Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 5 most recent headlines Filtered view

Also: VPN Vulnerabilities Attract Hackers, Hackers Use Swiss Mail to Send MalwareThis week, Russia suspected in Balctic Sea cable sabotage, VPNs draw ransomware attackers and Swiss snail mail malware. An AI training company reported a cybertheft of $250,000 and a U.S. space firm reported a breach. Microsoft said it will pay $$$ for AI vulnerabilities and a MFA success story.

Bank Info Security 1 year, 7 months ago

Oklahoma Hospital Says Ransomware Hack Hits 133,000 People

Incident Is Among Growing List of Attacks on Small, Rural HospitalsAn Oklahoma hospital quickly restored its IT systems after a ransomware attack in September, but the 62-bed hospital could not recover some data and later learned that hackers may have accessed the personal information of 133,000 people. The attack is the latest involving a small rural hospital.

Firewall Vendor Warns Attackers Using Valid Credentials They Previously StoleAttackers wielding an emerging strain of ransomware called Helldown have been gaining a foothold in victims' networks by exploiting a previously unknown flaw in their Zyxel firewalls, security researchers warn. Zyxel has warned attackers may be using valid credentials they previously stole.

Bank Info Security 1 year, 7 months ago

Gang Shaking Down Pharmacy Group for Second Ransom Payment

Embargo Group Threatens to Leak Nearly 1.5TB of Drug Collaborative's DataRansomware group Embargo is threatening to publish nearly 1.5 terabytes of data allegedly stolen in an attack on American Associated Pharmacies, a collaborative of 2,000 independent pharmacies. The gang is shaking down AAP for the second installment of an alleged agreed-up ransom deal.

Bank Info Security 1 year, 7 months ago

Accused Phobos Ransomware Hacker in US Custody

Russian National Evgenii Ptitsyn Faces a 13 Criminal Count IndictmentA Russian national accused of working for a ransomware gang made his first appearance in federal court earlier this month after extradition from South Korea, the U.S. Department of Justice disclosed Monday. Evgenii Ptitsyn, 42, faces a 13 criminal count indictment.