incident
REvil Ransomware Gang Exploits Kaseya VSA Zero-Days in Supply-Chain AttackKaseya VSA Supply-Chain Ransomware Attack (REvil)
In July 2021, the REvil ransomware gang exploited zero-day vulnerabilities in Kaseya VSA remote monitoring and management software to deploy ransomware to approximately 1,500 downstream businesses via managed service providers. The attackers leveraged the trusted Kaseya agent to distribute malicious updates, bypassing endpoint security controls. This supply-chain attack encrypted systems and demanded a $70 million ransom.