iTWire With Double Extortion, We Can’t Outplay Ransomware So We Need To Outwit It
Shares Hayley Turner Director of Industrial Security - APAC at Darktrace
GUEST OPINION by Hayley Turner Director of Industrial Security - APAC at Darktrace: “Double Extortion” might sound like the title of a cheap airport thriller, but it’s a fast-growing component of the current ransomware explosion. While a year and a half ago, only one knownthreat actor used the tactic, there are now more than 16 ransomware groups actively using it.
From the JBS attack that impacted our agricultural sector, to the high-profile attack on Nine Entertainment, ransomware has not been far from the headlines this year. But despite this, the
Kaseya obtains master decryptor for victims of REvil ransomware attack
SHARE
Information technology management software firm Kaseya Ltd. has obtained a master decryptor for victims of the REvil ransomware attack that targeted its customers earlier this month.
Kaseya said in a security update today that it has obtained the tool from a third party and has teams activity helping customers affected by the ransomware to restore their environments. The company added that there are no reports of problems or issues with the decryptor and that it’s working with Emsisoft Ltd. to support customer engagement efforts.
The attack by REvil started July 2 and targeted a zero-day, or until then unknown, vulnerability in the Kaseya VSA remote management application. Exactly how many Kesaya downstream customers were affected remains unclear, but estimates have put the number at between 800 and 1,500.
Kaseya Obtains Universal Decryptor for REvil Ransomware threatpost.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from threatpost.com Daily Mail and Mail on Sunday newspapers.
GovInfoSecurity
July 21, 2021
September 30, 2021
DougOlenick) • July 13, 2021 Get Permission
REvil s public shaming site, Happy Blog, is one of the components of the gang s infrastructure that has gone offline.
(Watch for updates on this developing story.)
The REvil, aka Sodinokibi, ransomware gang s infrastructure, including its darknet sites, were offline Tuesday, numerous security specialists report. The reason for the sudden disappearance is far from clear. All of their sites have been down since around 1 a.m. EST (8 a.m. Moscow Time). So, not just their extortion site, but their payment sites, chat server and [command-and-control] infrastructure, Allan Liska, an intelligence analyst at Recorded Future, tells Information Security Media Group.
REvil Ransomware Gang Mysteriously Disappears After High-Profile Attacks thehackernews.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from thehackernews.com Daily Mail and Mail on Sunday newspapers.