Threat Brief: Kaseya VSA Ransomware Attack


This post is also available in: 日本語 (Japanese)

Executive Summary

On July 2, attackers reportedly launched attacks against users of the Kaseya VSA remote monitoring and management software as well as customers of multiple managed service providers (MSPs) that use the software. They used access to the VSA software to deploy ransomware associated with the REvil/Sodinokibi ransomware-as-a-service group, according to reports. Kaseya has stated that the attack was conducted by exploiting a vulnerabi…

Read More