Security News > 2021 > July > CISA, FBI share guidance for victims of Kaseya ransomware attack
CISA and the Federal Bureau of Investigation have shared guidance for managed service providers and their customers impacted by the REvil supply-chain ransomware attack that hit the systems of Kaseya's cloud-based MSP platform.
The two federal agencies advise MSPs affected by the Friday REvil attack to further check their systems for signs of compromise using a detection tool provided by Kaseya over the weekend and enable multi-factor authentication on as many accounts as possible.
National Security Council July 4, 2021 REvil hits Kaseya customers in largest ever ransomware attack.
The massive REvil ransomware attack hit multiple managed service providers who are using Kaseya's cloud-based MSP platform for patch management and client monitoring for their customers.
To breach Kaseya on-premises VSA servers, the REvil affiliate behind the attack used a zero-day vulnerability - Kaseya VSA is a RMM software.
The REvil ransomware group claims to have encrypted over 1,000,000 systems and first demanded $70 million for a universal decryptor to decrypt all Kaseya attack victims.
News URL
Related news
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)
- CISA tags Progress Kemp LoadMaster flaw as exploited in attacks (source)
- Five backup lessons learned from the UnitedHealth ransomware attack (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- CISA says BianLian ransomware now focuses only on data theft (source)
- SafePay ransomware gang claims Microlise attack that disrupted prison van tracking (source)
- Blue Yonder ransomware attack disrupts grocery store supply chain (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Starbucks, grocery stores impacted by Blue Yonder ransomware attack (source)