REvil/Sodinokibi: Between late evening Monday and Tuesday morning (June 2nd), the operators behind the REvil ransomware added a new and unique feature to their website: an auction page. Like many major ransomware groups, REvil operates a website for publicly shaming their victims as means to further “encourage” payment and cooperation from their victims. The addition of an auction site is a new but not wholly unexpected development at a time when ransomware operators seek to expand their means of financial gain from their victims. Currently, the auction page on REvil’s “Happy Blog” has two sale posts–one for a food distribution website and another for a Canadian crop production company. Both auctions are set to end in less than six days and currently have zero bids.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security