Results 1 to 22 of 22

Thread: Kaseya Ransomware threat

  1. #1

    Thread Starter
    MS SQL Powerposter szlamany's Avatar
    Join Date
    Mar 2004
    Location
    Connecticut
    Posts
    18,263

    Kaseya Ransomware threat

    If you use Kaseya beware!

    I've got clients pulling backup tapes out of machines and out of rotation to air gap them!

    Independence Day!

    *** Read the sticky in the DB forum about how to get your question answered quickly!! ***

    Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".

    Some Informative Links:
    [ SQL Rules to Live By ] [ Reserved SQL keywords ] [ When to use INDEX HINTS! ] [ Passing Multi-item Parameters to STORED PROCEDURES ]
    [ Solution to non-domain Windows Authentication ] [ Crazy things we do to shrink log files ] [ SQL 2005 Features ] [ Loading Pictures from DB ]

    MS MVP 2006, 2007, 2008

  2. #2
    PowerPoster
    Join Date
    Nov 2017
    Posts
    3,116

    Re: Kaseya Ransomware threat

    I worked for a Cloud provider years ago that used Kaseya for internal server management and also for external client endpoint management for those that wanted it.

    Can't say I'm surprised by this. IT Security is losing battle as long as there is an internet connection. Everything has exploitable flaws, and almost certainly a non-trivial percent of those flaws are created intentionally by government agents (both foreign and domestic) working undercover for major software companies.

    There needs to be a massive move by all industries to isolate their computers to local LAN's/WAN's and cut off connection to the internet. It is a huge undertaking and is unbelievably time consuming and inconvenient to do so, but something drastic needs to be done.

    My two cents.

  3. #3
    Administrator Steve R Jones's Avatar
    Join Date
    Apr 2012
    Location
    Largo, FL.
    Posts
    1,826

    Re: Kaseya Ransomware threat

    Quote Originally Posted by OptionBase1 View Post
    There needs to be a massive move by all industries to isolate their computers to local LAN's/WAN's and cut off connection to the internet. It is a huge undertaking and is unbelievably time consuming and inconvenient to do so, but something drastic needs to be done.
    BUT....everyone and their dog is so happy about being able to access files from anywhere in world without having to lug the files around with them?

    OH...what's this world coming too.

  4. #4
    Fanatic Member 2kaud's Avatar
    Join Date
    May 2014
    Location
    England
    Posts
    996

    Re: Kaseya Ransomware threat

    "you pays your money and you takes your choice"
    All advice is offered in good faith only. You are ultimately responsible for the effects of your programs and the integrity of the machines they run on. Anything I post, code snippets, advice, etc is licensed as Public Domain https://creativecommons.org/publicdomain/zero/1.0/

    C++23 Compiler: Microsoft VS2022 (17.6.5)

  5. #5
    Super Moderator dday9's Avatar
    Join Date
    Mar 2011
    Location
    South Louisiana
    Posts
    11,711

    Re: Kaseya Ransomware threat

    Quote Originally Posted by Steve R Jones View Post
    BUT....everyone and their dog is so happy
    I like dogs.
    "Code is like humor. When you have to explain it, it is bad." - Cory House
    VbLessons | Code Tags | Sword of Fury - Jameram

  6. #6
    PowerPoster
    Join Date
    Feb 2006
    Posts
    24,482

    Re: Kaseya Ransomware threat

    Quote Originally Posted by Steve R Jones View Post
    BUT....everyone and their dog is so happy about being able to access files from anywhere in world without having to lug the files around with them?
    I don't know the product, but it doesn't sound like that's what it is for.

    As far as security goes, the number one problem is incompetent box jockeys. I remember when they raised they pay scale to the same as software developers. And yet I was always getting called in to solve problems for them with some gimcrack "administration" tool they'd bought and dumped to fend for itself on a server.

    Normally it was just a matter of reading the documentation and doing exactly as outlined For Dummies. Well, assuming they hadn't thrown it all out with the box it came in.

    Low literacy is an even bigger problem with these computer janitors than it is with programmers. Most seem to get their jobs through nepotism and the better ones might have some sort of Associates Degree in Basket Weaving.

    However in this case it sounds like a real security loophole in the software. I wouldn't know, nobody is paying me to go read that article. I don't make monkeys, or even try to train them anymore.

  7. #7
    Administrator Steve R Jones's Avatar
    Join Date
    Apr 2012
    Location
    Largo, FL.
    Posts
    1,826

    Re: Kaseya Ransomware threat

    It's not my circus - it's not my monkey
    I worked for a software company for twenty years. Every year or two, I'd see some things that made my head spin... I'd have to get with the boss and get a reminder about exactly where the line is....

    If I felt that their IT company was overly stupid - I'd share my thoughts.

  8. #8

    Thread Starter
    MS SQL Powerposter szlamany's Avatar
    Join Date
    Mar 2004
    Location
    Connecticut
    Posts
    18,263

    Re: Kaseya Ransomware threat

    Kaseya allows for server and end-point management. My client has an outside tech company that uses Kaseya for managing the before-mentioned devices.

    They dodged a bullet this week - those Kaseya servers that got compromised did bad stuff.

    Kaseya has 40,000 customers - and 1000 have been hit hard.

    *** Read the sticky in the DB forum about how to get your question answered quickly!! ***

    Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".

    Some Informative Links:
    [ SQL Rules to Live By ] [ Reserved SQL keywords ] [ When to use INDEX HINTS! ] [ Passing Multi-item Parameters to STORED PROCEDURES ]
    [ Solution to non-domain Windows Authentication ] [ Crazy things we do to shrink log files ] [ SQL 2005 Features ] [ Loading Pictures from DB ]

    MS MVP 2006, 2007, 2008

  9. #9
    PowerPoster
    Join Date
    Feb 2006
    Posts
    24,482

    Re: Kaseya Ransomware threat

    Don't worry, Biden is on the case. 'Cause, doncha know, Russia.

  10. #10
    Super Moderator dday9's Avatar
    Join Date
    Mar 2011
    Location
    South Louisiana
    Posts
    11,711

    Re: Kaseya Ransomware threat

    Quote Originally Posted by dilettante View Post
    'Cause, doncha know, Russia.
    I like bears.
    "Code is like humor. When you have to explain it, it is bad." - Cory House
    VbLessons | Code Tags | Sword of Fury - Jameram

  11. #11
    Super Moderator dday9's Avatar
    Join Date
    Mar 2011
    Location
    South Louisiana
    Posts
    11,711

    Re: Kaseya Ransomware threat

    Bears. Beats. Battle Star Galactica.
    "Code is like humor. When you have to explain it, it is bad." - Cory House
    VbLessons | Code Tags | Sword of Fury - Jameram

  12. #12

    Thread Starter
    MS SQL Powerposter szlamany's Avatar
    Join Date
    Mar 2004
    Location
    Connecticut
    Posts
    18,263

    Re: Kaseya Ransomware threat

    Quote Originally Posted by dday9 View Post
    Bears. Beats. Battle Star Galactica.
    dday doing some day off drinking?

    *** Read the sticky in the DB forum about how to get your question answered quickly!! ***

    Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".

    Some Informative Links:
    [ SQL Rules to Live By ] [ Reserved SQL keywords ] [ When to use INDEX HINTS! ] [ Passing Multi-item Parameters to STORED PROCEDURES ]
    [ Solution to non-domain Windows Authentication ] [ Crazy things we do to shrink log files ] [ SQL 2005 Features ] [ Loading Pictures from DB ]

    MS MVP 2006, 2007, 2008

  13. #13
    Super Moderator dday9's Avatar
    Join Date
    Mar 2011
    Location
    South Louisiana
    Posts
    11,711

    Re: Kaseya Ransomware threat

    Ohhhhhhhhhh yeah.
    "Code is like humor. When you have to explain it, it is bad." - Cory House
    VbLessons | Code Tags | Sword of Fury - Jameram

  14. #14
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,834

    Re: Kaseya Ransomware threat

    I work for a pretty big international company. We have software called BlackIce that caught and isolated it here locally. A couple of servers are still off line but it stopped there.
    Please remember next time...elections matter!

  15. #15

    Thread Starter
    MS SQL Powerposter szlamany's Avatar
    Join Date
    Mar 2004
    Location
    Connecticut
    Posts
    18,263

    Re: Kaseya Ransomware threat

    1500 servers and one million end points! Wow is all I can say.

    They used the ability to upload a JPG containing the malware and then SQL injection in an old .ASP page to get said malware to execute.

    Yes - .ASP - not .ASPX.

    IMO, if you are a major player in security management, patch management and remote end point manipulation you should be rebuilding your ENTIRE stack CONSTANTLY.

    Just like you were some kind of jet - rebuild the entire plane every x-number of years!

    Are we all using the latest version of our libraries? I know I am not - and I need to address that!

    *** Read the sticky in the DB forum about how to get your question answered quickly!! ***

    Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".

    Some Informative Links:
    [ SQL Rules to Live By ] [ Reserved SQL keywords ] [ When to use INDEX HINTS! ] [ Passing Multi-item Parameters to STORED PROCEDURES ]
    [ Solution to non-domain Windows Authentication ] [ Crazy things we do to shrink log files ] [ SQL 2005 Features ] [ Loading Pictures from DB ]

    MS MVP 2006, 2007, 2008

  16. #16
    Super Moderator dday9's Avatar
    Join Date
    Mar 2011
    Location
    South Louisiana
    Posts
    11,711

    Re: Kaseya Ransomware threat

    I literally found out last week that it is theoretically possible to inject JPGs with malware. I never knew this nor was I aware of its practical applications.
    "Code is like humor. When you have to explain it, it is bad." - Cory House
    VbLessons | Code Tags | Sword of Fury - Jameram

  17. #17
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,834

    Re: Kaseya Ransomware threat

    Quote Originally Posted by dday9 View Post
    I literally found out last week that it is theoretically possible to inject JPGs with malware. I never knew this nor was I aware of its practical applications.
    That made me curious...here is an example of it (conceptually)

    https://umbrella.cisco.com/blog/pict...-hides-malware
    Please remember next time...elections matter!

  18. #18

    Thread Starter
    MS SQL Powerposter szlamany's Avatar
    Join Date
    Mar 2004
    Location
    Connecticut
    Posts
    18,263

    Re: Kaseya Ransomware threat

    To add salt to the wound, just last week MS owned up to another attack vector - the common printer spooler service.

    https://www.techrepublic.com/article...emote-attacks/

    And of course anyone using Kaseya for end-point management is unable to push out the patch!

    *** Read the sticky in the DB forum about how to get your question answered quickly!! ***

    Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".

    Some Informative Links:
    [ SQL Rules to Live By ] [ Reserved SQL keywords ] [ When to use INDEX HINTS! ] [ Passing Multi-item Parameters to STORED PROCEDURES ]
    [ Solution to non-domain Windows Authentication ] [ Crazy things we do to shrink log files ] [ SQL 2005 Features ] [ Loading Pictures from DB ]

    MS MVP 2006, 2007, 2008

  19. #19
    Super Moderator dday9's Avatar
    Join Date
    Mar 2011
    Location
    South Louisiana
    Posts
    11,711

    Re: Kaseya Ransomware threat

    Considering the level of (non-chit-chat related) activity in this thread, I've moved this to General PC.
    "Code is like humor. When you have to explain it, it is bad." - Cory House
    VbLessons | Code Tags | Sword of Fury - Jameram

  20. #20
    Wall Poster TysonLPrice's Avatar
    Join Date
    Sep 2002
    Location
    Columbus, Ohio
    Posts
    3,834

    Re: Kaseya Ransomware threat

    If I tell a few jokes will you move it back
    Please remember next time...elections matter!

  21. #21
    Frenzied Member
    Join Date
    Feb 2003
    Posts
    1,807

    Re: Kaseya Ransomware threat

    My two cents, no matter how secure the software or hardware, if the end user can somehow be manipulated... And, I love forums...

  22. #22
    PowerPoster
    Join Date
    Feb 2006
    Posts
    24,482

    Re: Kaseya Ransomware threat

    So much Internet crime. It seems to be everywhere:

    I just had somebody contact me about mail order spirit companions that do not turn up and the people behind it, will just tell them they are too blocked to know they are there.

    Please do not get scammed. Sadly there are so many people in the world that will take advantage of others and rip them off.
    And yes, that is a real post that was made with a straight face.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width