On, July 2nd, a massive ransomware attack was launched against roughly 60 managed services providers (MSPs) by criminals associated with the REvil ransomware-as-a-service (RaaS) group. The attack leveraged the on-premises servers deployed by IT Management Software vendor Kaseya. It was initially thought that Kaseya might have been compromised themselves as a root cause -- similar to the compromises associated with SolarWinds software in December of 2020.

The REvil ransomware (a.k.a Sodinokibi) is a threat group that operates in the RaaS (Ransomware-as-a-Service) model, where the infrastructure and the malware are supplied to affiliates, who use the malware to infect target organizations. On July 2, the REvil threat group launched a supply chain ransomware attack using an exploit in Kaseya’s VSA remote management software. REvil claims to have infected more than one million individual devices around the world.

Cryptocurrencies, once the exclusive domain of an idealistic fringe movement, have recently become attractive to mainstream retail investors. During the COVID-19 pandemic, the valuation of cryptocurrencies rose exponentially, reaching a market capitalization of over $2 trillion. Cybercriminals are always looking for the path of least resistance to make money and cryptocurrencies are now in their crosshairs.

The corporate network can be a busy place with devices connecting, reconnecting and disconnecting every day. With the ever-growing landscape of today’s corporate networks, the difficulty of knowing and understanding what is on an enterprise network has highlighted the importance of effective asset discovery. So what does asset discovery involve? Asset discovery involves keeping a check on the active and inactive assets on a network.

Life science companies must implement quality processes into procedures in order to meet regulatory requirements and endpoint validation. But the implementation of quality processes is not an easy task. Managing the process of gathering feedback and gaining approval can be slow and comlex. In today's video, we will show how to handle Standard Operating Procedures or SOPs on the Egnyte platform and how to enable Part 11-compliant workflows for the review and approval process.

Users of Elastic Security are protected through numerous layers of protections against the REvil ransomware that affected Kaseya VSA and its customers. Elastic Security’s layered protections prevented 100% of the REvil ransomware samples tested before damage and loss could occur to the business. We believe that detections and preventions must be layered, as no single protection works 100% of the time.

Securing an organization’s sensitive data is hard, especially when the danger comes from within. A careless coworker may insecurely share credentials, an intruder may compromise an account, or a malicious insider may misuse their access rights. According to the 2020 Cost of Insider Threats Report [PDF] by IBM, 60% of organizations experienced more than 20 insider-related incidents in 2019. One promising solution to prevent insider threats is user and entity behavior analytics (UEBA).

The costs and consequences of a data breach or cybersecurity incident have never been more severe. According to the FBI’s recently released Internet Crime Report 2020, cybercrime resulted in $4 billion in losses last year, a low estimate that still encapsulates the incredible value lost to threats actors. For small businesses, the costs can be catastrophic. As Vox reports, 60% of small businesses will close after a data breach, underscoring the high-stakes bottom-line nature of cybersecurity.

Ransomware groups are becoming more boastful and even advertising for affiliates, according to a recent article. Read more to see which groups are more active and how to defend your organization.

In a SecureAuth survey, 62% of respondents claimed to use the same password across three to seven different accounts. It begs the question: If passwords play an integral role in cybersecurity performance, why are people so remiss when it comes to practicing good password hygiene? Practicing good password hygiene is a security measure that organizations must take to protect against cyber threats.