Security News > 2021 > July > The Week in Ransomware - July 2nd 2021 - MSPs under attack
Ransomware news has been steady this week with new tactics, decryptors, the return of ransomware gangs, and likely the largest single ransomware attack in history conducted Friday afternoon.
Finally, a sample of the new REvil Linux encryptor used to encrypt ESXi virtual machines was found, TrickBot is using a new Diavol ransomware, CISA released a new ransomware self-assessment tool, and a decryptor for Lorenz was released.
Kevin Beaumont found that the ransomware builder for the Babuk Ransomware was uploaded to VirusTotal.
June 29th 2021 HADES ransomware operators continue attacks Accenture Security assesses with a moderate-to-high level of confidence that a previously reported unknown threat group is now using multiple ransomware variants in cybercrime operations that have impacted at least seven victims.
Leaked Babuk Locker ransomware builder used in new attacks.
A massive REvil ransomware attack affects multiple managed service providers and their clients through a reported Kaseya supply-chain attack.
News URL
Related news
- City of Columbus: Data of 500,000 stolen in July ransomware attack (source)
- Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Halliburton reports $35 million loss after ransomware attack (source)
- New Ymir ransomware partners with RustyStealer in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems (source)
- Five backup lessons learned from the UnitedHealth ransomware attack (source)
- Mega US healthcare payments network restores system 9 months after ransomware attack (source)
- SafePay ransomware gang claims Microlise attack that disrupted prison van tracking (source)