In previous weeks we mentioned that the group behind the REvil ransomware attack has vanished from the internet, which makes it particularly surprising that a universal decryption key has been released this week. The key should allow all the victims that didn’t have backups to unlock their files. The mysterious appearance of this key has led to wild speculation including the possibility of the Russian government’s involvement or the payment of the $70 million Ransom.
The ProxyLogon attack also has an official attribution with the US government accusing China of creating the attack and using it to distribute ransomware including black Kingdom.
CBS has an interesting story on what they’re calling the ransomware cartel i.e. the groups known as Wizard Spider, Twisted Spider, Viking Spider, and LockBit, and their seeming collaboration.
Famous OSINT researcher Michael Bazzell also released a provocative blog post this week highlighting the personal impact ransomware can have.
The other big headlines of the week include a fake browser update being the demise of a financial institution and SonicWall is being used by HelloKitty. Thankfully in the case of the HelloKitty attack, it’s a known vulnerability with a patch so it’s a simple matter of upgrading firmware and shutting down end-of-life devices.
Ransomware Research
This week we have several new ransomware variants along with samples on virus total and even the ransom email for several.
- New Dharma Ransomware variants
- New Scarab Ransomware Variant
- New Stop Ransomware Variant
- New Ransomware
Upcoming Security Conferences
Ransomware Live 2021 ( July 29 – 31)
This is the largest conference focused exclusively on the ransomware threat. It offers a great opportunity to grow your security knowledge and find new and innovative ways to protect your company.
BLACK HAT USA 2021 (July 31 – Aug 5)
Black hat is one of the largest annual security conferences. It’s the corporate version of Defcon and as such is a great opportunity to get face time with security professionals such as the Varonis team. Be sure to stop by our booth!
What should I do now?
Below are three ways you can continue your journey to reduce data risk at your company:
Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.
See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.
Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.
