Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 4 most recent headlines Filtered view
Bank Info Security 2 years, 4 months ago

Banning Ransom Payments: Calls Grow to 'Figure Out' Approach

As Ransomware Disruption Mounts, More Experts Seek Path to Banning PaymentsAs ransomware groups are causing massive damage and disruption and showing no signs of stopping, cybersecurity policy expert Ciaran Martin said it's time for governments to start asking tough questions and "figure out how to make a ransomware payments ban work."

Bank Info Security 2 years, 4 months ago

EHRs Back at Kids' Hospital But Patient Portal Still Offline

Also: Ransomware Group Rhysida Says It Sold Data Stolen in the AttackA Chicago children's hospital has finally restored access to its electronic health records systems following a cyberattack detected in late January. But the pediatrics hospital is still working to bring its MyChart patient portal and various other systems back online.

Bank Info Security 2 years, 4 months ago

Ransomware Attacks on Critical Infrastructure Are Surging

FBI Says It Received Most Attack Reports From Healthcare, Critical ManufacturingCybercrime reports submitted by victims to the FBI's Internet Crime Complaint Center surged last year, and the total reported losses exceeded $12.5 billion. Investment fraud and business email compromise losses dominated, and ransomware attacks spared almost no critical infrastructure sector.

Bank Info Security 2 years, 4 months ago

BlackCat Ransomware Group 'Seizure' Appears to Be Exit Scam

Affiliate Claims Administrators Kept All $22 Million Paid by Change HealthcareThe administrators of the BlackCat ransomware-as-a-service group claim law enforcement has shut down their operation. But experts and affiliates accuse the group's leadership of running an exit scam on the heels of a $22 million ransom payment by a recent victim - Optum's Change Healthcare unit.