{"id":41607,"date":"2021-07-03T15:50:23","date_gmt":"2021-07-03T15:50:23","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/"},"modified":"2021-07-03T15:50:23","modified_gmt":"2021-07-03T15:50:23","slug":"it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/","title":{"rendered":"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware"},"content":{"rendered":"<p><span data-label=\"in brief\">In brief<\/span> In what&#8217;s looking like a nasty supply-chain attack, IT systems management biz Kaseya was compromised by miscreants, which then used its VSA product to infect its own customers and then their customers with ransomware.<\/p>\n<p>At least 200 businesses were hit, <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/in.finance.yahoo.com\/news\/200-businesses-hit-ransomware-following-210529104.html\">according to<\/a> infosec biz Huntress. Kaseya meanwhile initially estimated 40 worldwide were infected. It also told its clients to switch off their VSA data management and remote monitoring services immediately.<\/p>\n<p>&#8220;We are experiencing a potential attack against the VSA that has been limited to a small number of on-premise customers only as of 1400 EDT today,&#8221; it said in a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.kaseya.com\/potential-attack-on-kaseya-vsa\/\">Friday advisory<\/a>.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;We are in the process of investigating the root cause of the incident with an abundance of caution but we recommend that you IMMEDIATELY shutdown your VSA server until you receive further notice from us. Its (sic) critical that you do this immediately, because one of the first things the attacker does is shut off administrative access to the VSA.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>It appears that attackers got onto Kaseya&#8217;s servers and included a copy of the REvil ransomware in a software update for customers that went out on Friday. It has also taken offline its software-as-a-service platform as a precaution.<\/p>\n<p>&#8220;We have been advised by our outside experts that customers who\u202fexperienced ransomware and\u202freceive a communication from the attackers\u202fshould\u202fnot click on\u202fany\u202flinks\u202f\u2013\u202fthey\u202fmay be weaponized,&#8221; Kaseya&#8217;s advisory added.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The Florida-based company told <i>The Register<\/i> it was working with the FBI. It&#8217;s <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/twitter.com\/joetidy\/status\/1411314473168773121\">reported<\/a> that among the victims is Sweden&#8217;s grocery store chain Coop, a customer of one of Kaseya&#8217;s customers, causing 500 stores to remain closed.<\/p>\n<h3 class=\"crosshead\"> <span>The Linkedin breach that wasn&#8217;t<\/span><br \/>\n<\/h3>\n<p>Earlier this week there were <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.privacysharks.com\/exclusive-700-million-linkedin-records-for-sale-on-hacker-forum-june-22nd-2021\/\">some reports<\/a> that someone had put 700 million Linkedin records up for sale on the dark web. Rather than intrusion, LinkedIn said, someone who had scraped publicly available information, combined it with other available data, and was trying to make a buck or ten out of it.<\/p>\n<p>&#8220;We want to be clear that this is not a data breach and no private LinkedIn member data was exposed,&#8221; <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/news.linkedin.com\/2021\/june\/an-update-from-linkedin\">Linkedin said<\/a>. &#8220;Our initial investigation has found that this data was scraped from LinkedIn and other various websites and includes the same data reported earlier this year in our April 2021 scraping update.&#8221;<\/p>\n<p>Scraping is a serious problem for Linkedin, one it has <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2021\/06\/15\/linkedin_supreme_court_scraping\/\" rel=\"noopener\">taken to<\/a> the US Supreme Court over.<\/p>\n<h3 class=\"crosshead\"> <span>Western Digital devices caught in crossfire?<\/span><br \/>\n<\/h3>\n<p>Last week, users of Western Digital&#8217;s My Book Live found they had <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2021\/06\/25\/western_digital_nas_wiped\/\" rel=\"noopener\">lost a lot of data<\/a> after devices were remotely wiped via a security vulnerability.<\/p>\n<p>At the time, the manufacturer said this was due to a malware attack. Having looked at the IP addresses and network traffic involved, security shop Censys <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/censys.io\/blog\/cve-2018-18472-western-digital-my-book-live-mass-exploitation\/\">suggested<\/a> it looked likely that one criminal infected My Book kit and then a separate individual initiated the factory reset command, suggesting someone could be trying to take out a rival.<\/p>\n<p>Western Digital, however, disagrees. &#8220;Our investigation shows that in some cases, the same attacker exploited both vulnerabilities on the device, as evidenced by the source IP,&#8221; <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.westerndigital.com\/support\/productsecurity\/wdc-21008-recommended-security-measures-wd-mybooklive-wd-mybookliveduo\">it said<\/a>. &#8220;The first vulnerability was exploited to install a malicious binary on the device, and the second vulnerability was later exploited to reset the device.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>In the meantime the firm is offering data recovery services to affected folks and promising My Book Live customers a trade-in service for My Cloud accounts.<\/p>\n<h3 class=\"crosshead\"> <span>Google tidies up Nest security<\/span><br \/>\n<\/h3>\n<p>Google has announced that it&#8217;s beefing up the security of devices in its smart home biz Nest, and made a five-year commitment to support existing products. This comes after it <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.androidpolice.com\/2020\/10\/30\/google-confirms-the-nest-secure-has-been-discontinued\/\">discontinued<\/a> its Nest Secure home security system.<\/p>\n<p>The Chocolate Factory said all devices sold since 2019 will adhere to the standards of the Internet of Secure Things Alliance (ioXt) on patching and security. In addition Google will publish the ioXt validation results for all of its kit so buyers can make an informed choice.<\/p>\n<p>&#8220;A helpful home is a safe home, and Nest\u2019s new safety center is part of making sure Nest products help take care of the people in your life and the world around you,&#8221; Google said in a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/blog.google\/products\/google-nest\/privacy-security-commitments\/\">blog post<\/a>.<\/p>\n<h3 class=\"crosshead\"> <span>US police seize 3D printers over gun charges<\/span><br \/>\n<\/h3>\n<p>An unusual case of physical security came up this week after the Pennsylvania police took custody of two 3D printers that allegedly were used to manufacture parts for so-called ghost guns \u2013 unregulated firearms American cops and prosecutors aren&#8217;t too keen on.<\/p>\n<p>\u201cKenneth Wilson was caught manufacturing untrackable and untraceable firearms out of his home. Once assembled, these fully functional firearms often become a tool for senseless violence,\u201d <a target=\"_blank\" href=\"https:\/\/www.attorneygeneral.gov\/taking-action\/press-releases\/ag-shapiro-seizes-two-3-d-gun-printers-ghost-gun-frames-from-northampton-felons-home\/\" rel=\"noopener\">said<\/a> the state&#8217;s Attorney General Josh Shapiro.<\/p>\n<p>\u201cGhost guns are quickly becoming the weapon of choice for criminals that take the lives of too many Pennsylvanians. My office is working overtime to target these gun traffickers and get illegal guns off our streets.\u201d<\/p>\n<p>In addition to the 3D printers, police also said they seized three ghost gun frames, three firearms, a small amount of methamphetamine, $1,140 in cash, and drug packaging equipment from the suspect&#8217;s house. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2021\/07\/03\/in_brief_security\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Plus: Cops seize 3D printers &#8216;used to print guns&#8217;, and more bits and bytes In brief\u00a0 In what&#8217;s looking like a nasty supply-chain attack, IT systems management biz Kaseya was compromised by miscreants, which then used its VSA product to infect its own customers and then their customers with ransomware.\u2026  READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-41607","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>IT management biz Kaseya pwned by miscreants to infect businesses with ransomware 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-03T15:50:23+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware\",\"datePublished\":\"2021-07-03T15:50:23+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/\"},\"wordCount\":865,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/\",\"name\":\"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2021-07-03T15:50:23+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/","og_locale":"en_US","og_type":"article","og_title":"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-07-03T15:50:23+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware","datePublished":"2021-07-03T15:50:23+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/"},"wordCount":865,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/","url":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/","name":"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2021-07-03T15:50:23+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YOC2Qa94p4AExO7ocrQ4ZgAAAE0&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/it-management-biz-kaseya-pwned-by-miscreants-to-infect-businesses-with-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"IT management biz Kaseya pwned by miscreants to infect businesses with ransomware"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41607","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=41607"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41607\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=41607"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=41607"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=41607"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}