Hackers Pushing Cobalt Strike Malware Disguised As Kaseya VSA Security Update

Threat actors are actively pushing Cobalt Strike payloads disguised as Kaseya VSA security updates to steal sensitive users' data, targeting potential Kaseya ransomware victims. The attack is going through email spamming, with emails containing malicious attachment and an embedded link designed to look like a Microsoft patch for the Kaseya VSA zero-day exploited in the REvil ransomware attack. Once users run the attachment, threat actors gain remote access to their system. Read more...