Security News > 2021 > July > Kaseya Releases Patches for Vulnerabilities Exploited in Ransomware Attack

IT management solutions provider Kaseya has released patches for the vulnerabilities exploited in the recent ransomware attack, and the company has also started restoring SaaS services.

Kaseya shut down its VSA remote monitoring and management product on July 2, shortly after learning of a ransomware attack targeting the company and its customers.

The attackers exploited zero-day vulnerabilities in VSA to deliver REvil ransomware to the MSPs that use the product, as well as to their customers - it's currently estimated that between 800 and 1,500 organizations were hit.

Kaseya had patched some of the vulnerabilities before the REvil ransomware attack was launched, but some remained unfixed, enabling the attackers to exploit them to achieve their goals.

It's still unclear exactly which vulnerabilities were exploited, but DIVD said the attack involved two flaws, including one reported by its researchers.

According to managed detection and response company Huntress, which has monitored the attack and developed a proof-of-concept exploit for the vulnerabilities used in the attack, the patch does appear to prevent exploitation.

News URL

http://feedproxy.google.com/~r/securityweek/~3/ircqy0HuhfM/kaseya-releases-patches-vulnerabilities-exploited-ransomware-attack