The FBI and law-enforcement partners kept secret the “Sodinokibi” (aka REvil) ransomware decryption key for almost three weeks after the Kaseya ransomware supply-chain attack of mid-2021. They cited an intention to prevent the Sodinokibi group’s discovery of a takedown operation; media outlets argue that an earlier release of the decryption key could have saved many victims time and money in their data recovery. Leading up to its contentious decision to withhold the key, the FBI likely weighed the value of collecting intelligence about Sodinokibi―and disrupting the group―against the needs of some victims. The media has called the decision unjust in hindsight, but without knowing the law-enforcement agencies’ full intentions, the best choice of action remains elusive.
Most Recent Flipbooks
The US government has issued an alert about the Iran-linked "MuddyWater" advanced persistent threat group
Microsoft has announced plans to restrict its product users' ability to manually enable macros in several Office documents
A recent attack showed the potential of cyber-threat activity when used by a nation-state for coercion.
The FBI has warned of a recent surge in cyber attacks that use quick response (QR) codes.
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022