×

Register to Access Intelligence Summary

First Name
Last Name
Job Title
Company
Country
State
Thank you!
Error - something went wrong!
   

Weekly Intelligence Summary 8th Oct

The FBI and law-enforcement partners kept secret the “Sodinokibi” (aka REvil) ransomware decryption key for almost three weeks after the Kaseya ransomware supply-chain attack of mid-2021. They cited an intention to prevent the Sodinokibi group’s discovery of a takedown operation; media outlets argue that an earlier release of the decryption key could have saved many victims time and money in their data recovery. Leading up to its contentious decision to withhold the key, the FBI likely weighed the value of collecting intelligence about Sodinokibi―and disrupting the group―against the needs of some victims. The media has called the decision unjust in hindsight, but without knowing the law-enforcement agencies’ full intentions, the best choice of action remains elusive.

Previous Post
Threat Intelligence Can Be Noisy: SearchLight Helps
Threat Intelligence Can Be Noisy: SearchLight Helps

Let’s start with a scenario. You’ve finally convinced the business to begin the journey of building up a th...

Next Post
Weekly: Twitch Hack, Facebook blackout, and Pandora Papers
Weekly: Twitch Hack, Facebook blackout, and Pandora Papers

This ShadowTalk covers the Twitch hack, Facebook takes a day off, Ransomware roundup - revelations from REv...

×

Threat Intel Fan?

Sign up below to get our TI updates delivered to your inbox!

First Name
Last Name
Company
Country
State- optional
Job Title
Thank you!
Error - something went wrong!