Kaseya fixes VSA, and the US wants Russian action against REvil.
Kaseya yesterday afternoon pushed fixes for VSA's on-premises and SaaS versions. At 8:00 AM the company's update indicated that patching was proceeding quickly:
"As posted in the previous update we released the patch to VSA On-Premises customers and began deploying to our VSA SaaS Infrastructure prior to the 4:00 PM target. The restoration of services is now complete, with 100% of our SaaS customers live as of 3:30 AM US EDT. Our support teams continue to work with VSA On-Premises customers who have requested assistance with the patch."
Direct US warning to Russia.
In an hour-long phone call Friday US President Biden communicated his expectations concerning ransomware operations to Russian President Putin. Reuters reports that in President Biden's estimation the call "went well," and that he expects Russian cooperation against gangs like REvil. Should expected Russian cooperation not be forthcoming, President Biden said the US was prepared to take certain actions on its own. He and Administration officials declined to say what such actions might be. At the White House daily press conference on Friday, Press Secretary Psaki said President Biden "underscored the need for President Putin to take action to disrupt these ransomware groups.”
Scam warnings continue as criminals dangle Kaseya phishbait.
Kaseya has continued to warn that its ransomware incident continues to be used as phishbait by scammers: "Reminder: Spammers are using the news about the Kaseya Incident to send out fake email notifications that appear to be Kaseya updates. These are phishing emails that may contain malicious links and/or attachments or phone [calls] claiming to be Kaseya Partners – DO NOT click on links or download attachments and DO NOT respond to phone calls claiming to be a Kaseya Partner."
For more on the REvil ransomware operation, Kaseya's response, and the state of Russo-American conversations on the matter, see the CyberWire's latest coverage.