Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 4 most recent headlines Filtered view
Bank Info Security 1 year, 8 months ago

BianLian Ransomware Gang Claims Heist of Pediatric Data

Boston Children's Health Physicians Says Incident Involved Unnamed IT VendorRansomware gang BianLian has listed Boston Children's Health Physicians - a pediatric group that practices in New York and Connecticut - on its dark web site, threatening to release stolen patient and employee data. The practice said the September incident involved an IT vendor.

Bank Info Security 1 year, 9 months ago

Ex-NCSC Chief: UK Cyber Incident Reporting a 'Good Step'

Cyber Security and Resilience Bill Includes 72-Hour Reporting Deadline, Hefty FinesThe U.K. government's proposed Cyber Security and Resilience Bill is a "good step forward" to encourage ransomware incident reporting, said Ciaran Martin, the former NCSC chief. But he said the success of the new regulations also hinges on the support mechanism for cyber victims.

Bank Info Security 1 year, 9 months ago

Breach Roundup: Brazilian Police Arrest USDoD

Also: Internet Archive Limps Back Online, Beware Kerbertoasing and Passkey TakeupThis week, Brazilian police arrested USDoD, Internet Archive is recovering, a Microsoft warning over Kerberoasting and of mounting phishing attacks, Google touted memory safety efforts, Volkswagen said no harm after ransomware attack, and Amazon reported over 175 million customers using passkeys.

Nearby Texas Tech University Health Sciences Center's IT Systems Also Still OfflineNearly three weeks after a ransomware attack, UMC Health System has restored electronic health records, but the Texas-based public health system is still working to recover other patient care IT systems. Nearby Texas Tech University Health Sciences Center is still dealing with a related outage.