Hundreds of U.S. Companies Hit by Massive Ransomware Attacks

REvil indirectly targeted hundreds of companies throughout the United States in a supply chain attack against Kaseya's VSA System Administration Platform, a security system used for remote monitoring and IT management.  REvil is said to be responsible for the assault, attack that entailed distributing a particular payload via a typical automatic software update. Following the initial stage, hackers disabled several elements of Windows Defender and utilized PowerShell to decode and extract its information.  Because of the reported security vulnerability, Kaseya put all their cloud services into maintenance mode and issued a security warning to clients who had a local VSA server, ordering them to shut down their server until further notice. Kaseya first informed the FBI and the CISA before starting their own internal inquiry.  The good news is that less than 40 of 36,000 customers have been affected by the security issue. The bad news is that they estimate to discov...