Security news aggregator

Latest coverage for Ransom

Ransom-related coverage examines extortion demands, data theft, and disruption caused when attackers lock or threaten to expose systems.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malicious software that disrupts access to systems or data, typically by encrypting files, to pressure a victim into paying. Modern campaigns may also steal data and threaten to publish it, making the demand a form of extortion even when encryption is unsuccessful. Common access routes include phishing, exposed remote services, stolen credentials, and unpatched vulnerabilities, though no single route is universal.

Important safeguards include regularly tested, offline or otherwise isolated backups; multifactor authentication and least-privilege access; network segmentation; and timely remediation of known, internet-facing vulnerabilities. During an incident, organizations should isolate affected systems, preserve evidence, identify the scope of compromise, and coordinate recovery and legal or regulatory decisions. Payment does not guarantee data recovery or deletion. Threat intelligence may help identify associated infrastructure or available decryptors, while documented recovery plans reduce dependence on an attacker’s demands.

Showing 3 most recent headlines Filtered view
Bank Info Security 2 years, 1 month ago

LockBit Publishes Data Stolen in London Drugs Attack

Canadian Retail Pharmacy Chain Says It's Reviewing Exposed Data on Gang's Leak SiteLockBit has begun to leak on its dark web site files of data the Russian-speaking cybercriminal gang claims to have stolen in an April attack on London Drugs. The group had threatened to publish the exfiltrated data if the Canadian retail pharmacy chain does not pay a $25 million ransom demand.

Bank Info Security 2 years, 1 month ago

LockBit Demands $25M Ransom from Canadian Drug Store Chain

Threatens to Leak Stolen Data; Attack Temporarily Shut Down Retail Pharmacy StoresLockBit cybercriminals demanded a $25 million ransom from Canadian pharmacy retail chain London Drugs following an attack detected in late April that forced the company to temporarily close its 79 stores across western Canada for more than a week.