Kaseya Patches Zero-Days Used in REvil Attacks
Kaseya, a company targeted by REvil ransomware gang in a massive supply chain attack, has kept its promises and released patches that address critical zero-day vulnerabilities in the Virtual System/Server Administrator platform that was originally hit by cyberattackers. The security update addresses three different VSA vulnerabilities leveraged by REvil to launch the worldwide supply-chain attack on MSPs and their customers.
On its website, Kaseya confirmed that all of its software-as-a-service customers were back up and running, however, the company was still working to restore some on-premises customers that required assistance. The attack occurred on July 2, when the REvil gang launched more than 5,000 attacks utilizing the string of vulnerabilities. The attacks affected organizations in 22 different countries and affected both Kaseya’s MSP customer base and the MSPs’ customer bases as well. The companies used Kaseya’s VSA to remotely monitor and manage software and network infrastructure. Clients either used the service through a hosted cloud by Kaseya or through on-premises VSA servers. The FBI and CISA released guidance on how to handle the attack to victims last week.