All about Virtualization and Cloud Security | Recent Articles:

Update: July 13, 2021 -- Kaseya issued a critical security update for VSA users that is available on their site - Kaseya Critical Security Update. We recommend users follow Kaseya's recommended updates as soon as possible. 

- - - - - - - - - - - - - - -

We continue to monitor and analyze the attack using Kaseya Software to deploy a variant of REvil ransomware into a victim’s environment. The attack targeted Kaseya’s managed service provider (MSP) customers, which often provide IT support to small- to medium-size businesses. By targeting MSPs, attackers also seek to access and infiltrate the MSP’s customers computer networks.  

Advanced Persistent Threats (APTs) are sophisticated, stealthy attacks designed to gain access to an organization’s network systems over a long period of time in order to covertly steal sensitive information or drain financial resources. 

• Bitdefender identified a new attack attributed to a sophisticated actor offering advanced-persistent-threats-as-a-service
• The targeted company is engaged in architectural projects with billion-dollar luxury real-estate developers in New York, London, Australia and Oman
• The Bitdefender technology stacks detect the used payloads as well as the malicious behavior

Sophisticated threats remain one of the main concerns in enterprises today. As environments grow in complexity, malware actors find innovative ways to infiltrate overlooked entry points in the network, hiding behind the scenes to wreak havoc without ever making a full-blown appearance.

Could critical infrastructure attacks be making a comeback? Or did these invisible threats never leave in the first place? Extensive research reveals that as many as four threat actors many have been involved in creating Stuxnet, the sophisticated computer worm that demolished Iran’s nuclear infrastructure in 2007. In light of recent discoveries about similarities in malware samples, cyberespionage appears to be a growing threat that can hide for years before its discovered.

Anthem, the second-largest health insurer in the US, will pay $16 million to the US Department of Health and Human Services, Office for Civil Rights following a data breach that exposed the electronic protected health information (ePHI) of almost 80 million people. Anthem will also initiate a corrective action plan to include thorough risk analysis and regular reporting.

The financial services industry has been one of the most targeted in 2018, with third-party risks still the main cause of data breaches in this sector. Almost 50 percent of financial institutions were breached in the past year, found a survey conducted by Bitdefender, while almost 60 percent experienced an advanced persistent attack or seen signs of suspicious behavior in their infrastructure.

The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments were detected. Key targets include Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing. From as early as May 2016, CERT says extensive Advanced Persistent Threat tactics, techniques, and procedures were deployed to infiltrate MSPs (managed service providers) customer networks to steal confidential information and interfere with government and business operations.

Bitdefender has recently investigated a series of advanced cyberattacks aimed at financial institutions, designed to covertly exfiltrate massive amounts of money in coordinated strikes.