Displaying items by tag: REvil

A seasoned ransomware threat researcher has warned against taking any of the chatter around the disappearance of the Windows REvil ransomware group for a second time seriously, given that the forums on which these posts are heavily monitored.

Published in Security
Tuesday, 05 October 2021 12:57

Bitdefender warns organisations of REvil attacks

GUEST RESEARCH: On 16 September, our security researchers, in collaboration with a trusted law enforcement partner, released a universal decryptor to help victims of REvil ransomware recover their data.

Published in Guest Research

A threat actor, who claims to have worked for the REvil ransomware group among others, has cast doubt on the common tendency to associate individuals from a particular country who do such work as acting for the governments of the same countries.

Published in Security

Issues have been identified with a decryptor released by security firm Bitdefender for files encrypted by the REvil ransomware group before it temporarily disappeared on 13 July.

Published in Security

Security vendor Bitdefender has released a universal decryptor for files encrypted by the REvil ransomware before 13 July 2021.

Published in Security
Wednesday, 08 September 2021 10:55

Website of REvil ransomware gang back on the dark web

The website of the prolific ransomware group REvil has come back online about two months after it disappeared following an attack on a number of managed service providers.

Published in Security

In its latest research, Sophos warns the severity and damage that the REvil ransomware may inflict on organisations. The research also gives measures on how organisations can detect the attack and prevent further damage.

Published in Business IT

Zscaler's latest ransomware report says manufacturing is the industry most targeted by double-extortion ransomware.

Published in Security

Australian healthcare provider UnitingCare Queensland has identified the Windows ransomware that hit its systems on 25 April as the REvil strain, aka Sodinokibi.

Published in Security

A cybersecurity researcher persuaded Ragnar Locker ransomware operators into thinking they were a cybercriminal and to offer a job. The researcher has released information on the gang’s payout structure, cash-out schemes, and target acquisition strategies providing a look behind the scenes into the real business of shadowy underground criminal syndicates - and the millions of dollars it brings in.

Published in Security

Schematics for Apple's presumed 2021 MacBook designs, along with those of other tech companies that Quanta manufactures devices for, have been stolen in a ransomware attack by the REvil group, and a senior security researcher at Kaspersky explains what is going on.

Published in Security

Windows ransomware groups have been devising newer and newer ways of putting pressure on their victims to pay up. The latest tactic seems to be finding digital traces of someone who is looking at porn during office hours - and then embarrassing the organisation in question and forcing a payment.

Published in Open Sauce

Incident response firm Coveware has deleted a small portion of an article it had posted online in 2019, after the actors behind the REvil ransomware group — also known as Sodinokibi — used it to promote the efficiency of their own decryptor over that of the one used by rival ransomware actor, Ryuk.

Published in Security

The world's sixth largest PC maker, Acer, appears to have been hit by the Windows REvil ransomware — aka Sodinokibi — and the Taiwan-based company says it has reported "recent abnormal situations observed" to law enforcement.

Published in Security

Premier aircraft leasing asset manager SKY Leasing has been hit by a gang of cyber criminals using the Windows Avaddon ransomware and the attackers have leaked 20 files of the company's data on the dark web.

Published in Security

Security firm Intel 471 claims to have discovered a pattern in ransomware attacks over the past 18 months, with a growing inter-dependence between the actual attackers and those who sell access to compromised systems.

Published in Security

Argentina's official country portal has been hit by malicious attackers using the Windows REVil ransomware who claim they have exfiltrated 50GB of information.

Published in Security

An Australian firm that was hit by the Windows REvil ransomware earlier this month has said that it has dealt with the incident fully, having been ready to do so by upgrading its defences over the last few years

Published in Security

Malicious attackers who used the Windows REvil ransomware to attack Nexia Australia and New Zealand, a network of solutions-focused accountancy and consultancy firms, have re-listed the company on their dark web site, along with screenshots of data that has been allegedly filched during the attack.

Published in Security

A Melbourne firm which suffered a hit from cyber criminals using the Windows REvil ransomware has denied that any data was exfiltrated from its site, as was reported in these columns.

Published in Security
Page 1 of 3

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments