dw.com

US technology company Kaseya urged customers to shut down their servers
on Friday after cyberattackers smuggled ransomware onto its network
platform.

The REvil gang, a major Russian-speaking ransomware syndicate, appears
to be behind the attack, said John Hammond of the security firm Huntress
Labs. He added that the criminals used Kaseya's network-management
package as a conduit to spread the ransomware through cloud-service
providers.

Huntress Labs said on Saturday that the software was manipulated "to
encrypt more than 1,000 companies."

- - -

Yes, yes, that wonderful remote server-management
software just makes life so GOOD - for the hackers.

Hire real sysadmins - no more software that can
administer a rectal injection of malware into
thousands of systems at once. That's proven
professional malpractice at this point - costing
millions, soon billions.

skreez214 wrote:
> dw.com
>
> US technology company Kaseya urged customers to shut down their servers
> on Friday after cyberattackers smuggled ransomware onto its network
> platform.
>
> The REvil gang, a major Russian-speaking ransomware syndicate, appears
> to be behind the attack, said John Hammond of the security firm Huntress
> Labs. He added that the criminals used Kaseya's network-management
> package as a conduit to spread the ransomware through cloud-service
> providers.
>
> Huntress Labs said on Saturday that the software was manipulated "to
> encrypt more than 1,000 companies."
>
> - - -
>
> Yes, yes, that wonderful remote server-management
> software just makes life so GOOD - for the hackers.
>
> Hire real sysadmins - no more software that can
> administer a rectal injection of malware into
> thousands of systems at once. That's proven
> professional malpractice at this point - costing
> millions, soon billions.

'I scrounged through the trash heaps... now I'm a millionaire:' An
interview with REvil's Unknown

https://therecord.media/i-scrounged-through-the-trash-heaps-now-im-a-millionaire-an-interview-with-revils-unknown/

On 03.07.2021 at 20:39, skreez214 scribbled:

> The REvil gang, a major Russian-speaking ransomware syndicate,
> appears to be behind the attack, said John Hammond of the security
> firm Huntress Labs.

He's in security now? I thought he had already long retired, and
especially after the fiasco with those dinosaurs on that island near
Costa Rica.

--
With respect,
= Aragorn =

On 07/04/2021 06:46 AM, Aragorn wrote:
> On 03.07.2021 at 20:39, skreez214 scribbled:
>
>> The REvil gang, a major Russian-speaking ransomware syndicate,
>> appears to be behind the attack, said John Hammond of the security
>> firm Huntress Labs.
>
> He's in security now? I thought he had already long retired, and
> especially after the fiasco with those dinosaurs on that island near
> Costa Rica.

Well, dinosaurs ... bad investment. Too much upkeep :-)

But I'm not kidding about remote-management software.
It's a knife in your back. It is professional malpractice.
Hire HUMANS at the local levels. Have THEM install the
various updates and such.

skreez214 wrote:
> dw.com
>
> US technology company Kaseya urged customers to shut down their servers
> on Friday after cyberattackers smuggled ransomware onto its network
> platform.
>
> The REvil gang, a major Russian-speaking ransomware syndicate, appears
> to be behind the attack, said John Hammond of the security firm Huntress
> Labs. He added that the criminals used Kaseya's network-management
> package as a conduit to spread the ransomware through cloud-service
> providers.
>
> Huntress Labs said on Saturday that the software was manipulated "to
> encrypt more than 1,000 companies."
>
<snip>

Incident Overview & Technical Details – Kaseya
https://helpdesk.kaseya.com/hc/en-gb/articles/4403584098961

Remote code execution in Kaseya VSA
https://www.cybersecurity-help.cz/vdb/SB2021070501

trimmed, removed comp.os.linux since that is not on my server

FifthRootOfPi <5thRtOfPi.net> wrote:
> On 07/04/2021 06:46 AM, Aragorn wrote:
<snip>

>But I'm not kidding about remote-management software.
>It's a knife in your back. It is professional malpractice.
>Hire HUMANS at the local levels. Have THEM install the
>various updates and such.

I fully agree, 30 years ago people managed to function
without remote software. All they had to do was hire
people. But that decreases the CEO Bonus, so we all
know this trend will never stop.

Putting critical systems on the internet to save a few
$ is incompetent, but these companies do *not* even get
embarrassed any more, never mind loosing some of their
bottom line. They just make their customers pay to
make up the difference.

In <sc1v2c$q0d$1@dont-email.me> John McCue:

> incompetent, but these companies do *not* even get
> embarrassed any more, never mind loosing some of their
> bottom line. They just make their customers pay to
> make up the difference.

Exactly. The Equifax meltdown was the last straw for me.

It was crystal clear to me Equifax not only didn't care one
iota about system security. They also didn't care about the
havoc they wreaked with customers' livea and finances.

The penalties invovled for the criminal negligence amounted
to ludicrous wrist slaps.

Just for starters, useless "free credit monitoring" is like
insurance companies handing out hammers and nails after the
house burned down.

Victims were left totally on their own in cleaning up their
ruined credit and fending off collection agencies. For some
it took years, and very often was never fully resolved.

Now, malware is moving from purely financial losses, to the
realm of outright physically threatening cyber warfare (the
Colonial Pipeline debacle).

None of these companies will even start to care until their
top dawgs go to jail for deliberately enabling malware.

--
Regards, Weird (Harold Stevens) * IMPORTANT EMAIL INFO FOLLOWS *
Pardon any bogus email addresses (wookie) in place for spambots.
Really, it's (wyrd) at att, dotted with net. * DO NOT SPAM IT. *
I toss GoogleGroup (http://twovoyagers.com/improve-usenet.org/).

On 07/06/2021 06:13 PM, Harold Stevens wrote:
> In <sc1v2c$q0d$1@dont-email.me> John McCue:
>
>> incompetent, but these companies do *not* even get
>> embarrassed any more, never mind loosing some of their
>> bottom line. They just make their customers pay to
>> make up the difference.
>
> Exactly. The Equifax meltdown was the last straw for me.
>
> It was crystal clear to me Equifax not only didn't care one
> iota about system security. They also didn't care about the
> havoc they wreaked with customers' livea and finances.
>
> The penalties invovled for the criminal negligence amounted
> to ludicrous wrist slaps.
>
> Just for starters, useless "free credit monitoring" is like
> insurance companies handing out hammers and nails after the
> house burned down.
>
> Victims were left totally on their own in cleaning up their
> ruined credit and fending off collection agencies. For some
> it took years, and very often was never fully resolved.
>
> Now, malware is moving from purely financial losses, to the
> realm of outright physically threatening cyber warfare (the
> Colonial Pipeline debacle).
>
> None of these companies will even start to care until their
> top dawgs go to jail for deliberately enabling malware.

But these are the people who OWN a pockeful of senators,
congresscritters and judges. With money, and/or some
level of "indespensibility", the chances of these CEOs
and boards facing any serious penalties are very low.
The board will just offer up a human sacrifice or two
and that'll satisfy everybody important.

Re-read your Machiavelli - especially his 'Discourses'.
That's how things REALLY work. Have for thousands of
years. Your only good defense ; become ONE of them.

Unfortunately, it is now essentially impossible to NOT
have a substantial online shadow. I suppose you could
move to Congo or Afghanistan or into the depths of
the Amazon and just disappear off the radar, but it
won't be much of a life. Your best weapon is lawyers
who specialize in gouging those who gouged you. They
WILL take a fat cut though .....