The zero-day vulnerability that was used to crack the Kaseya VSA servers on site was being fixed, just as the REvil ransomware gang used it for a massive attack on Friday, which has since spread all over the world.
The zero-day Kaseya vulnerability was discovered by DIVD researcher Wietse Boonstra and identified as CVE-2021-30116.
Access to the Kaseya VSA servers has been removed as quickly as possible to prevent the further spread of the vulnerability.
A new update of Kaseya recommends that all VSA on-premise servers remain offline until a patch is released.
Kaseya is also in the process of putting its SaaS server farms online and developing a plan for hosted VSA servers.
For more information, read the orignal story in Bleeping Computer.
