Security News > 2021 > July > Kaseya supply chain attack impacts more than 1,000 companies
A ransomware attack against a single company's software product is having a ripple effect across more than 1,000 organizations.
The supply chain nature of Kaseya's business means that far more companies have now been caught in the aftermath of the attack.
"This attack highlights once more that hackers are ready and waiting to exploit lax security and unpatched vulnerabilities to devastating effect," said Jack Chapman, Egress VP of threat intelligence.
The culprit behind the attack is REvil, the infamous ransomware group answerable to many other high level attacks.
In its "Happy Blog," the group took responsibility for the attack against Kaseya, claiming that more than 1 million systems were infected, according to security firm Sophos.
Further, Kaseya enlisted the aid of its internal incident response team as well as outside experts in forensic investigations to learn the root cause of the attack.
News URL
Related news
- GitHub supply chain attack spills secrets from 23,000 projects (source)
- Supply chain attack on popular GitHub Action exposes CI/CD secrets (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)
- GitHub Action supply chain attack exposed secrets in 218 repos (source)
- Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)
- Recent GitHub supply chain attack traced to leaked SpotBugs token (source)
- SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack (source)
- That massive GitHub supply chain attack? It all started with a stolen SpotBugs token (source)