Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 5 most recent headlines Filtered view

AI is beefing up the cyber arsenals of both attackers and defenders Sponsored Feature Email is a popular target for cybercriminals, offering an easy way of launching an attack disguised as an innocent message. One moment of inattention on the part of the recipient and the door is open to malware, spam, phishing, perhaps even a dose of the dreaded ransomware. Entire organisations can suffer, not just individual victims.…

Microsoft blames Clop ransomware crew for theft of staff info British Airways, the BBC, and UK pharmacy chain Boots are among the companies whose data has been compromised after miscreants exploited a critical vulnerability in deployments of the MOVEit document-transfer app.…

Operators stay ahead of defenders with new access methods and C2 infrastructure The Qbot malware operation – which started more than a decade ago as banking trojan only to evolve into a backdoor and a delivery system for ransomware and other threats – continues to deftly adapt its techniques to stay ahead of security pros, according to a new report.…