First seen in 2019, REvil is now one of the most prolific ransomware-as-a-service groups. Initially, the group was mainly exploiting vulnerabilities in servers and critical assets of SMBs, while they added afterwards phishing campaigns and exploits kits to their initial access arsenal.
Discover our FLINT about REvil attack on Kaseya including
- An in-depth analysis of the attack
- Course of actions to prevent risks
- IoCs & Technical Details
- Tactics, Techniques & Procedures (ATT&CK)