×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 9th July

July 9, 2021

A vulnerability in software vendor Kaseya’s virtual system/server administrator (VSA) software has been exploited to deliver the “REvil” (aka Sodinokibi) ransomware to multiple managed service providers (MSPs) and their customers. This supply-chain attack reportedly exploited an authentication bypass vulnerability and delivered REvil via a fake security update. REvil reacted negatively to an Executive Order of US President Joe Biden, and it is realistically possible that this attack was retaliatory. Given that the attack occurred over the US Independence Day holiday weekend, and given the trust customers have placed in Kaseya’s VSA, REvil more likely focused its targeting on Kaseya rather than conducting an opportunistic attack. Any action taken by the US government in light of this attack is unlikely to slow down REvil’s operations, and more attacks are likely in the short-term future (within three months). 

Previous Report
Weekly Intelligence Summary 16th July
Weekly Intelligence Summary 16th July

Next Report
Weekly Intelligence Summary 2nd July 2021
Weekly Intelligence Summary 2nd July 2021

The 14th Five Year Plan (FYP) adopted by the People’s Republic of China (PRC) in March 2021 has laid out ke...

×

Want these
Threat Intelligence reports sent straight to your inbox?

Subscribe below!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!