image credit: vecteezy
The attack on Kaseya and its customers came to light on July 2. The company immediately shut down its VSA remote monitoring and management product to prevent further damage. An investigation revealed that the attackers exploited some zero-day vulnerabilities to deliver the REvil ransomware to the MSPs that use VSA, as well as the customers of those MSPs.
Kaseya has determined that only on-premises VSA installations are impacted and it has been working on patches for the exploited vulnerabilities, but it has yet to release the fixes due to some issues uncovered at the last moment.
Comments are closed.
