Security News > 2021 > July > Kaseya Releases Patches for Vulnerabilities Exploited in Ransomware Attack
IT management solutions provider Kaseya has released patches for the vulnerabilities exploited in the recent ransomware attack, and the company has also started restoring SaaS services.
Kaseya shut down its VSA remote monitoring and management product on July 2, shortly after learning of a ransomware attack targeting the company and its customers.
The attackers exploited zero-day vulnerabilities in VSA to deliver REvil ransomware to the MSPs that use the product, as well as to their customers - it's currently estimated that between 800 and 1,500 organizations were hit.
Kaseya had patched some of the vulnerabilities before the REvil ransomware attack was launched, but some remained unfixed, enabling the attackers to exploit them to achieve their goals.
It's still unclear exactly which vulnerabilities were exploited, but DIVD said the attack involved two flaws, including one reported by its researchers.
According to managed detection and response company Huntress, which has monitored the attack and developed a proof-of-concept exploit for the vulnerabilities used in the attack, the patch does appear to prevent exploitation.
News URL
Related news
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- CUPS vulnerabilities could be abused for DDoS attacks (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)
- Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between (source)
- BianLian ransomware claims attack on Boston Children's Health Physicians (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)