Threat actors are conducting a spam campaign aimed at infecting Kaseya customers, posing as legitimate VSA security updates. The software provider is warning customers of an ongoing malspam campaign. The company also reported that threat actors are contacting its customers via phone calls posing as partners in charge of helping them after the ransomware attack. The messages used malicious attachments and embedded links posing as genuine security updates posing as VSA updates. Customers have to remain vigilant, threat actors could use the recent incident as a lure and leverage social engineering techniques to trick victims into installing malware.”]
Source: https://securityaffairs.co/wordpress/119928/cyber-crime/kaseya-warns-malspam-campaign.html