Displaying items by tag: REvil

A man accused of being behind the attack on Kaseya, a managed services provider, in July last year, has appeared in court in Texas and been arraigned.

McAfee Enterprise and FireEye have come together to create a resilient digital world as Trellix, and the new company’s first research report has come out. It reveals the magnitude of the Log4j vulnerability which dominated headlines and the focus of security teams and defenders alike - along with other insights into security issues in the third quarter of 2021. The report is a fascinating - and deeply sobering - read.

McAfee Enterprise and FireEye have come together to create a resilient digital world as Trellix, and the new company’s first research report has come out. It reveals the magnitude of the Log4j vulnerability which dominated headlines and the focus of security teams and defenders alike - along with other insights into security issues in the third quarter of 2021. The report is a fascinating - and deeply sobering - read.

Security vendor WatchGuard Technologies has published its latest quarterly Internet Security Report. Findings for Q3 2021 include a decrease in total perimeter malware detection volume, although endpoint malware detections had already surpassed the total for 2020, with Q4 2021 data yet to be reported.

Ransomware attacks on Windows systems in the US during 2021 showed a small dip from the previous year, with 2323 local governments, schools and healthcare providers hit, the security firm Emsisoft reports.

Authorities in Romania have arrested two men suspected of using the REvil Windows ransomware in some 5000 attacks, the Europol police agency says in a somewhat rambling statement.

Another Windows ransomware group, BlackMatter, appears to have shut down operations, according to a message sent out by the people behind the group.

A number of Windows ransomware gangs have reacted to the reported takedown of the REvil gang, with one of them, Darkside, now known as BlackMatter, moving some of the bitcoin it holds, according to a statement from the cryptocurrency tracking firm Elliptic.

The REvil ransomware group was taken offline by intelligence agencies and law enforcement from the US and a number of its allies, the news agency Reuters claims.

A seasoned ransomware threat researcher has warned against taking any of the chatter around the disappearance of the Windows REvil ransomware group for a second time seriously, given that the forums on which these posts have appeared are heavily monitored.

GUEST RESEARCH: On 16 September, our security researchers, in collaboration with a trusted law enforcement partner, released a universal decryptor to help victims of REvil ransomware recover their data.

A threat actor, who claims to have worked for the REvil ransomware group among others, has cast doubt on the common tendency to associate individuals from a particular country who do such work as acting for the governments of the same countries.

Issues have been identified with a decryptor released by security firm Bitdefender for files encrypted by the REvil ransomware group before it temporarily disappeared on 13 July.

Security vendor Bitdefender has released a universal decryptor for files encrypted by the REvil ransomware before 13 July 2021.

The website of the prolific ransomware group REvil has come back online about two months after it disappeared following an attack on a number of managed service providers.

In its latest research, Sophos warns the severity and damage that the REvil ransomware may inflict on organisations. The research also gives measures on how organisations can detect the attack and prevent further damage.

Zscaler's latest ransomware report says manufacturing is the industry most targeted by double-extortion ransomware.

Australian healthcare provider UnitingCare Queensland has identified the Windows ransomware that hit its systems on 25 April as the REvil strain, aka Sodinokibi.

A cybersecurity researcher persuaded Ragnar Locker ransomware operators into thinking they were a cybercriminal and to offer a job. The researcher has released information on the gang’s payout structure, cash-out schemes, and target acquisition strategies providing a look behind the scenes into the real business of shadowy underground criminal syndicates - and the millions of dollars it brings in.

Schematics for Apple's presumed 2021 MacBook designs, along with those of other tech companies that Quanta manufactures devices for, have been stolen in a ransomware attack by the REvil group, and a senior security researcher at Kaspersky explains what is going on.