U.S. technology firm Kaseya is firefighting the largest ever supply-chain ransomware strike on its VSA on-premises product, ruled out the possibility that its codebase was unauthorizedly tampered with to distribute malware. 1,500 downstream businesses around the world have been paralyzed by the attack, according to the company’s CEO Fred Voccola. The attackers were able to exploit zero-day vulnerabilities in the VSA product to bypass authentication and run arbitrary command execution.
Source: https://thehackernews.com/2021/07/kaseya-rules-out-supply-chain-attack.html