Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Volume over time

Weekly headline count for the current query.

Showing 17 most recent headlines Filtered view

Angelo Martino exploited his insider position and fed confidential information to ransomware co-conspirators to extort a combined $75.3 million from five U.S.-based victims. The post Former DigitalMint ransomware negotiator who duped clients sentenced to 70 months in jail appeared first on CyberScoop.

Oleksii Lytvynenko, a 44-year-old Ukrainian national, admitted to joining the prolific cybercrime group in 2021. Officials said he engaged in cybercrime up until his arrest in Ireland in 2023. The post Conti ransomware group member pleads guilty, faces up to 20 years in prison appeared first on CyberScoop.

Fox Tempest, a financially-motivated threat group, allowed ransomware operators and other cybercriminals to slip malware-laced software past security controls. The post Microsoft disrupts cybercrime service that abused software verification systems en masse appeared first on CyberScoop.

A new report from Halcyon finds that the group also puts more effort than usual into developing working decryptors, likely to incentivize businesses to pay up.  The post Akira ransomware group can achieve initial access to data encryption in less than an hour appeared first on CyberScoop.

A federal court in Indiana sentenced a Russian cybercriminal to 81 months in prison on charges related to his role as an initial access broker for ransomware groups. Aleksei Volkov, 26, of St. Petersburg, Russia, pleaded guilty in November 2025 to six federal charges stemming from his work with the Yanluowang ransomware group and other […] The post Russian access broker sentenced to over 6 years in prison for ransomware schemes appeared first on CyberScoop.

Hackers have cut their attack timelines from weeks to hours while the government spreads resources too thin. We need to stop pretending we can protect everything and start focusing on what would hurt us most. The post We’ve seen ransomware cost American lives. Here’s what it will actually take to stop it. appeared first on CyberScoop.