An active supply-chain attack is currently underway on Kaseya’s VSA, a product that is used to manage company networks. The supply-chain attack which is being used to distribute ransomware is thought to be the responsibility of the notorious ransomware gang known as REvil.
The ransomware is distributed to clients via an auto-update triggered remotely and therefore, the company Kaseya has urgently requested that any client who has a VSA server running, shut it down immediately. By turning off VSA servers, the chance of a compromise is reduced. The servers should remain off until further notice from Kaseya.
Updates from Kaseya here: https://www.kaseya.com/potential-attack-on-kaseya-vsa/
We will add updates to this post and post through our social media channels.
Don’t forget, our cyber incident response line: 01786 437 472
Businesses and organisations relying on Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defence (FTD) firewalls are being advised to take immediate action to protect…
A recent cyber attack has resulted in a serious data breach affecting the World-Check database, a critical tool used by financial institutions and other organisations…
WhatsApp, the popular messaging service owned by Meta, has become a prime target for fraudsters. A recent scam involves the manipulation of the WhatsApp’s verification…
