Critical Vulnerabilities Bulletin - July 2021

7/6/21 12:30 PM  |  by RedLegg Blog

Kaseya's VSA Product Supply Chain Attack & Ransomware Event


Description: On July 2, 2021, information regarding a significant supply chain attack was made available to the public regarding Kaseya’s VSA product. Attackers gained access to Kaseya’s environment and utilized the VSA update server to push out ransomware to a small amount of the Kaseya VSA users with on-premises VSA servers. RedLegg recommends that if you have a VSA server on-premise, that it be powered down and stay down until Kaseya provides more information at the help desk link above. RedLegg is not a customer of Kaseya and is unaffected by this supply chain attack.

Get Blog Updates

Related Articles

Log4j In-Depth 96bravo

Log4j In-Depth

About On December 9th, 2021, a severe vulnerability (CVE-2021-44228) was released for the widely utilized Apache Log4j ...
Critical Vulnerability Bulletin December 2021 96bravo

Critical Vulnerability Bulletin December 2021

LOG4J Remote Code Execution Vulnerability (Update) Identifier: CVE-2021-44228 and CVE-2021-45046 Exploit or POC: YES. ...
Critical Security Vulnerabilities Bulletin