-
Jul 2nd, 2021, 06:13 PM
#1
Kaseya Ransomware threat
If you use Kaseya beware!
I've got clients pulling backup tapes out of machines and out of rotation to air gap them!
Independence Day!
-
Jul 2nd, 2021, 08:12 PM
#2
Re: Kaseya Ransomware threat
I worked for a Cloud provider years ago that used Kaseya for internal server management and also for external client endpoint management for those that wanted it.
Can't say I'm surprised by this. IT Security is losing battle as long as there is an internet connection. Everything has exploitable flaws, and almost certainly a non-trivial percent of those flaws are created intentionally by government agents (both foreign and domestic) working undercover for major software companies.
There needs to be a massive move by all industries to isolate their computers to local LAN's/WAN's and cut off connection to the internet. It is a huge undertaking and is unbelievably time consuming and inconvenient to do so, but something drastic needs to be done.
My two cents.
-
Jul 3rd, 2021, 03:09 AM
#3
Re: Kaseya Ransomware threat
Originally Posted by OptionBase1
There needs to be a massive move by all industries to isolate their computers to local LAN's/WAN's and cut off connection to the internet. It is a huge undertaking and is unbelievably time consuming and inconvenient to do so, but something drastic needs to be done.
BUT....everyone and their dog is so happy about being able to access files from anywhere in world without having to lug the files around with them?
OH...what's this world coming too.
-
Jul 3rd, 2021, 04:26 AM
#4
Re: Kaseya Ransomware threat
"you pays your money and you takes your choice"
All advice is offered in good faith only. You are ultimately responsible for the effects of your programs and the integrity of the machines they run on. Anything I post, code snippets, advice, etc is licensed as Public Domain https://creativecommons.org/publicdomain/zero/1.0/
C++23 Compiler: Microsoft VS2022 (17.6.5)
-
Jul 3rd, 2021, 10:07 PM
#5
Re: Kaseya Ransomware threat
Originally Posted by Steve R Jones
BUT....everyone and their dog is so happy
I like dogs.
-
Jul 4th, 2021, 06:21 AM
#6
Re: Kaseya Ransomware threat
Originally Posted by Steve R Jones
BUT....everyone and their dog is so happy about being able to access files from anywhere in world without having to lug the files around with them?
I don't know the product, but it doesn't sound like that's what it is for.
As far as security goes, the number one problem is incompetent box jockeys. I remember when they raised they pay scale to the same as software developers. And yet I was always getting called in to solve problems for them with some gimcrack "administration" tool they'd bought and dumped to fend for itself on a server.
Normally it was just a matter of reading the documentation and doing exactly as outlined For Dummies. Well, assuming they hadn't thrown it all out with the box it came in.
Low literacy is an even bigger problem with these computer janitors than it is with programmers. Most seem to get their jobs through nepotism and the better ones might have some sort of Associates Degree in Basket Weaving.
However in this case it sounds like a real security loophole in the software. I wouldn't know, nobody is paying me to go read that article. I don't make monkeys, or even try to train them anymore.
-
Jul 4th, 2021, 08:45 AM
#7
Re: Kaseya Ransomware threat
It's not my circus - it's not my monkey
I worked for a software company for twenty years. Every year or two, I'd see some things that made my head spin... I'd have to get with the boss and get a reminder about exactly where the line is....
If I felt that their IT company was overly stupid - I'd share my thoughts.
-
Jul 4th, 2021, 01:02 PM
#8
Re: Kaseya Ransomware threat
Kaseya allows for server and end-point management. My client has an outside tech company that uses Kaseya for managing the before-mentioned devices.
They dodged a bullet this week - those Kaseya servers that got compromised did bad stuff.
Kaseya has 40,000 customers - and 1000 have been hit hard.
-
Jul 4th, 2021, 01:46 PM
#9
Re: Kaseya Ransomware threat
Don't worry, Biden is on the case. 'Cause, doncha know, Russia.
-
Jul 4th, 2021, 03:01 PM
#10
Re: Kaseya Ransomware threat
Originally Posted by dilettante
'Cause, doncha know, Russia.
I like bears.
-
Jul 4th, 2021, 03:01 PM
#11
Re: Kaseya Ransomware threat
Bears. Beats. Battle Star Galactica.
-
Jul 4th, 2021, 07:35 PM
#12
Re: Kaseya Ransomware threat
Originally Posted by dday9
Bears. Beats. Battle Star Galactica.
dday doing some day off drinking?
-
Jul 4th, 2021, 10:41 PM
#13
Re: Kaseya Ransomware threat
-
Jul 7th, 2021, 08:52 AM
#14
Re: Kaseya Ransomware threat
I work for a pretty big international company. We have software called BlackIce that caught and isolated it here locally. A couple of servers are still off line but it stopped there.
Please remember next time...elections matter!
-
Jul 7th, 2021, 12:45 PM
#15
Re: Kaseya Ransomware threat
1500 servers and one million end points! Wow is all I can say.
They used the ability to upload a JPG containing the malware and then SQL injection in an old .ASP page to get said malware to execute.
Yes - .ASP - not .ASPX.
IMO, if you are a major player in security management, patch management and remote end point manipulation you should be rebuilding your ENTIRE stack CONSTANTLY.
Just like you were some kind of jet - rebuild the entire plane every x-number of years!
Are we all using the latest version of our libraries? I know I am not - and I need to address that!
-
Jul 7th, 2021, 12:50 PM
#16
Re: Kaseya Ransomware threat
I literally found out last week that it is theoretically possible to inject JPGs with malware. I never knew this nor was I aware of its practical applications.
-
Jul 7th, 2021, 12:53 PM
#17
Re: Kaseya Ransomware threat
Originally Posted by dday9
I literally found out last week that it is theoretically possible to inject JPGs with malware. I never knew this nor was I aware of its practical applications.
That made me curious...here is an example of it (conceptually)
https://umbrella.cisco.com/blog/pict...-hides-malware
Please remember next time...elections matter!
-
Jul 7th, 2021, 01:13 PM
#18
Re: Kaseya Ransomware threat
To add salt to the wound, just last week MS owned up to another attack vector - the common printer spooler service.
https://www.techrepublic.com/article...emote-attacks/
And of course anyone using Kaseya for end-point management is unable to push out the patch!
-
Jul 7th, 2021, 01:30 PM
#19
Re: Kaseya Ransomware threat
Considering the level of (non-chit-chat related) activity in this thread, I've moved this to General PC.
-
Jul 7th, 2021, 01:31 PM
#20
Re: Kaseya Ransomware threat
If I tell a few jokes will you move it back
Please remember next time...elections matter!
-
Jul 8th, 2021, 04:37 AM
#21
Re: Kaseya Ransomware threat
My two cents, no matter how secure the software or hardware, if the end user can somehow be manipulated... And, I love forums...
-
Jul 15th, 2021, 04:43 AM
#22
Re: Kaseya Ransomware threat
So much Internet crime. It seems to be everywhere:
I just had somebody contact me about mail order spirit companions that do not turn up and the people behind it, will just tell them they are too blocked to know they are there.
Please do not get scammed. Sadly there are so many people in the world that will take advantage of others and rip them off.
And yes, that is a real post that was made with a straight face.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|