechanism for the REvil ransomware. The update is needed because last Friday Kaseya advised users of its on-premises software to shut it down ASAP after a detecting a supply chain attack on its VSA product - a tool that combines endpoint management and network monitoring.

Immuta launched new SaaS deployment option, enabling data teams to implement data access control across their entire cloud data environment in minutes. Modern data teams are moving to pure SaaS deployments for all of their analytics and data science, and they want access control delivered in the same way.

The problem is that while the Executive Order is a great start, the two primary requirements for putting Zero Trust into effect, MFA and encryption, don't really close all cloud security gaps. These attack vectors show the importance of SaaS security management to cloud security as a whole.

Gigamon announced ThreatINSIGHT Guided-SaaS NDR, which was purpose built to improve SOC effectiveness and reduce analyst burnout. ThreatINSIGHT alleviates the three most common problems that continue to plague SOC analysts and incident responders.

Mandiant has untangled itself from FireEye by selling the product portion of the firm to Symphony Technology Group for $1.2 billion. In a cybersecurity divorce that had fewer leading indicators than the dissolution of Kim and Kanye, Mandiant has finally untangled itself from FireEye by selling the product portion of the firm to Symphony Technology Group for $1.2 billion.