Last update 2021-07-02, 22:40 UTC

Sophos is aware of a supply chain attack that uses Kaseya to deploy ransomware into a victim’s environment. Organizations running Kaseya VSA are potentially impacted. Kaseya has stated that the attack started around 14:00 EDT/18:00 UTC and they are investigating the incident.

In parallel, SophosLabs and the Sophos Security Operations team have investigated and found indicators of compromise (IoCs) and detections that will help people determine next steps.

Sophos has created a Security Blog article on this attack that details the IoCs and recommended actions. We will continue to update this article in real-time as new information becomes available.

Sophos customers are protected via detections in multiple Sophos products. Please see the Security Blog article for full details.

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Your cart email sent successfully :)