How the Kaseya mass ransomware happened

preview_player
Показать описание
Learn how the Kaseya ransomware attack was made possible.
In this webinar, we will guide you through: How it happened, the implications, ways it could have been avoided, how to identify indicators of attack, how the malware was deployed, and what it actually did.

#kaseyaVSA #ransomware #cyberattack

Together with Truesec Experts:
Rasmus Grönlund, Cybersecurity specialist
Fabio Viggiani, Technical Lead, cybersecurity

Questions we answer up to in the webinar:
1.What happened ?
2. Who is affected?
3. How did the VSA systems get compromised?
4. What was killchain - how did things get executed
5. What is the impact on affected resources?
6. What should one that has been affected do?

7. What is happening now to fix this?

Q/A
  1. Truesec
  2. #kaseyaVSA
  3. ransomware
  4. truesec
  5. cyberattack
  6. kaseya attack
Рекомендации по теме
How the Kaseya 0:47:48

How the Kaseya mass ransomware happened

How the Kaseya 0:37:25

How the Kaseya mass ransomware happened - Video on demand

The Kaseya Ransomware 0:05:01

The Kaseya Ransomware Attack - What Happened?

Kaseya VSA Ransomware 0:16:26

Kaseya VSA Ransomware July 2021

Kaseya Ransomware Attack 0:09:26

Kaseya Ransomware Attack - 5 Key Insights into this Malware campaign

Kaseya VSA Ransomware 0:07:30

Kaseya VSA Ransomware Technical Details and Huntress PoC

Kaseya Ransomware Presentation 0:05:01

Kaseya Ransomware Presentation

Kaseya hack Explained 0:20:27

Kaseya hack Explained – How was Kaseya Hacked? Kaseya hack floods hundreds of co's with ransomw...

Everything You Need 0:03:56

Everything You Need to Know About Kaseya's Ransomware Attack | Shelly Palmer on Fox 5

Kaseya Ransomware Attack 0:29:38

Kaseya Ransomware Attack Explained: What You Need To Know | Breach Report

What You Need 0:18:17

What You Need to Know About Kaseya Ransomware| AT&T ThreatTraq

BREAKING: Kaseya Ransomware 0:05:05

BREAKING: Kaseya Ransomware Attack! (Supply-chain + Ransomware)

It was a 0:21:33

It was a *LONG* weekend — Here’s the vital info on REvil and Kaseya

Kaseya Hack: The 0:07:05

Kaseya Hack: The Whole Story

The Kaseya Ransomware 0:08:57

The Kaseya Ransomware Attack Might Be Huge

Fast API resolving 0:29:43

Fast API resolving of REvil Ransomware related to Kaseya attack

SentinelOne vs Sodinokibi 0:04:01

SentinelOne vs Sodinokibi (REvil) - Linked to the Kaseya Supply Chain Attacked (ransomware)

2021 07 08 1:30:40

2021 07 08 17 00 Learnings from the Kaseya Supply Chain Attack and Mass Ransomware Incident

Learnings from Kaseya 0:31:13

Learnings from Kaseya Supply Chain Attack and Mass Ransomware Incident

Kaseya ransomware attack 0:00:38

Kaseya ransomware attack

Kaseya’s REvil Ransomware 0:03:16

Kaseya’s REvil Ransomware Attack

Kaseya Gets Hacked 0:11:07

Kaseya Gets Hacked in the Biggest Ransomware Attack in History.

REvil, Kaseya and 0:06:32

REvil, Kaseya and MSPs: An RSA Conference Interview with John Hammond

Kaseya attack hit 0:01:33

Kaseya attack hit up to 1,500 businesses, CEO says

Комментарии
Автор

Very interesting information. I work at an affected store in Sweden. It's been some worrying days. But now some IT guy fixed some of the computers.

fhalaris
Автор

It will be interesting to see who buys out Kaseya in the next few months. Which of the other big players will "take advantage" of their demise and revaluation to swoop on the wounded company.

ianmcpherson
Автор

Hosted Kaseya behind a VPN would have stopped it. It's the public exposure to the Internet that made it possible to get in.

RevealtechnologyNet
Автор

When warned about the zero-day, why didn't Kaseya just immediately advice their customers to promptly isolate the systems from, at least, unprotected access from the Internet? The flav making the zero-day effective is obviously the Internet connected systemes having too weak (no!) protection from access.

danneb
Автор

Funny how individuals are also not safe from ransomware attack.

Hosting your website on AWS is what i think its the best bet if you
chose a good machine image to start from. Most of the image available on
AWS have good security built in. But you need to be fairly proficient
on web server management to make sure you have your server secure as
possible.

You also need to make sure the code you are running on your AWS instance is good and solid.

The big thing you want to make sure you have in place is a good recovery
system. Meanwhile a cybersecurity firm like horuxx, com offers services
ranging from hack-tracing to recovery to both companies and individuals
and they are reliable too, started using them when i kept getting
attacked

Hackers are capable of hijacking almost anything on the internet, the
best you can do is make it more difficult to get your application so
they move to somebody else.

ella
Автор

IQLL, is a big problem I have in my 4 hd's . . .

josearnaldopinheirodossant
Автор

You never get 100% of the files decrypted after you pay. At best you can get around 65% decrypted/returned files. Take the loss and hunt them down.

aszthrotep
Автор

This just rambles and isn't very specific. Not sure what the target audience is for this.

ShadCollins
Автор

Sophisticated attack. Must be state sponsored.

PassionataDance