<img alt="" src="https://secure.hiss3lark.com/173130.png" style="display:none;">

 

Blog

Read or download all Datashield news, reviews, content, and more.

 

All Posts

Security Advisory Kaseya VSA

Datashield Security Advisory | Kaseya VSA

Datashield Security Advisory:

Kaseya VSA

Released: July 2, 2021

Datashield has been monitoring a reported supply chain attack on Kaseya VSA, an RMM tool popular with MSPs. This was first reported in various MSP community channels (Discord, Reddit) with very limited information, although throughout the day, credible details have been released.

Presently, it appears Kaseya was targeted by known threat actor REVil, which is using the Kaseya VSA infrastructure to perpetuate a mass infection of ransomware. This threat is still developing, although some IOCs are available.

Datashield does not use Kaseya VSA, although we are working to build detection content and acquire further information from partners and intelligence sources. Current IOCs are heavily host-based, so network-based detection of post-infection traffic may be limited until more post-compromise indicators are uncovered, evaluated, and implemented in our threat detection content. Please note, all available IOCs have already been added to detection content in ShieldVision.

Guidance from Kaseya VSA is to immediately disconnect and shut down any VSA servers currently connected to your network.

 

Kaseya notice:

Indicators of Compromise (IOCs):

If you have any questions regarding this vulnerability, please contact us below.

 

Contact Us

Topics from this Article

News, CVE, Vulnerability Management, Threat Intelligence, Threat Analysis

Datashield
Datashield
Official Datashield account for blog content, news, announcements and more. The articles authored include a collaboration between internal staff, specifically the security operations and marketing team.

Related Posts

Lumifi Cyber Acquires Datashield to Deliver Next-Generation Managed Detection and Response

Combines AI and Machine Learning-Based Software with MDR Services to Provide Fortune 500-Grade Security to Companies of All Sizes Palm Desert, CA and Scottsdale, AZ — May 3, 2022 — Lumifi Cyber, Inc., a next-generation managed detection and response (MDR) cybersecurity software provider, today announced its acquisition of Datashield, Inc., an end-to-end cybersecurity resilience services provider, to deliver Fortune 500-grade security to companies of all sizes for an affordable monthly price.

Datashield Becomes Member of Microsoft Intelligent Security Association (MISA)

Datashield Becomes Member of Microsoft Intelligent Security Association (MISA)

The Difference Between Cybersecurity & Network Security

The Difference Between Cybersecurity & Network Security