Security news aggregator

Latest coverage for REvil

Coverage of REvil, a ransomware operation, includes reported incidents, technical analysis, disruption efforts, and defensive guidance.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

REvil, also known as Sodinokibi, is a ransomware family and associated cybercriminal operation first reported in 2019. Its documented campaigns encrypted files and systems for extortion; in some cases, operators also claimed to steal data and threaten its release. REvil was widely described as using a ransomware-as-a-service model, with malware and infrastructure supplied to affiliates. Reporting under this tag may cover incident investigations, malware analysis, alleged victims, leak-site activity, law-enforcement disruption, and recovery tools.

For defenders, REvil reporting is relevant to vulnerability management, threat intelligence, and response planning. Organizations should prioritize patching internet-facing systems, enforcing multifactor authentication, restricting administrative privileges, segmenting critical networks, and maintaining isolated, tested backups. If REvil-related activity is suspected, preserve logs and affected systems for investigation, determine whether data was accessed or exfiltrated, and assess privacy or regulatory notification duties alongside containment and recovery.

Volume over time

Weekly headline count for the current query.

Showing 12 most recent headlines Filtered view

If safety regulations are written in blood, what are security policies written in? Sweat and cursing? Australian health insurance company Medibank will take all of its IT systems offline and close its branches over the weekend as part of its ongoing efforts to improve security and recover from a massive data security breach in October.…

The Register 3 years, 9 months ago

Upstart Ransom Cartel linked to REvil veterans

Lesser of two REvils? There’s a relationship, say infosec bods, but not enough to say one evolved into the other It has been almost a year since the ransomware gang Ransom Cartel was first detected and the crew over that time has racked up a steady drumbeat of victims in such countries as the United States and France and from a broad array of industry sectors.…

The lesser of two REvils? There’s a relationship there, but not enough to say one evolved into the other It has been almost a year since the emerging ransomware gang Ransom Cartel was first detected and the group over that time has racked up a steady drumbeat of victims in such countries as the United States and France and from a broad array of industry sectors.…

Microsoft details this ransomware-as-a-service Two of the more prolific cybercriminal groups, which in the past have deployed such high-profile ransomware families as Conti, Ryuk, REvil and Hive, have started adopting the BlackCat ransomware-as-as-service (RaaS) offering.…

Months after arrests, gang – or someone mimicking them – now active The notorious REvil ransomware gang appears to have returned from the bowels of the dark web, three months after the arrest of 14 of its suspected members, with its old website forwarding to a new operation that lists both previous and fresh victims.…