I am really surprised that others have not raised the alarms bells on this supply chain attack this weekend?
I know it is a national holiday, but there is no excuse to rest on your laurels.....
Having dug around, it is obvious almost everyone has gone to sleep at the wheel?
You cannot afford to sleep at the wheel, despite the long haul battle, unfortunately the attackers do not sleep and are happy to exploit any lapse - so everyone wake up, protect yourselves quickly and protect your organisations turn off any Kaseya VSA servers immediately.
You have been warned!!
More details can be found here: https://www.wired.com/story/kaseya-supply-chain-ransomware-attack-msps/?bxid=5cc9e0b62ddf9c1a7add2e3...
Well worth reading and taking appropriate action.
Further information has come to light:
Some interesting updates to keep you on your toes:
Here is the next enthralling episode: The attackers are now demanding US$70 Million ransom so you can have your data back - very nice you Rotters. They are pricing themselves out of a market, and setting themselves up for failure, due to the fact more and more organisations are preparing their own countermeasures.
Hi All, Another update, now they are demanding 50 Million in Bitcoin according to the Verizon report:
It also provides a concise update on how it works, so be prepared.
Firm hacked to spread ransomware had previous security flaws (msn.com)
"Ensuring that each and every piece of database access code is immune to SQL injection is essentially impossible," said their lawsuit.
“In the business we’re in, and the number of endpoints we manage around the world, as you might expect, we take security extremely seriously," Ronan Kirby, president of the company's European operations, said at a Belgian cybersecurity conference Thursday.
Ah...well in that case, all transgressions can be forgiven. 🙄