> The source of these indicators are auto-emailed Kaseya VSA Security Notificati... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		orf on July 3, 2021 \| parent \| context \| favorite \| on: US companies hit by 'colossal' cyber-attack > The source of these indicators are auto-emailed Kaseya VSA Security Notifications indicated the "KElevated######" (SQL User) account performed this action. We're hesitant to jump to any conclusions, but this could via suggest execution via SQL commands. Some form of remote, unauthenticated SQL injection then? 1. https://www.reddit.com/r/msp/comments/ocggbv/comment/h3u5j2e

swarnie_ on July 3, 2021 [–]

Some of those comments are straight up nightmare fuel for sysadmins

> We are severly fucked. Up to 2100 endpoints are infected right now, most are desktops but also servers.

> We have been hit as well 1000 endpoints. What is your plan of restoration?

Happy 4th of July weekend everyone.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact