REvil and PrintNightmare – Independence Day Critical Ransomware Incidents
Date 3rd July 2021 Identified at 0900 hours
Communication and response action plan from the Fisheye Team regarding two global malware attacks overnight. First update as of 1300 hours to all Site Contacts
- REvil Ransomware Attack
The Kaseya VSA platform is currently suffering from a malware attack known as the REvil Ransomware Attack.
Fisheye has identified and mitigated this issue. All Servers and sites have been checked for exploitation and there are no signs showing any exploitation.
We will update you on our contingency plan for this support over the weekend.
2. PrintNightmare Bug
Microsoft acknowledges that there is a current and evolving situation around an attack regarding the Windows Print Spooler service.
Fisheye has identified and mitigated this issue by temporarily disabling all printing services until further updates from Microsoft are provided.
We anticipate that we will receive regular updates from our partner Microsoft as they arise and we will provide the necessary actions and communications to you all.
We are pleased to say that at this stage we have no signs of exploitation and we are continually monitoring the situation and threat activity.
We will continue to provide updates and information as necessary and we encourage you all to be extra vigilant with all emails on your devices.
The cyber security education and measures Fisheye advocate with MFA (Multi-factor authentication) are a very critical component to all our security.
Thank you from the Fisheye Security Response Team.
