Kaseya Patches Imminent After Zero-Day Exploits, 1,500 Impacted.


The worldwide July 2 attacks on the Kaseya Virtual System/Server Administrator (VSA) platform by the REvil ransomware gang turn out to be the result of exploits for at least one zero-day security vulnerability, and the company is swinging into full mitigation mode, with patches for the on-premise version coming sometime this week, it said.

That MSP connection allowed REvil access to those customers-of-customers, and there are around 1,500 downstream businesses now affected, Kaseya said in an updated rolling advisory.

Read More…