Important Kaseya Notice! Turn VSA Off. Now. Ransomware. Updated cvvme-shopru, fe-shoplink

Here, have a cookie! See our Privacy Policy to learn more.
Saturday morning July 3: They were hit with a REvil ransomware attack it looks like.  Friday July 2 at 11pm they said :
Monday Morning July 5: The press is all over this. The damage is hard to estimate because they hit dozens of MSPs.  Looks like R#Evil exploited a vulnerability that had been disclosed {CVE-2021-30116} and one that Kaseya was working on to fix , but too late.
Coindesk reports that REvil wants $70 million dollars from 200 US firms.  More about this at ZDNet . They say the 70M is for a universal decription key.  Associated Press looks at this from the cyber insurers perspective and the picture ain’t pretty . 
Tuesday Morning July 6: Technically this was a 0-day. Bleepingcomputer has some background .  You wonder how REvil got their hands on it, but researchers said it was simple to exploit. 
Tuesday Afternoon July 6: NEW Former hacker Kevin Mitnick on the latest global ransomware attack.
Wednesday Morning July 7:  Kaseya NOT able to bring its service online after CEO vowed it would be back within ‘hours’. Company said that an issue was discovered that has blocked the release.  And of course there are malware campaigns that are jumping on this, offering a malicious download to fix the Kaseya problem.
Thursday Morning July 8: Kaseya left customer portal vulnerable to 2015 flaw in its own software Story at Krebs.  
Friday Morning July 9:  WIRED Mag has a great backgrounder : “The Unfixed Flaw at the Heart of REvil’s Ransomware Spree. 
Tuesday Morning July 13: Here is a good wrap-up by ZDNet.
Friday Morning July 23:  Kaseya obtains universal decryptor key for recent REvil ransomware attacks
Monday July 26: Kaseya Says It Did Not Pay Ransom to Obtain Universal Decryptor. Story Here:
cvvme-shopru fe-shoplink

This entry was posted in Статьи. Bookmark the permalink.