In light of the apparent attack on Kaseya this afternoon, we are opening this thread for members to discuss the attack and any impacts, remediations, etc.
Following are the posts in the Cyber Forum on the attack as of this writing:
Kaseya VSA, credit to @Matthew Lang
Kaseya VSA Ransomware Attacks July 2nd, 2021
Kaseya VSA Urgent Alert
Kaseya VSA Supply-Chain Ransomware Attack
Kaseya VSA supply chain ransomware attack, credit Silver Industry Partner Sophos.
What to expect when you’ve been hit with REvil ransomware, credit Silver Industry Partner Sophos.
Some additional links members have sent in:
Kaseya REvil Configuration Dump, credit @Ian Thornton-Trump CD
REvil ransomware gang executes supply chain attack via malicious Kaseya update, credit @Ian Thornton-Trump CD
Per @Chris Loehr, if you shut down a Kaseya VSA server, be certain to save all logs. This could be critically important.
Thanks to all who have been reaching out and sharing on this attack.
MJ
Following are the posts in the Cyber Forum on the attack as of this writing:
Kaseya VSA, credit to @Matthew Lang
Kaseya VSA Ransomware Attacks July 2nd, 2021
Kaseya VSA Urgent Alert
Kaseya VSA Supply-Chain Ransomware Attack
Kaseya VSA supply chain ransomware attack, credit Silver Industry Partner Sophos.
What to expect when you’ve been hit with REvil ransomware, credit Silver Industry Partner Sophos.
Some additional links members have sent in:
Kaseya REvil Configuration Dump, credit @Ian Thornton-Trump CD
REvil ransomware gang executes supply chain attack via malicious Kaseya update, credit @Ian Thornton-Trump CD
Per @Chris Loehr, if you shut down a Kaseya VSA server, be certain to save all logs. This could be critically important.
Thanks to all who have been reaching out and sharing on this attack.
MJ
Last edited: