Kaseya VSA Attack

08/07/2021

On Friday, 2nd July, some MSPs using the on-premises version of Kaseya VSA suffered ransomware attacks that trickled down to their customers. Kaseya says around 1,500 companies (so far), many customers of MSPs, have been affected and the attackers (Revil gang) are asking $70 million in ransom.

Anyone using an on-premises Kaseya VSA server (does not seem to affect the SaaS version) should turn it off or remove it from your network until Kaseya releases the fix. WatchGuard’s endpoint products like WatchGuard EPDR, Panda AD360, and others, can catch the dropped ransomware.

The attack exploited unpatched vulnerabilities in the Kaseya product that Kaseya is working on fixing ASAP.

For everything you need to know about the attack, and for all the latest developments, see WatchGuard's live blog post here.

If you or your customers have a WatchGuard endpoint product and are unsure on what to do next, give the NetThreat team a call on 0121 270 1800.

« Back
© Developed by CommerceLab