WHAT ARE YOU LOOKING FOR?

Continuous Updates: Everything You Need to Know About the Kaseya Ransomware Attack

News thread Affichages : 680
Continuous Updates: Everything You Need to Know About the Kaseya Ransomware Attack

Kaseya Ransomware Attack Information

On July 2, IT management software maker Kaseya informed customers that it had launched an investigation into an attack targeting customers of its VSA product. The attackers leveraged zero-day vulnerabilities — as well as legitimate VSA functionality — to deliver the REvil ransomware to MSPs and their customers.

The attack appears to impact tens of Kaseya customers and hundreds of downstream businesses.

The cybercrime group that launched the attack used the ransomware to encrypt files on compromised systems and they are hoping to earn tens of millions of dollars as a result.

SecurityWeek is covering all the new information that emerges and here you can find a summary of all articles on this topic, as well as other useful resources. This article will be regularly updated with new information.

News Coverage

Researchers Reproduce Exploit Used in Kaseya Hack (07.07.2021) - Researchers have reproduced the exploit used in the Kaseya hack, just as the company’s CEO downplayed the impact of the attack.

Swedish Supermarket Closed by Kaseya Cyberattack (07.06.2021) - Most of the 800 shops of Swedish supermarket chain Coop were closed as a result of the Kaseya attack.

Hackers Demand $70 Million as Kaseya Ransomware Victim Toll Nears 1,500 Firms (07.06.2021) - The attack impacted up to 1,500 organizations, but Kaseya claimed there was no evidence of malicious modifications to product source code. The vendor is working on patching the zero-day vulnerability exploited in the attack.

Scale, Details of Massive Kaseya Ransomware Attack Emerge (07.05.2021) - More information comes to light regarding the attack on Kaseya, including the ransom demand, the number of impacted organizations.

IT Software Firm Kaseya Hit By Supply Chain Ransomware Attack (07.03.2021) - Kaseya is urging users of its VSA product to immediately shut down servers to prevent them from being compromised in a widespread ransomware attack.

Useful Resources

Compromise detection tool from Kaseya

Incident overview and technical details from Kaseya

Security notice from Kaseya (regularly updated)

Detailed analysis of the attack by Huntress

Detailed analysis of malware delivery by Sophos

CISA-FBI guidance for MSPs and their customers

view counter
image
Previous Columns by SecurityWeek News:
Continuous Updates: Everything You Need to Know About the Kaseya Ransomware Attack
Sevco Security Banks $15 Million Series A Funding
Google Rolls out E2EE For Android Messages App
Webinar Today: CISO Guide to Preventing Vendor Email Compromise
Ransomware Attack Hits Nantucket, Martha's Vineyard Ferry Service

2021 ICS Cyber Security Conference | USA [Hybrid: Oct. 25-28]

view counter

2021 Singapore/APAC ICS Cyber Security Conference [Virtual: June 22-24]

view counter

Virtual Event Series - Security Summit Online Events by SecurityWeek

view counter

2021 CISO Forum: September 21-22 - A Virtual Event

view counter

sponsored links

Tags:
View the discussion thread.
Image
Back To Top

Pensée du jour :

Ce que l'homme a fait ,

l'homme peut le défaire.

 

"No secure path in the world"

Category

Popular Sections

About