Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 17 most recent headlines Filtered view
Bank Info Security 2 years, 4 months ago

HHS OCR Tells Congress It Needs More Funding for HIPAA Work

Breaches and Complaints Continue to Soar as Regulatory Duties IncreaseAs the volume of major health data breaches rises, the federal agency charged with investigating those incidents told Congress this week that it lacks the needed funding to keep up with its mounting workload. The agency also separately announced its second ransomware HIPAA breach settlement.

Bank Info Security 2 years, 4 months ago

Attackers Rush to Exploit ScreenConnect Vulnerabilities

Ransomware, Info Stealers, Backdoors and CryptojackingHackers are on a tear to exploit unpatched ConnectWise ScreenConnect remote connection software to infect systems with ransomware, info stealers and persistent backdoors. The attacks observed by researchers include ransomware deployments tied to the now-defunct LockBit ransomware operation.

Bank Info Security 2 years, 4 months ago

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

With Over $1 Billion in Annual Proceeds, Don't Expect Attackers to Give Up the LifeOnce the dust settles on the LockBit disruption, what will be the state of ransomware? Expect attackers to continue refining their tactics for maximizing profits via a grab bag of complementary strategies, including crypto-locking shakedowns and data-theft extortion.

Bank Info Security 2 years, 4 months ago

No Big Reveal: Cops Don't Unmask LockBit's LockBitSupp

After Teasing 'Who is LockBitSupp,' Cops Say He's 'Engaged With Law Enforcement'"Who is LockBitSupp?" Police teased they would reveal the answer to that question Friday, but when the big reveal came, they disclosed very little, except to cryptically say the apparent member of the LockBit ransomware group's leadership team "has engaged with law enforcement."

Bank Info Security 2 years, 4 months ago

Who is LockBitSupp? Police Delay Promise to Reveal Identity

Officials Reschedule Big Reveal of LockBit Ransomware Group Leadership's IdentityWho is LockBitSupp? On Friday morning, when law enforcement promised to reveal the identity of the public mouthpiece of the LockBit ransomware-as-a-service operation they infiltrated and disrupted earlier this week, authorities instead announced a delay.

Bank Info Security 2 years, 4 months ago

Breach Roundup: More Fallout From the LockBit Takedown

Also: Avast Agrees to $16.5 Million Civil Penalty to Settle Privacy InvestigationThis week: more fallout from LockBit, Avast to pay $16.5M, Russia-linked group targeted mail servers, no indication that AT&T was hacked, analysis of a patched Apple flaw, Microsoft enhanced logging, an Android banking Trojan, North Korean hackers and a baking giant fell to ransomware.

Bank Info Security 2 years, 4 months ago

LockBit Group Prepared New Crypto-Locker Before Takedown

Numerous Impediments Remain If Administrators Attempt to Reboot the OperationThe notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being shut down, security researchers reported. Even so, experts say it's unlikely the group would be able to successfully reboot.

Bank Info Security 2 years, 4 months ago

LockBit Group Prepped New Crypto-Locker Before Takedown

Numerous Impediments Remain, Should Administrators Attempt to Reboot OperationThe notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being disrupted, security researchers report. Even so, experts say it's unlikely the group would be able to successfully reboot.

Bank Info Security 2 years, 4 months ago

LockBit Ransomware Group Building New Locker Before Takedown

Numerous Impediments Remain, Should Administrators Attempt to Reboot OperationThe notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being disrupted, security researchers report. Even so, experts say it's unlikely the group would be able to successfully reboot.

Bank Info Security 2 years, 4 months ago

Russia Announces Arrest of Medibank Hacker Tied to REvil

3 Suspects Charged With Using Sugar Ransomware, Phishing Attacks Against RussiansRussian authorities have reportedly arrested three accused members of the SugarLocker ransomware-as-a-service operation. Their alleged crime? Targeting Russians, although one suspect has also been tied to a massive hack of Australian health insurer Medibank and subsequent data leak.

Bank Info Security 2 years, 4 months ago

Arrests and Indictments in LockBit Crackdown

US, UK and European Authorities Seize Decryption Keys and Will Contact VictimsAn international law enforcement operation that infiltrated ransomware-as-a-service operation LockBit has resulted in arrests, indictments and the seizure of encryption keys that can be used to help victims recover their data. LockBit emerged in 2019 and was one of the largest ransomware operations.

Bank Info Security 2 years, 4 months ago

Broken LockBit: Ransomware Group Takedown Will Have Impact

Even if Group Reboots, Disruption Already Stands as a Success, Experts SayBlue Monday arrived late this year for the LockBit ransomware-as-a-service group, after an international coalition of law enforcement agencies seized swathes of its infrastructure. Security experts said even if the down-on-its-heels group reboots, the disruption already stands as a big win.

Bank Info Security 2 years, 4 months ago

LockBit Infrastructure Seized By US, UK Police

LockBit Ransomware Operations Is Latest to Fall in Series of TakedownsAn international law enforcement operation seized the infrastructure of Russian-speaking cybercriminal group LockBit, a prolific ransomware-as-a-service operation, marking the latest in a series of digital takedowns. The group’s dark web leak site now displays a seizure notice.

Bank Info Security 2 years, 4 months ago

LockBit Infrasttructure Seized By US, UK Police

LockBit Ransomware Operations Is Latest to Fall in Series of TakedownsAn international law enforcement operation seized the infrastructure of Russian-speaking cybercriminal group LockBit, a prolific ransomware-as-a-service operation, marking the latest in a series of digital takedowns. The group’s dark web leak site now displays a seizure notice.

Bank Info Security 2 years, 4 months ago

Ransomware Experts See Problems With Banning Ransom Payments

Would Criminals Care? Might Victims Still Pay? Would Hospitals Be Exempt?As the damage caused by ransomware and profits flowing to attackers reaches record levels, a panel of cybersecurity and policy experts reviewed what it might take to ban ransom payments and whether such a ban might take a bite out of cybercrime or have unwelcome consequences.