Kaseya Patches VSA Vulnerabilities Used in REvil Attack

Share post:

The IT management software provider Kaseya has recently closed the seven zero-day vulnerabilities that the Ransomware gang REvil uses to attack MSPs and their customers.

While the Dutch Institute for Vulnerability Disclosure (DIVD) announced the seven vulnerabilities in April, Kaseya implemented patches for most vulnerabilities in the VSA SaaS service.

The operation was only completed when the Ransomware gang REvil ended it and used it to launch a massive attack on 60 MSPs on July 2.

Kaseya urged customers to follow the “On-Premises VSA Startup Readiness Guide” steps before installing the update to prevent further breaches and ensure the devices are not compromised before installation.

For more information, read the original story in Bleeping Computer.

Featured Tech Jobs


Related articles

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

UK leads takedown of LockBit ransomware gang’s website

The LockBit ransomware gang’s website has been seized, several news agencies reported late Monday. The Reuters news agency and The Register are carrying stories based on a new splash screen that has appeared on the gang’s website. It says, “This site is now under the control of the National Crime Agency of the UK, working

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways