1. Synnex Attack Might Be Linked To Kaseya Compromise
Hackers attempted to use Synnex to gain access to customer applications within the Microsoft cloud environment in an attack possibly tied to the Kaseya ransomware campaign. The Fremont, Calif.-based distributor said it’s been working with Redmond, Wash.-based software giant Microsoft as well as a third-party cybersecurity vendor to conduct a thorough review of the attack since it was identified.
“We do not know if this is related to the Kaseya ransomware attack [against] MSPs and some end customers,” Michael Urban, Synnex’s president of worldwide technology solutions distribution, said in an emailed statement. “That is part of the review. SYNNEX is not an MSP, and we have no relationship with Kaseya and do not use its systems.”
Given the nature of supply chain attacks, Synnex could have been compromised as part of the Kaseya campaign if the distributor works with a supplier that uses an on-premises version of Kaseya VSA. For instance, the Russian foreign intelligence service gained access to Malwarebytes’ internal company emails as part of the SolarWinds campaign even though Malwarebytes isn’t a SolarWinds customer.