TOP-3 cybersecurity events of the week according to Jet CSIRT
The main cybersecurity news of the week is the attack on the Kaseya VSA. Also in the TOP 3 today are unscheduled security updates for the PrintNightmare vulnerability and the vulnerability in Philips Vue medical products. The news was chosen by Alexander Akhremchik, leading analyst of the center for monitoring and responding to incidents of information security Jet CSIRT of Jet Infosystems.
REvil Operators Attacked Over 1000 Companies Through Kaseya VSA Solution Supply Chain
The attack became known on July 2. According to an analysis by Huntress specialists, who are investigating the incident together with the Kaseya team, the attackers took advantage of the SQLi vulnerability and bypassed authentication to gain access to the Kaseya VSA servers. Later, on the darknet website of the REvil group, a demand for a ransom in the amount of $ 70 million for decryption keys appeared. For reference: Kaseya VSA is a cloud-based IT management and remote monitoring solution for MSP providers.
Microsoft releases unscheduled security updates for PrintNightmare vulnerability
Microsoft has released a crash patch for PrintNightmare (CVE-2021-34527), two critical remote code execution (RCE) vulnerabilities in the Windows Print Spooler service. According to the post CISA (US Agency for Cyber and Infrastructure Security), the updates fix only the ability to remotely exploit the vulnerability (via RDP or SMB), but not the local privilege escalation option. Also, the updates do not affect Windows 10 1607, Windows Server 2012, and Windows Server 2016. Microsoft says updates for these versions will be available at a later date.
15 vulnerabilities found in Philips Vue medical products
CISA has released information on 15 vulnerabilities affecting Philips Vue medical products. Several issues have been found in third party components such as Redis, 7-Zip, Oracle Database, jQuery, Python, and Apache Tomcat. The vulnerabilities found affect Philips Clinical Collaboration Platform Portal (Vue PACS) solutions, including MyVue, Vue Speech and Vue Motion.