![]() ![]() #Kaseya agent download software#The attacker was able to exploit vulnerabilities in the VSA software and leverage it to disseminate ransomware across the Kaseya customer base.īased on a public announcement, the infamous REvil gang claimed to be the orchestrator of this attack. This type of software, by its nature, requires broad access and elevated trust on the systems it monitors, making it especially attractive to attackers – made worse by the ability to compromise so many customers at one time. Kaseya VSA is used by companies of various sizes and technology-service providers and it is adopted for remote management, software patching, and monitoring of systems on computer networks. While this second attack was opportunistic and based on traditional social-engineering techniques, the original one was sophisticated, using zero-day vulnerabilities that targeted the Kaseya virtual systems/server administrator (VSA) software. #Kaseya agent download update#To make matters worse, on July 7 th, Malwarebytes reported a malware spam campaign capitalizing on the awareness and distress caused by this ransomware attacks by spreading bogus links purporting to be a Microsoft security update when in fact it was a dropper for a Cobalt Strike payload. For example, it has been reported that a Swedish supermarket chain was forced to close some outlets for several days after the attack due to the effects caused by the ransomware. However, based on third-party reports, it appears that a much wider attack unfolded with a significant impact on the US and European retail market. Many of those companies were small and midsize businesses with little direct exposure to consumers. Three days after the deployment of ransomware, on July 5 th, Kaseya reported that fewer than 1,500 businesses were affected by the attack. Kaseya provides IT solutions to help other businesses manage computers within their networks making it an optimal target to launch this type of attack. Unlike with SolarWinds, the intention of this supply-chain attack has been destructive by deploying ransomware at a massive scale. On July 2 nd a supply chain attack was initiated using the software of a US company called Kaseya reminiscent in scale of the SolarWinds incident discovered in late 2020. General Security Advisories and Statements. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |