Kaseya & PrintNightmare: Cybersecurity News from the Week of 06/28/21

Last week’s news features a significant ransomware supply chain affecting more than a thousand companies worldwide. Microsoft also warned of a new zero-day related to the Windows Print Spooler. And a Russian military unit has been using a Kubernetes cluster for the last two years to conduct attacks on US and foreign organizations.

• Large IT/MSP Platform Provider Hit with REvil Ransomware in Supply Chain Attack
• Businesses Warned of a PrintNightmare
• Russian Military Attacking US Organizations Using Kubernetes Clusters

Final Words

Whether attacks involve ransomware or brute-force hacking, vulnerabilities and bugs are often at the heart of the attack vector. Each year, thousands of new vulnerabilities are discovered, which pose a significant threat to businesses.  Studies suggest that software vulnerabilities account for 42% of the most common attack vectors and web applications account for 35%. Further, research shows that almost half of all breaches result from a software vulnerability and at least three-quarters of all applications tested have at least one security flaw, with many applications having multiple flaws.

It isn’t just criminal gangs, such as REvil that are leveraging these vulnerabilities for ransomware. As this week’s articles suggest, organizations like the Russian military also regularly use vulnerabilities to breach and infiltrate corporate and government systems, as well as expand the attack surface. In fact, researchers believe that nation-states, like Russia, are stockpiling vulnerabilities and zero-days for future use.

Staying on top of the patches and protecting an organization from an attack can be a challenge for any organization, which is why vulnerability management can significantly benefit an organization’s overall security posture. Additionally, 24x7x365 monitoring coverage through managed detection and response can alert your staff to potential and active threats. And penetration testing provides  invaluable insight into actual existing vulnerabilities on your network as well as tactical remediations to help prevent an attack.

By identifying, prioritizing, and remediating vulnerabilities in enterprise assets, organizations can protect themselves from threats like the types of dangerous attacks generated by nation states and criminal gangs.