Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more

Last Week in Ransomware: Week of July 26th

This week REvil Ransomware had a universal decryption key appear out of thin air and the US has accused China of ProxyLogon.
Michael Raymond
1 min read
Last updated March 3, 2022

In previous weeks we mentioned that the group behind the REvil ransomware attack has vanished from the internet, which makes it particularly surprising that a universal decryption key has been released this week. The key should allow all the victims that didn’t have backups to unlock their files. The mysterious appearance of this key has led to wild speculation including the possibility of the Russian government’s involvement or the payment of the $70 million Ransom.

The ProxyLogon attack also has an official attribution with the US government accusing China of creating the attack and using it to distribute ransomware including black Kingdom.

CBS has an interesting story on what they’re calling the ransomware cartel i.e. the groups known as Wizard Spider, Twisted Spider, Viking Spider, and LockBit, and their seeming collaboration.

Famous OSINT researcher Michael Bazzell also released a provocative blog post this week highlighting the personal impact ransomware can have.

The other big headlines of the week include a fake browser update being the demise of a financial institution and SonicWall is being used by HelloKitty. Thankfully in the case of the HelloKitty attack, it’s a known vulnerability with a patch so it’s a simple matter of upgrading firmware and shutting down end-of-life devices.

Ransomware Research

This week we have several new ransomware variants along with samples on virus total and even the ransom email for several.

Upcoming Security Conferences

Ransomware Live 2021 ( July 29 – 31)

This is the largest conference focused exclusively on the ransomware threat. It offers a great opportunity to grow your security knowledge and find new and innovative ways to protect your company.

BLACK HAT USA 2021 (July 31 – Aug 5)

Black hat is one of the largest annual security conferences. It’s the corporate version of Defcon and as such is a great opportunity to get face time with security professionals such as the Varonis team. Be sure to stop by our booth!

 

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

last-week-in-ransomware:-week-of-july-19th
Last Week in Ransomware: Week of July 19th
This past week hasn't seen quite as much activity as others, likely due to the new ransomware task force created in the US and the mysterious disappearance of REvil and other gangs.
last-week-in-ransomware:-week-of-june-28th
Last Week in Ransomware: Week of June 28th
Ransomware in the News If you’re a small or medium business using locally hosted cloud storage drives by a popular brand you need to disconnect them from the internet immediately....
last-week-in-ransomware:-week-of-july-5th
Last Week in Ransomware: Week of July 5th
Ransomware in the News Before we get to the major ransomware attack that occurred over the holiday weekend, let’s take a look at some of the other stories from the...
last-week-in-ransomware:-week-of-august-16th
Last Week in Ransomware: Week of August 16th
This week was a win with REvil and SynACK decryption keys being released, but also saw a rise in PrintNightmare use by ransomware gangs.