revil (23)

8131231863?profile=RESIZE_400xIt should come as no reprise that ransomware groups that steal a company's data and then get paid a fee to delete it don't always follow through on their promise.

The number of cases where this has happened has increased, according to a report[1] published by Coveware this week and according to several incidents shared by security researchers with ZDNet researchers over the past few months. These incidents take place only for a certain category of ransomware attacks — namely those carried out by

5887188088?profile=RESIZE_400xLike any profitable business model, ransomware gangs continue to innovate and increase their business.  Recently, reports have emerged of a collaboration between the Maze and Lockbit gangs, as well as the REvil, aka Sodinokibi, operators not leaking stolen data for free when victims do not pay, but instead auctioning it off to the highest bidder.

Here are some of the latest ransomware trends noted by cyber analysts: IR-20-164-002_Ransomware Trends.pdf

4304188497?profile=RESIZE_710xOur Friends at the FBI issued a cyber bulletin on 04 01 2020.  This was no April Fool's Joke, but a serious cyber warning on the Sodinokibi Ransomware (pic: tgsoft.it), also known as REvil, Bluebackground, or Sodin.  Red Sky Alliance / Wapack Labs was already researching this ransomware.  Last week, Jesse Burke our Chief of Special Operations, provided a brief on Sodinokibi Ransomware.  Look to your right (Did you miss the March Cyber Intelligence Briefing (CIB). Topics: Coronavirus Lures and Bu