News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: REvil

New, free and universal REvil decryptor
13 October 2021
| No comments
| Bitdefender, Short news
Bitdefender_News

Bitdefender offers a new, free and universal REvil decryptor. The tool includes a general key for all files encrypted before July 13, 2021. The new, universal Bitdefender decryptor tool enables victims of all REvil / Sodinokibi ransomware attacks before July 13th to restore their data and make it available again. Bitdefender developed the free tool in collaboration with a recognized law enforcement partner. Step-by-step instructions for using the REvil decryptor can also be found online. For REvil / Sodinokibi ransomware attacks before July 13th, 2021 After the REvil infrastructure went partially offline on July 13th of this year, victims who ...

Read more

IT-Mensch versus REvil - a live attack
July 28, 2021
| No comments
| Sophos, Stories
IT-Mensch versus REvil - a live attack

The Sophos Managed Threat Response team in direct exchange with REvil ransomware. A specific case shows how the cybercriminals proceeded, how the Managed Threat Response (MTR) team finally gained the upper hand and what lessons companies should learn from the incident. Like many other ransomware families, the REvil blackmail software is used by cyber criminals to steal and encrypt data in order to subsequently demand the highest possible ransom. What makes REvil special, however, is the way the ransomware is made available. As if it were a completely normal business, the makers offer their "product" as a ...

Read more

REvil continues to expand worldwide
July 28, 2021
| No comments
| Kaspersky, Short news
Kaspersky_news

In July, the ransomware group REvil, aka Sodinokibi, attacked managed service providers (MSPs) and their customers around the world in a major cyberattack, making thousands of companies potential victims of ransomware. Kaspersky researchers have already observed over 5.000 infection attempts in Europe, North and South America. With its own Threat Intelligence Service, Kaspersky was able to identify more than 5.000 attempted attacks by the ransomware-as-a-Service (RaaS) operator REvil in 22 countries. Most of the attack attempts were recorded in the following five countries: Italy (45,2 percent) USA (25,9 percent) Colombia (14,8 percent) Germany (3,2 percent) Mexico (2,2 percent) Vladimir Kuskov, ...

Read more

Comment: REvil makes the highest ransom demand in history
July 10, 2021
| No comments
| Short news
Fireeye News

On July 2, 2021, a REvil / Sodinokibi user exploited several vulnerabilities in the Kaseya VSA product to distribute a ransomware encryptor to connected endpoints. It is the highest ransom demand in history. A comment from Charles Carmakal, SVP and CTO, Mandiant. Kaseya VSA is a remote monitoring and management solution used by managed service providers (MSPs) and enterprises to remotely manage computer systems. The number of organizations affected by the REvil ransomware outage is currently unknown, but Kaseya estimates the number of cases is below 1.500. Many of the affected ...

Read more

Research: REvil ransomware investigated
July 5, 2021
| No comments
| Short news, Sophos
SophosNews

REvil, also known as Sodinokibi, is a mature and widespread ransomware-as-a-service (RaaS) offering. Sophos researchers examined the tools and behaviors that attackers believe are most common in deploying a REvil attack. Criminal customers can lease the ransomware from the developers and place it on their victims' computers with their own parameters. The respective approach and the effects of an attack with REvil ransomware are therefore very variable and depend on the tools, behaviors, resources and skills of the attacker who is renting the malware. REvil ransomware under the hood Andrew Brandt, ...

Read more

© 2024 MedPressIT GbR
Cookie Settings