Kaseya plans to bring its VSA service back online on Sunday afternoon, more than a week after REvil ransomware actors exploited flaws in it.
The attack on Kaseya VSA servers that led to REvil ransomware deployments has affected nearly 1,500 companies so far.
Secureworks researchers found that the LV ransomware group is using a repurposed, slightly modified version of the REvil ransomware binary.
Police in Ukraine have arrested six people they allege are involved in operating the Cl0p ransomware.
Food producer JBS USA said it paid an $11 million ransom to resolve the ransomware attack that hit the company on May 30.