- Maze
- REvil
- Ryuk
¿Qué variantes de ransomware han ganado más dinero?
- Ryuk
¿Qué variante de ransomware ha afectado a más empresas?
- Maze
Fuente: RSA Conference2020
Maze
- FireEye Navigating the MAZE: Tactics, Techniques and Procedures Associated With MAZE Ransomware Incidents – May 2020
- BitDefender – A Technical Look into Maze Ransomware Whitepaper
- McAfee – Ransomware Maze – Mar 2020
- Preempt – Maze Ransomware Analysis and Protection
- IronNet Blog – Navigating Maze ransomware
- Crowdstrike – The Many Paths Through Maze – May 2020
- HHS Cybersecurity Program – 06/04/2020
- The National Cyber-Forensics and Training Alliance Whitepaper – December 02, 2019
- Maze Ransomware Campaign Spoofs Italian Revenue Agency Correspondence – Oct 2019
- ShieldX Maze Ransomware: Try Not to Be A’Maze’d – Nov 2018
- McAfee Labs Threat Advisory Ransomware-Maze – Feb 2020
- DSCI MAZE RANSOMWARE TECHNICAL REPORT – 2020
- Threat Actor TA2101 (ProofPoint) using Maze Ransomware to target Government and Commercial Entities – Jan 2020
- Cyberinit Cognizant Hit by MAZE Ransomware – Apr 2020
- Ransomware Attackers Use Your Cloud Backups Against You
Ryuk
- Malwation – RYUK Ransomware Technical Analysis Report – 2020
- LogPoint – Comprehensive Detection of Ryuk Ransomware – Nov 2020
- Red Canary – A Bazar start: How one hospital thwarted a Ryuk ransomware outbreak – Nov 2020
- Sophos – They’re back: inside a new Ryuk ransomware attack – Oct 2020
- DFIR Report – Ryuk’s Return – Oct 2020
- DFIR Report – Ryuk in 5 hours – Oct 2020
- VMware Carbon Black TAU: Ryuk Ransomware Technical Analysis – Feb 2020
- Red Canary – The Third Amigo: detecting Ryuk ransomware – Feb 2020
- FortiGuard Labs: Ryuk Revisited – Analysis of Recent Ryuk Attack – Mar 2020
- Checkpoint Research – Ryuk Ransomware: A Targeted Campaign Break-Down – Aug 2018
- Malware News – Analysis of Ryuk Ransomware – Dec 2019
- CISA Alert (TA17-132A) – Indicators Associated With WannaCry Ransomware – May 2017
- Security Literate – REVERSING RYUK: A TECHNICAL ANALYSIS OF RYUK RANSOMWARE – Apr 2020
- ZScaler – Examining the Ryuk Ransomware – Oct 2019
- Crowdstrike – Big Game Hunting with Ryuk: Another Lucrative Targeted Ransomware – Jan 2019
- HHS Cybersecurity Program – Ryuk Update – Jan 2020
- FBI Flash – Indicators of Compromise Associated with Ryuk Ransomware – May 2019
- Homeland Security and Emergency Services – Threat Report: Emotet, TrickBot, and Ryuk
- RANSOMWARE PLAYBOOK A Special Incident Response Guide for Handling Ryuk Ransomware (Triple-Threat) Attacks – Oct 2019
- Securonix Threat Research – Securonix Threat Research: Detecting High-Impact Targeted Cloud/MSP $14M+ Ryuk and REvil Ransomware Attacks – Jan 2020
- CIS – Security Primer – Ryuk
REvil (Sodinokibi)
- Cybereason – Sodinokibi: The Crown Prince of Ransomware – Aug 2019
- Secureworks – REvil/Sodinokibi Ransomware – Sep 2019
- REvil -SodinokibiTechnical analysis andThreat IntelligenceReport – 2019
- DarkTrace – Post-mortem of a targeted Sodinokibi ransomware attack – Feb 2020
- McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – What The Code Tells Us – Oct 2019
- BlackBerry ThreatVector Blog – Threat Spotlight: Sodinokibi Ransomware – Jul 2019
- A brief history and further technical analysis of Sodinokibi Ransomware – Jan 2020
- Acronis – Taking Deep Dive into Sodinokibi Ransomware
- Cisco Talos – Sodinokibi ransomware exploits WebLogic Server vulnerability – Apr 2019
- Sodinokibi Analysis Process
- Cynet Labs – Ransomware Never Dies – Analysis of New Sodinokibi Ransomware Variant – Jul 2019
- KPN – Tracking REvil
- Intel471 – REvil Ransomware-as-a-Service – An analysis of a ransomware affiliate operation – Mar 2020
- SISA – REvil RANSOMWARE – May 2020
- Tesorion – A connection between the Sodinokibi and GandCrab ransomware families?
- Sodinokibi: Ransomware Attackers also Scanning for PoS Software, Leveraging Cobalt Strike – Jun 2020
- McAfee Labs Threat Advisory Ransomware-Sodinokibi – Apr 2020
- Arete – Sodinokibi Ransomware 2020
- Securonix Threat Research:Detecting High-Impact Targeted Cloud/MSP $14M+ Ryuk and REvil Ransomware Attacks – Jan 2020
- Zdnet – REvil ransomware gang launches auction site to sell stolen data – 2020