Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-04Bankinfo SecurityJeremy Kirk
@online{kirk:20220404:ransomware:168f0da, author = {Jeremy Kirk}, title = {{The Ransomware Files, Episode 6: Kaseya and REvil}}, date = {2022-04-04}, organization = {Bankinfo Security}, url = {https://www.bankinfosecurity.com/interviews/ransomware-files-episode-6-kaseya-revil-i-5045}, language = {English}, urldate = {2022-04-07} } The Ransomware Files, Episode 6: Kaseya and REvil
REvil
2021-11-08Department of JusticeDepartment of Justice
@online{justice:20211108:ukrainian:e3b0544, author = {Department of Justice}, title = {{Ukrainian Arrested and Charged with Ransomware Attack on Kaseya}}, date = {2021-11-08}, organization = {Department of Justice}, url = {https://www.justice.gov/opa/pr/ukrainian-arrested-and-charged-ransomware-attack-kaseya}, language = {English}, urldate = {2021-11-09} } Ukrainian Arrested and Charged with Ransomware Attack on Kaseya
REvil REvil
2021-11-08The RecordCatalin Cimpanu
@online{cimpanu:20211108:us:42947b7, author = {Catalin Cimpanu}, title = {{US arrests and charges Ukrainian man for Kaseya ransomware attack}}, date = {2021-11-08}, organization = {The Record}, url = {https://therecord.media/us-arrests-and-charges-ukrainian-man-for-kaseya-ransomware-attack/}, language = {English}, urldate = {2021-11-09} } US arrests and charges Ukrainian man for Kaseya ransomware attack
REvil REvil
2021-08-11BleepingComputerLawrence Abrams
@online{abrams:20210811:kaseyas:93f86e6, author = {Lawrence Abrams}, title = {{Kaseya's universal REvil decryption key leaked on a hacking forum}}, date = {2021-08-11}, organization = {BleepingComputer}, url = {https://www.bleepingcomputer.com/news/security/kaseyas-universal-revil-decryption-key-leaked-on-a-hacking-forum/}, language = {English}, urldate = {2021-08-16} } Kaseya's universal REvil decryption key leaked on a hacking forum
REvil
2021-08-10FlashpointFlashpoint
@online{flashpoint:20210810:revil:8be7760, author = {Flashpoint}, title = {{REvil Master Key for Kaseya Attack Posted to XSS}}, date = {2021-08-10}, organization = {Flashpoint}, url = {https://www.flashpoint-intel.com/blog/possible-universal-revil-master-key-posted-to-xss/}, language = {English}, urldate = {2021-08-11} } REvil Master Key for Kaseya Attack Posted to XSS
REvil
2021-07-27Youtube (SANS Institute)Katie Nickels, John Hammond
@online{nickels:20210727:sans:7432e9e, author = {Katie Nickels and John Hammond}, title = {{SANS Threat Analysis Rundown - Kaseya VSA attack}}, date = {2021-07-27}, organization = {Youtube (SANS Institute)}, url = {https://www.youtube.com/watch?v=tZVFMVm5GAk}, language = {English}, urldate = {2021-08-02} } SANS Threat Analysis Rundown - Kaseya VSA attack
REvil
2021-07-25Youtube (AhmedS Kasmani)AhmedS Kasmani
@online{kasmani:20210725:analysis:e1196c2, author = {AhmedS Kasmani}, title = {{Analysis of Malware from Kaseya/Revil Supply Chain attack.}}, date = {2021-07-25}, organization = {Youtube (AhmedS Kasmani)}, url = {https://www.youtube.com/watch?v=P8o6GItci5w}, language = {English}, urldate = {2021-08-02} } Analysis of Malware from Kaseya/Revil Supply Chain attack.
REvil
2021-07-22Bleeping ComputerLawrence Abrams
@online{abrams:20210722:kaseya:7ec0805, author = {Lawrence Abrams}, title = {{Kaseya obtains universal decryptor for REvil ransomware victims}}, date = {2021-07-22}, organization = {Bleeping Computer}, url = {https://www.bleepingcomputer.com/news/security/kaseya-obtains-universal-decryptor-for-revil-ransomware-victims/}, language = {English}, urldate = {2021-07-26} } Kaseya obtains universal decryptor for REvil ransomware victims
REvil
2021-07-20Huntress LabsJohn Hammond
@online{hammond:20210720:security:50ec27a, author = {John Hammond}, title = {{Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident}}, date = {2021-07-20}, organization = {Huntress Labs}, url = {https://www.huntress.com/blog/security-researchers-hunt-to-discover-origins-of-the-kaseya-vsa-mass-ransomware-incident}, language = {English}, urldate = {2021-07-26} } Security Researchers’ Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident
REvil
2021-07-15YouTube ( DuMp-GuY TrIcKsTeR)Jiří Vinopal
@online{vinopal:20210715:fast:b8dead4, author = {Jiří Vinopal}, title = {{Fast API resolving of REvil Ransomware related to Kaseya attack}}, date = {2021-07-15}, organization = {YouTube ( DuMp-GuY TrIcKsTeR)}, url = {https://www.youtube.com/watch?v=QYQQUUpU04s}, language = {English}, urldate = {2021-07-20} } Fast API resolving of REvil Ransomware related to Kaseya attack
REvil
2021-07-09Twitter (@SophosLabs)SophosLabs
@online{sophoslabs:20210709:speed:6f279b2, author = {SophosLabs}, title = {{Tweet on speed at which Kaseya REvil attack was conducted}}, date = {2021-07-09}, organization = {Twitter (@SophosLabs)}, url = {https://twitter.com/SophosLabs/status/1413616952313004040?s=20}, language = {English}, urldate = {2021-07-24} } Tweet on speed at which Kaseya REvil attack was conducted
REvil
2021-07-08GigamonJoe Slowik
@online{slowik:20210708:observations:21f913b, author = {Joe Slowik}, title = {{Observations and Recommendations from the Ongoing REvil-Kaseya Incident}}, date = {2021-07-08}, organization = {Gigamon}, url = {https://blog.gigamon.com/2021/07/08/observations-and-recommendations-from-the-ongoing-revil-kaseya-incident/}, language = {English}, urldate = {2021-07-12} } Observations and Recommendations from the Ongoing REvil-Kaseya Incident
REvil
2021-07-08Sekoiasekoia
@techreport{sekoia:20210708:kaseya:029b682, author = {sekoia}, title = {{Kaseya: Another Massive Heist by REvil}}, date = {2021-07-08}, institution = {Sekoia}, url = {https://f.hubspotusercontent10.net/hubfs/7095517/FLINT-Kaseya-Another%20Massive%20Heist%20by%20REvil.pdf}, language = {English}, urldate = {2021-09-20} } Kaseya: Another Massive Heist by REvil
REvil
2021-07-07CrowdStrikeKaran Sood, Liviu Arsene
@online{sood:20210707:how:84886a9, author = {Karan Sood and Liviu Arsene}, title = {{How CrowdStrike Falcon Stops REvil Ransomware Used in the Kaseya Attack}}, date = {2021-07-07}, organization = {CrowdStrike}, url = {https://www.crowdstrike.com/blog/how-crowdstrike-stops-revil-ransomware-from-kaseya-attack/}, language = {English}, urldate = {2021-07-19} } How CrowdStrike Falcon Stops REvil Ransomware Used in the Kaseya Attack
REvil
2021-07-07TrustwaveRodel Mendrez, Nikita Kazymirskyi
@online{mendrez:20210707:diving:1c04c81, author = {Rodel Mendrez and Nikita Kazymirskyi}, title = {{Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails}}, date = {2021-07-07}, organization = {Trustwave}, url = {https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/diving-deeper-into-the-kaseya-vsa-attack-revil-returns-and-other-hackers-are-riding-their-coattails/}, language = {English}, urldate = {2021-07-09} } Diving Deeper Into the Kaseya VSA Attack: REvil Returns and Other Hackers Are Riding Their Coattails
Cobalt Strike REvil
2021-07-07Twitter (@resecurity_com)Resecurity
@online{resecurity:20210707:revil:fb53320, author = {Resecurity}, title = {{Tweet REvil attack chain used against Kaseya}}, date = {2021-07-07}, organization = {Twitter (@resecurity_com)}, url = {https://twitter.com/resecurity_com/status/1412662343796813827}, language = {English}, urldate = {2021-07-24} } Tweet REvil attack chain used against Kaseya
REvil
2021-07-06CybereasonTom Fakterman
@online{fakterman:20210706:cybereason:1e0b80a, author = {Tom Fakterman}, title = {{Cybereason vs. REvil Ransomware: The Kaseya Chronicles}}, date = {2021-07-06}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs-revil-ransomware-the-kaseya-chronicles}, language = {English}, urldate = {2021-07-12} } Cybereason vs. REvil Ransomware: The Kaseya Chronicles
REvil
2021-07-06ZscalerZscaler
@online{zscaler:20210706:kaseya:17a776b, author = {Zscaler}, title = {{Kaseya Supply Chain Ransomware Attack - Technical Analysis of the REvil Payload}}, date = {2021-07-06}, organization = {Zscaler}, url = {https://www.zscaler.com/blogs/security-research/kaseya-supply-chain-ransomware-attack-technical-analysis-revil-payload}, language = {English}, urldate = {2021-08-02} } Kaseya Supply Chain Ransomware Attack - Technical Analysis of the REvil Payload
REvil
2021-07-06TRUESECAlexander Andersson
@online{andersson:20210706:how:5087e07, author = {Alexander Andersson}, title = {{How the Kaseya VSA Zero Day Exploit Worked}}, date = {2021-07-06}, organization = {TRUESEC}, url = {https://blog.truesec.com/2021/07/06/kaseya-vsa-zero-day-exploit}, language = {English}, urldate = {2021-07-20} } How the Kaseya VSA Zero Day Exploit Worked
REvil
2021-07-06Twitter (@_alex_il_)Alex Ilgayev
@online{ilgayev:20210706:revil:500a59e, author = {Alex Ilgayev}, title = {{Tweet on REvil ransomware actor using vulnerable defender executable in its infection flow in early may before Kaseya attack}}, date = {2021-07-06}, organization = {Twitter (@_alex_il_)}, url = {https://twitter.com/_alex_il_/status/1412403420217159694}, language = {English}, urldate = {2021-07-26} } Tweet on REvil ransomware actor using vulnerable defender executable in its infection flow in early may before Kaseya attack
REvil