Kaseya Unitrends Vulnerabilities: MSP Should Update Backup Software, Agents
Kaseya has disclosed a dozen vulnerabilities with its Unitrends backup and disaster recovery (BDR) software platform. To mitigate the potential security issues, MSP partners and end-customers should “take immediate action to update to the latest release of the Unitrends software and all agents to the latest version,” Kaseya said in the disclosure.
The Kaseya-Unitrends security disclosure and guidance comes roughly five months after a REvil ransomware attack hit Kaseya VSA, an RMM (remote monitoring and management) software platform for MSPs. That July 2021 attack hit roughly 50 MSPs and 1,500 down-stream customers, but did not spread to Kaseya’s other software products. The alleged VSA hacker was charged with the attack in November 2021.
After the VSA attack, Kaseya hired FBI veteran Jason Manar as CISO (chief information security officer) to further bolster and manage the company’s cyber defenses and response coordianation.