REvil

Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.

Read More Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Russian hacking group REvil attacks 200 networks in the U.S., audio software Audacity is being called a spyware and Google removes nine apps from the Play Store for infiltrating Facebook logins.  It’s all the biz/tech news that’s popular right now. Welcome to Hashtag Trending! It’s Tuesday, July 6 and I’m your host Tom Li. […]

The post Hashtag Trending, July 6 – REvil ransomware attack; Audacity is spyware; Google app control first appeared on IT World Canada.

Read More Hashtag Trending, July 6 – REvil ransomware attack; Audacity is spyware; Google app control

The U.S. Department of Justice said today it has recovered $2.3 million worth of Bitcoin that Colonial Pipeline paid to ransomware extortionists last month. The funds had been sent to DarkSide, a ransomware-as-a-service syndicate that disbanded after a May 14 farewell message to affiliates saying its Internet servers and cryptocurrency stash were seized by unknown law enforcement entities.

Read More Justice Dept. Claws Back $2.3M Paid by Colonial Pipeline to Ransomware Gang

In a Twitter discussion last week on ransomware attacks, KrebsOnSecurity noted that virtually all ransomware strains have a built-in failsafe designed to cover the backsides of the malware purveyors: They simply will not install on a Microsoft Windows computer that already has one of many types of virtual keyboards installed — such as Russian or Ukrainian. So many readers had questions in response to the tweet that I thought it was worth a blog post exploring this one weird cyber defense trick.

Read More Try This One Weird Trick Russian Hackers Hate

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained funds from an account the group uses to pay affiliates.

Read More DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized