The Week in Ransomware - June 23rd 2023 - The Reddit Files
It was a relatively quiet week regarding ransomware news, with the BlackCat ransomware gang extorting Reddit and the ongoing MOVEit Transfer data breaches being the main focus. [...]
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
It was a relatively quiet week regarding ransomware news, with the BlackCat ransomware gang extorting Reddit and the ongoing MOVEit Transfer data breaches being the main focus. [...]
The ransomware operation behind a cyberattack on the University of Manchester has begun to email students, warning that their data will soon be leaked after an extortion demand was not paid. [...]
Ransomware encryption speed is crucial because it reduces the time available for an organization to react to a security breach. Included are six crucial steps for protecting your organization from the ever-increasing speed of ransomware attacks. [...]
Des Moines Public Schools, Iowa's largest school district, confirmed today that a ransomware attack was behind an incident that forced it to take all networked systems offline on January 9, 2023. [...]
A malware campaign is using fake OnlyFans content and adult lures to install a remote access trojan known as 'DcRAT,' allowing threat actors to steal data and credentials or deploy ransomware on the infected device. [...]
The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company. [...]
The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company. [...]