Additional Resources:
One thing of note is that while CVE-2021-30116 appears to have been part of the attack, there were other vulnerabilities that neither Kaseya or anyone else besides the threat actors were aware of prior to July 2nd 2021 that were used in this attack. Huntress put on a webinar today July 6th 2021 (after I published this video) and offered up a demo using proof of concept code they wrote to prove how the attack worked and it did require more than what was outlined in the CVE-2021-30116. Once that video becomes available I will be posting links here.
Huntress Blog Post
Kaseya Incident Overview & Technical Details
Kaseya Vulnerability Disclosure Policy
(They make a point they are NOT currently participating in a bug bounty program)
Victors Tweet
https://twitter.com/0xDUDE/status/1411146581840207873
Darknet Diaries EP 87: GUILD OF THE GRUMPY OLD HACKERS
Darknet Diaries EP 88: VICTOR
ConnectWise Control: Vulnerabilities & Responsible Disclosure By Bishop Fox and Huntress Labs
The Solarwinds Orion SUNBURST Attack Timeline
Connecting With Us
- Hire Us For A Project: Hire Us – Lawrence Systems
- Tom Twitter https://twitter.com/TomLawrenceTech
- Our Web Site https://www.lawrencesystems.com/
- Our Forums https://staging-forum.lawrencesystems.com/
- Instagram https://www.instagram.com/lawrencesystems/
- Facebook Lawrence Systems | Southgate MI
- GitHub lawrencesystems (Lawrence Systems) · GitHub
- Discord lawrencesystems
Lawrence Systems Shirts and Swag
►👕 https://teespring.com/stores/lawrence-technology-services
AFFILIATES & REFERRAL LINKS
Amazon Affiliate Store
Lawrence Systems's Amazon Page
All Of Our Affiliates that help us out and can get you discounts!
https://www.lawrencesystems.com/partners-and-affiliates/
Gear we use on Kit
Kit: at-home health testing for your business
Try ITProTV free of charge and get 30% off!
Learn technology and pass IT certifications with ITProTV
Use OfferCode LTSERVICES to get 10% off your order at
https://www.techsupplydirect.com/
Digital Ocean Offer Code
DigitalOcean | Cloud Hosting for Builders
HostiFi UniFi Cloud Hosting Service
HostiFi - UniFi Cloud Hosting
Protect you privacy with a VPN from Private Internet Access
Buy VPN with Credit Card or PayPal | Private Internet Access
Patreon
lawrencesystems | creating Tech Tutorials & Reviews | Patreon
#Kaseya #Ransomware #CVE-2021-30116