Skip to Content

Tag: Kaseya

REvil: Analysis of Competing Hypotheses

Until the 13th of July, 2021, things appeared to be going as expected with the threat actors behind REvil (AKA Sodinokibi) ransomware. Then, suddenly, the fairly public group vanished. With them disappeared their notorious “Happy Blog,” payment page, and other infrastructure that supported their ransomware and extortion operations. That same day, their primary representative was […]

REvil Ransomware: What’s Next?

When ransomware hits the news cycle, and even the non-cyber security folk have questions, you know it’s gone big. This time it’s REvil again, and we can’t seem to escape it. The entire security community has been on fire over the last few days looking at what’s going on with REvil, along with any journalist […]

Kaseya Ransomware Supply-Chain Attack: What We Know So Far

On 02 July 2021, details started to emerge of a sophisticated supply-chain attack targeting Kaseya VSA, virtual system administrator software used to manage and monitor customers’ infrastructure. Researchers initially attributed this attack to ransomware gang “REvil” (aka Sodinokibi), whose members claimed responsibility in a press release on their dark-web data-leak site, Happy Blog. Kaseya VSA […]