Victor Gevers

January 10, 2017

Extortionists Wipe Thousands of Databases, Victims Who Pay Up Get Stiffed

This post was originally published on this siteTens of thousands of personal and possibly proprietary databases that were left accessible to the public online have just been wiped from the Internet, replaced with ransom notes demanding payment for the return of the files. Adding insult to injury, it appears that virtually none of the victims have paid the ransom have gotten their files back because multiple fraudsters are now wise to the extortion attempts and are competing to replace each other’s ransom notes. At the eye of this developing data destruction maelstrom is an online database platform called MongoDB. Tens of thousands of […]
July 8, 2021

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

This post was originally published on this site Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago. On July 3, the REvil ransomware affiliate program began using a zero-day security hole (CVE-2021-30116) to deploy ransomware to hundreds of IT management […]