Kaseya VSA: Avoidable ransomware attack

Kaseya didn’t have received reports only from Dutch researchers, but also from its employees. One of them was even fired after sending a detailed document to the executives. Yesterday the Florida software house has press release that the patch for VSA (Virtual System Administrator) software is available. Kaseya did not listen to employees A group of Dutch researchers had discovered the presence of seven vulnerabilities in Kaseya VSA, but only four of them had been fixed within a month. It now turns out that the security issues had been reported by employees of the company as early as 2017. The software had not received the necessary patches to close the flaws due to outdated code and weak encryption. A former employee had handed executives a detailed document of 40 pages that listed several problems, but was fired two weeks later. Another employee stated that the passwords were kept in the clear on a third-party platform. Several employees were laid off in 2018 when Kaseya moved software development to Belarus, a country very close to the Russian government. The Florida software house yesterday released the software. version 9.5.7a of VSA which fixes the three bugs exploited by the REvil group of cybercriminals to access servers and install ransomware. Before applying the patch you need to follow the instructions in two guides. At the first start it will be mandatory to change the login password.

Categories:   Security