Ransomware news has been steady this week with new tactics, decryptors, and the return of ransomware gangs. Friday afternoon, the REvil gang used a zero-day vulnerability in the Kaseya VSA management software to encrypt MSPs and their customers worldwide. The Babuk ransomware operation previously shut down after publishing the stolen data of Washington DC’s Metropolitan Police Department. A sample of the new REvil Linux encryptor used to encrypt ESXi virtual machines was found, TrickBot is using a new Diavol ransomware, CISA self-assessment tool, and a decryptor for Lorenz was released.
Source: https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-july-2nd-2021-msps-under-attack/