However, according to third-party reports, many of those affected customers were MSPs which use Kaseya VSA to manage the systems and networks of hundreds of businesses. To be able to perform all these tasks, the Kaseya VSA software operates with administrator-level access.Īccording to Kaseya, its RMM solution has over 36,000 users, so fewer than 40 impacted customers might sound like a small number. Kaseya VSA is an IT remote monitoring and management (RMM) solution that's used by IT and network administrators to automate patching on endpoints and servers, manage back-ups and antivirus deployments, automate other IT processes and remotely resolve and troubleshoot IT issues. The company also shut down the SaaS version of VSA but noted customers of its cloud-hosted service were never at risk. We will release that patch as quickly as possible to get our customers back up and running." "We believe that we have identified the source of the vulnerability and are preparing a patch to mitigate it for our on-premises customers that will be tested thoroughly. "Only a very small percentage of our customers were affected-currently estimated at fewer than 40 worldwide," Kaseya said in an advisory. It's possible this was timed intentionally ahead of a major holiday weekend because attackers hoped security teams would be slower to respond. The attack targeting Kaseya VSA servers started around midday on Friday in the US.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |