Episode 13

“Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers

On April 1, a volunteer researcher for the Dutch Institute for Vulnerability Disclosure (DIVD) began poking around into Kaseya VSA, a popular software tool used to remotely manage and monitor computers. Within minutes, he found a zero-day vulnerability that allowed remote code execution—a serious flaw. Within weeks, his team had found seven or eight more.  In today's episode, DIVD Chair Victor Gevers describes the race to prevent one of the most devastating ransomware attacks in recent history. It's a race that Gevers and his team almost won. Almost.

 

 

About the Podcast

Show artwork for Lock and Code
Lock and Code

Listen for free

About your host

Profile picture for David Ruiz

David Ruiz

Lock and Code host and Senior Privacy Advocate for Malwarebytes. Hates surveillance.