As Kaseya restored its VSA software with customers officially coming back online today nearly 10 days after Kaseya was initially hacked some former employees say the massive ransomware attack could, and should have, been prevented.
Former Kaseya software engineering and developers said they had warned Kaseya leaders for years of dangerous security flaws in its products but those concerns were never fully addressed, according to a report by Bloomberg. Additionally, Bloomberg said some employees who flagged Kaseya’s security issues quit over frustration that newer features and products were prioritized over fixing the problems or were fired over inaction.
Some of the largest security problems within Kaseya included outdated code, weak encryption and passwords in products, as well as the general failure to meet basic cybersecurity requirements including continuous patching of its software and servers, according to Bloomberg who declined to identify the former employees due to non
Miami
Florida
United-states
Netherlands
Dutch
Frank-breedijk
Kyle-hanslovan
Wietse-boonstrain
Bloomberg
Dutch-institute-for-vulnerability-disclosure
Dutch-institute
Vulnerability-disclosure
Researchers warned Kaseya April 6 about one of the vulnerabilities that REvil ended up exploiting nearly three months later in a crippling ransomware attack.
The Dutch Institute for Vulnerability Disclosure (DIVD) said that researcher Wietse Boonstrain in April discovered seven vulnerabilities in Kaseya’s VSA remote monitoring and management product and notified the New York- and Miami-based IT service management vendor about the flaws less than a week later. Eighty-seven days later, REvil took advantage of a flaw flagged by DIVDthat still wasn’t resolved.
“Last weekend, we found ourselves in the middle of a storm,” DIVDresearcher Frank Breedijk wrote Wednesday. “A storm created by the ransomware attacks executed via Kaseya VSA using a vulnerability which we confidentially disclosed to Kaseya. … Unfortunately, the worst-case scenario came true.”
Miami
Florida
United-states
Netherlands
Dutch
Divdresearcher-frank-breedijk
Victor-gevers
Wietse-boonstrain
Dutch-institute-for-vulnerability-disclosure
Twitter
Kaseya-april
Dutch-institute
By Juha Saarinen on Jul 9, 2021 10:16AM Source: Trustwave
Malware in attack excludes former Soviet bloc nations and Syria.
The Kaseya Virtual Systems Administration (VSA) remote management and monitoring system software that was hijacked in a devastating ransomware attack had multiple critical vulnerabilities, security researchers found.
Researchers at the Dutch Institute for Vulnerability Disclosure (DIVD) found seven vulnerabilites in Kaseya VSA on-premise, and reported them to the vendor ahead of last week s REvil attacks worldwide.
Kaseya was quick to respond and to develop patches for four of the vulnerabilites but two critical bugs remain to be addressed. As we stated before, Kaseya’s response to our disclosure has been on point and timely; unlike other vendors, we have previously disclosed vulnerabilities to, DIVD researcher Frank Breedijk wrote.
Syria
United-states
Netherlands
Russia
Romania
Ukraine
Belarus
Russian
Romanian
Belarusian
Ukrainian
Soviet
Get Permission
Kaseya CEO Fred Voccola has defended his company s actions but acknowledged those affected by a ransomwware attack are very, very frustrated. (Source: Kaseya)
Global software vendor Kaseya worked in earnest for three months to resolve flaws in its VSA monitoring and management software, but ultimately lost the race with ransomware attackers, Dutch researchers say.
On Wednesday, the researchers who had found flaws in VSA released a timeline and description of issues that give more context into the engineering challenges Kaseya faced.
The researchers, with the Dutch Institute of Vulnerability Disclosure (DIVD), found seven vulnerabilities, six of which affected the software-as-a-service and on-premises versions of VSA and one of which that only affected the on-premises version.
Netherlands
Miami
Florida
United-states
Mexico
Germany
Kenya
Argentina
South-africa
Canada
Russia
Russian
vimarsana © 2020. All Rights Reserved.