[WARNING] Crticial Ransomware Incident in Progress with MSPs running Kaseya VSA

[nlinecomputers]

https://www.reddit.com/r/msp/comments/ocggbv

 

[GTP]

And yet...people are still complaining about the "security features" in Windows 11.

 

[nlinecomputers]

And yet...people are still complaining about the "security features" in Windows 11.

Bitlocker encryption doesn't stop ransomware.

 

[GTP]

True, but adding more security into an OS has to be better than not adding extra security.
Anything that makes it harder for the bad guys has to be a good thing.

 

[Galdorf]

True, but adding more security into an OS has to be better than not adding extra security.
Anything that makes it harder for the bad guys has to be a good thing.

not really they can use that security feature against you like using a tpm to cloak malware from antivirus.
That stuff exists in the wild https://www.usenix.org/legacy/event/sec11/tech/full_papers/Dunn.pdf

https://www.swascan.com/bitlocker-ransomware-malware-analysis/

https://www.wired.com/2017/03/clever-doubleagent-attack-turns-antivirus-malware/

 

[Porthos]

Kaseya obtains universal decryptor for REvil ransomware victims

Kaseya received a universal decryptor that allows victims of the July 2nd REvil ransomware attack to recover their files for free.

www.bleepingcomputer.com

 

[Galdorf]

The thing is anti-virus gives your computer a larger attack surface except for Microsoft defender because of the way it works malware writers look for vulnerabilities in endpoint software anything written in C/C++ is vulnerable to overflow attacks.
That is why i usually ask customers not to buy nortons, mcafee,kaspersky, bitdefender ect. and stick with microsoft defender in windows 10.

https://arstechnica.com/gadgets/2021/08/how-to-go-from-stolen-pc-to-network-intrusion-in-30-minutes/