SentinelOne vs Sodinokibi (REvil) – Linked to the Kaseya Supply Chain Attacked (ransomware)

Ongoing supply chain attack abuses Kaseya software to distribute REvil Sodinokibi ransomware, demanding $44,999 per infected endpoint.
The malicious update drops two files: a legitimate Windows Defender application that it abuses to sideload the ransomware DLL. The latter is signed with a stolen digital certificate.

#ransomware #cybersecurity #infosec #ciso #malware