Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 8 most recent headlines Filtered view
Bank Info Security 1 year, 6 months ago

Biotech Firm to Pay $7.5M to Settle Lawsuit in 2023 Hack

Enzo Biochem Previously Paid Three States $4.5M in Fines for Same BreachBiotech firm Enzo Biochem has agreed to pay $7.5 million to settle a consolidated proposed class action lawsuit involving a 2023 ransomware attack affecting 2.5 million people. The company has already paid $4.5 million in fines to three state attorneys general for the same incident.

Also: Bringing AML and Fraud Programs Together; the Global AI Arms RaceIn this week's update, ISMG editors discussed a U.K. proposal to mandate ransomware payment reporting, tackling financial crime by bringing together fraud and AML teams, and the global AI arms race as countries compete to lead innovation while balancing regulation and ethics.

Bank Info Security 1 year, 6 months ago

Biden Boosts Sanctions Powers to Target Cyber Underground

Final Cybersecurity Executive Order Unlocks New Powers for Next AdministrationBiden’s final cybersecurity order expands sanctions authorities to better target ransomware hackers and the financial facilitators and infrastructure providers enabling their attacks, a White House official said Thursday, as the administration aims to disrupt the broader cybercrime ecosystem.

Bank Info Security 1 year, 6 months ago

Ransomware Leak Sites Suggest Attacks Reached Record High

RansomHub, Play and Akira Appear to Dominate; Numerous Newcomers Join the FrayWhile ransomware groups' data-leak sites regularly lie, if taken at face value, in December 2024 they collectively listed the largest number of victims ever seen in a one-month period, dominated by RansomHub, Play and Akira operations, plus a bevy of newcomers, researchers report.

Bank Info Security 1 year, 6 months ago

AI-Driven Ransomware Group Strikes 85 Victims

Amateurish Ransomware Group Doubles as HackstivistsCybersecurity researchers discovered an artificial intelligence-driven ransomware group that emerged at the end of last year and compromised more than 85 victims worldwide. The group uses double extortion, combining data theft with encryption.

Bank Info Security 1 year, 6 months ago

Ransomware Campaign Targets Amazon S3 Buckets

Threat Actor 'Codefinger' Targets Cloud EnvironmentsA ransomware group is targeting Amazon S3 buckets, exploiting the data stored there using AWS’s server-side encryption with customer keys and demanding a ransom in exchange for the encryption key needed to unlock the data. The group uses compromised or publicly exposed AWS account credentials.

Bank Info Security 1 year, 6 months ago

OneBlood Notifying Donors Affected by 2024 Ransomware Hack

Attack on Blood Center Spotlights Ongoing Supply Chain Risk in Healthcare SectorSix months after a ransomware attack temporarily crippled its blood donation and distribution activities, Florida-based nonprofit OneBlood is reporting a data breach to regulators that affected donors' personal information. Why is the incident reawakening healthcare supply chain concerns?

British Government Proposals Also Include Payment Bans for Critical InfrastructureBanning ransom payments by public sector and critical infrastructure entities, notifying the government of any intent to pay a ransom, and reporting incidents to authorities comprise three counter-ransomware initiatives proposed by the British government. Which ones will pass muster?