Crimeware server used by NetWalker ransomware seized and shut down
The site was running from 2014 and allegedly raked in more than $20m, which the DOJ is seeking to claw back...
Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.
Search across headline titles and summaries.
Background for this topic.
Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.
Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.
Weekly headline count for the current query.
The site was running from 2014 and allegedly raked in more than $20m, which the DOJ is seeking to claw back...
When is a ransomware attack a reportable matter? And how long have you got to decide?
Technically, it's "up to $10 million", but it's potentially a LOT of money, nevertheless...
Lots to learn this week - listen now! (Full transcript inside.)
Get the full 360-degree view of ransomware
Another traitorous insider, busted by system logs that gave his game away.
"Up to $10 million for information that leads to the arrest and/or conviction of this defendant."
Devices seized, suspects interrogated and arrested, allegedly connected to devastating cyberattack on University Hospital in Düsseldorf.
Wondering which cybercrime tools, techniques and procedures to focus on? How about any and all of them?
To borrow from HHGttG, please DON'T PANIC. But if you are two years out of date with patches, please do ACT NOW!
Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum"...
Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...
Judge tells the accused that if he hadn't pleaded guilty, "I would have given you life."
NAS devices make it easy for anyone to add high-capacity file servers to their network. Guess why cybercrooks love NAS devices too...
"We paid the crooks to keep things under control and make a bad thing better"... isn't a valid excuse. Who knew?
Latest episode - listen now!
You might not like the headline statistics in this year's ransomware report... but that makes it even more important to take a look!
Fortunately, we're not talking about a robot revolution, or about hospital AI run amuck. But these bugs could lead to ransomware, or worse...
Some tips on how to keep your network safe - even (or perhaps especially!) if you think you're safe already.
The US Independence Day weekend of 2021 wasn't much of a holiday for cybersecurity staff. That was when the Kaseya attack unfolded...