Critical Vulnerabilities Bulletin - July 2021

7/6/21 12:30 PM  |  by RedLegg Blog

Kaseya's VSA Product Supply Chain Attack & Ransomware Event


Description: On July 2, 2021, information regarding a significant supply chain attack was made available to the public regarding Kaseya’s VSA product. Attackers gained access to Kaseya’s environment and utilized the VSA update server to push out ransomware to a small amount of the Kaseya VSA users with on-premises VSA servers. RedLegg recommends that if you have a VSA server on-premise, that it be powered down and stay down until Kaseya provides more information at the help desk link above. RedLegg is not a customer of Kaseya and is unaffected by this supply chain attack.

Get Blog Updates

Related Articles

Critical Vulnerabilities Bulletin -September 2021 96bravo

Critical Vulnerabilities Bulletin -September 2021

Open Management Infrastructure Remote Code Execution Vulnerability Identifier: CVE-2021-38647 Exploit or POC: No. ...
Emergency Vulnerability Bulletin 96bravo

Emergency Vulnerability Bulletin

Microsoft MSHTML Remote Code Execution Vulnerability Identifier: CVE-2021-40444 Exploit or POC: Yes Update: ...
Critical Security Vulnerabilities Bulletin