Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 3 most recent headlines Filtered view
Bank Info Security 2 years, 3 months ago

Breach Roundup: Omni Hotels Acknowledges Cyber Incident

Also: Insurer Predicts Ransomware for Cars, Offers to Cover Towing CostsThis week, Omni, OWASP and MarineMax suffered cyber incidents, Ivanti disclosed flaws, Cisco gave tips to stop password-spraying attacks, a court upheld an FCC ban, India rescued citizens in Cambodia, Americans lost $1.1 billion to impersonation scams, and an insurer introduced a cyber auto policy.

Bank Info Security 2 years, 3 months ago

Remote Desktop Protocol: An Active Adversary Special Report

What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground when it goes wrong? An Active Adversary Special ReportRemote Desktop Protocol (RDP) is commonly abused by ransomware groups. Here are methods on how we can provide context and advice for administrators and responders looking to deal with RDP.

Bank Info Security 2 years, 3 months ago

After Ransomware Hits, County Declares State of Emergency

Missouri County Blames Ransomware for IT Outages; Special Election Not DisruptedThe Missouri county of Jackson has declared a state of emergency after being hit by ransomware on the day of a special election. Officials said attackers didn't appear to have stolen any data and that as a cybersecurity measure, the county doesn't store any residents' sensitive financial data.