cyber security
REvil
Attribute Value Name REvil Aliases SodinokibiSodin Type Rnasomware Country of Origin Russia State Sponsored []Unknown [x] Unconfirmed [] Confirmed Active Since April 2019 Discovered by Cisco Talos Target Countries All countries except Syria, Commonwealth of Independent States (CIS), which includes Armenia, Belarus, Kazakhstan, Kyrgyzstan, Moldova, Russia, Tajikistan, Turkmenistan, Ukraine and Uzbekistan. Main targets are US, …
REvil Kaseya Ransomware Attack
APT Name: REvil – Tactics, Techniques, Procedures Updates from Organization: https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689 [Kaseya Ransomware Incident (groupsense.io)](https://www.groupsense.io/resources/keseya-ransomware-incident https://siliconangle.com/2021/07/07/victims-targeted-fake-updates-kaseya-allegedly-knew-exploited-vulnerability-april/ https://www.huntress.com/blog/a-recap-of-events-and-lessons-learned-during-the-kaseya-vsa-supply-chain-attack Ransomware: [x] Yes [ ] No Ransomware Negotiator: Not disclosed Ransomware Paid: 22nd July, 2021: Kaseya spokeswoman Dana Liedholm would not say Thursday how the key was obtained or whether a ransom was paid. She said only that it came …
Security News for 10Jun2020
“Thanos is the first ransomware family observed that advertises the use of the RIPlace tactic. RIPlace is a Windows file system technique unveiled in a proof of concept (PoC) last year by researchers at Nyotron, which can be used to maliciously alter files and which allows attackers to bypass various anti-ransomware methods.”