The FBI and law-enforcement partners kept secret the “Sodinokibi” (aka REvil) ransomware decryption key for almost three weeks after the Kaseya ransomware supply-chain attack of mid-2021. They cited an intention to prevent the Sodinokibi group’s discovery of a takedown operation; media outlets argue that an earlier release of the decryption key could have saved many victims time and money in their data recovery. Leading up to its contentious decision to withhold the key, the FBI likely weighed the value of collecting intelligence about Sodinokibi―and disrupting the group―against the needs of some victims. The media has called the decision unjust in hindsight, but without knowing the law-enforcement agencies’ full intentions, the best choice of action remains elusive.
Other content in this Stream
30:27This Webinar highlights the key research findings of the SPARK MATRIX Digital Risk Protection (DRP), 2021.
On this episode of ShadowTalk, the team covers Vulnerability Intelligence: Exploit-as-a-Service, Emotet’s return and a FBI fake emails campaign.
Well, here we are again. Another blog on a topic that’s often spoken about but little understood: cryptocurrency. Cryptocurrency-related decentralized ...
For this special edition of ShadowTalk, host Chris alongside Kim and Xue are covering the key takeaways from this year’s NCSAM and share several best-practice pieces released throughout the month.
Picture this: it’s a Monday morning, and you’ve just found out that a critical vulnerability was announced on your favorite ...
This guide outlines how to detect, analyze, and remediate data leakage–including a treasure chest of free tooling.
The European Union Agency for Cybersecurity (ENISA) has released its yearly threat landscape report, which contains some handy insights. The ...
As the end of the year approaches, it’s time once again to look at the initial access broker (IAB) activity ...
In this report, Digital Shadows’ Photon Team analyzed a data set of more than 175,000 impersonating domains raised to our clients over four months of 2021.
We have reached the end of another quarter, and it is time again for us to have a look back ...
This week's episode of Shadowtalk covers the Robinhood data leak, the NSO in US Appeals Court and Iranian-linked hackers that target ISPs.
This Solutions Guide to learn how to protect your organizations social footprint with the top Social Media Monitoring use cases Digital Shadows has identified.
This episode of ShadowTalks covers the GoDaddy Breach, MosesStaff Political Attacks, and how Conti Orchestrated the Emotet return.
Note: This blog is part of a three-blog series on Vulnerability Intelligence that accompanies the release of Digital Shadows’ latest ...
Black Friday represents a huge opportunity for consumers to purchase a range of items at cut-rate prices: Electrical items, furniture, ...