Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 5 most recent headlines Filtered view
Bank Info Security 1 year, 10 months ago

RansomHub Hits Powered by Ex-Affiliates of LockBit, BlackCat

Feds Count Over 200 Known US Victims of Ransomware Group That Launched in FebruaryBeware a surge in attacks tied to a ransomware group called RansomHub that's recruited affiliates from down-or-out operations LockBit and BlackCat and successfully crypto-locked systems at more than 200 organizations nationwide, including critical infrastructure, the U.S. government warned.

New Reports and Joint Advisory Warn of Growing Cybersecurity Threats Linked to IranA joint advisory from the FBI and Cybersecurity and Infrastructure Security Agency, as well as reports published Wednesday by Microsoft and the Google-owned cybersecurity firm Mandiant, are all warning of emerging cybersecurity threats associated with the Iranian regime.

Bank Info Security 1 year, 10 months ago

McLaren Health: IT Operations Fully Back Online Post-Attack

Restoration Completed Days Ahead of Schedule But Still a Lot of Catch-Up Work to DoMcLaren Health says its IT systems are fully restored a few days earlier than expected, following an Aug. 6 ransomware attack that disrupted clinical and administrative operations at its 13 hospitals and other facilities. The Michigan-based entity had expected the recovery to last through August.

Bank Info Security 1 year, 10 months ago

Patelco Breach Affected 726,000 Customers, Employees

Ransomware Attackers Had Access to Data for More Than a MonthHackers stole the data of more 700 million current and former customers and employees of Patelco Credit Union in a monthlong ransomware attack detected in June, the California financial institution said. Not all 726,000 individuals victimized in the breach were equally affected.

Bank Info Security 1 year, 10 months ago

Ransomware Hackers Steal Medical Insurance Data of 1M People

Young Consulting Says Health Data Exposed; Ransomware Group Leaked Stolen DataYoung Consulting, which develops software for the stop-loss insurance market, is notifying 1 million individuals that their personal information was stolen earlier this year in a hack attack. The BlackSuit ransomware group, a rebrand of Royal, subsequently claimed credit and leaked stolen data.