Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

28 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 20 most recent headlines of 28 Filtered view
Bank Info Security 2 years, 4 months ago

Ransomware Groups' Data Leak Blogs Lie: Stop Trusting Them

Don't Let the Quest for Data Lead You to Amplify What Criminals Might Be ClaimingFor the love of humanity, please stop playing into ransomware groups' hands by treating their data leak blogs as reliable sources of information and then using them to build lists of who's amassed the most victims. That's not what data leak sites actually document.

The Register 2 years, 4 months ago

LockBit ransomware kingpin gets 4 years behind bars

Canadian said to have turned to a life of cybercrime during pandemic, now must pay the price – literally A LockBit ransomware kingpin has been sentenced to almost four years behind bars and ordered to pay more than CA$860,000 ($635,000, £500,000) in restitution to some of his victims by a Canadian court as he awaits extradition to the US.…

Akira ransomware crooks brag of swiping thousands of ID documents during break-in Over the next few weeks, Nissan Oceania will make contact with around 100,000 people in Australia and New Zealand whose data was pilfered in a December 2023 attack on its systems – perhaps by the Akira ransomware gang.…

Akira ransomware crooks brag of stealing thousands of ID documents during break-in Over the next few weeks, Nissan Oceania will make contact with around 100,000 people in Australia and New Zealand whose data was pilfered in a December 2023 attack on its systems – perhaps by the Akira ransomware gang.…

Bank Info Security 2 years, 4 months ago

Hackers Hiding Keylogger, RAT Malware in SVG Image Files

New Campaign Evades Security Tools to Deliver Agent Tesla Keylogger and XWorm RATThreat actors are using image files or Scalable Vector Graphics files to deliver ransomware, download banking Trojans or distribute malware. The campaign uses an open-source tool, AutoSmuggle, to facilitate the delivery of malicious files through SVG or HTML files.

Bank Info Security 2 years, 4 months ago

Canada Sentences LockBit Hacker Mikhail Vasiliev to 4 Years

Dual Canadian-Russian National Also Agrees to US ExtraditionLockBit ransomware affiliate Mikhail Vasiliev on Tuesday received a nearly four-year prison sentence in Canada and consented to extradition to the United States, where he faces charges of conspiracy to commit computer intrusion. He must also pay CA$860,000 in restitution to his Canadian victims.

Bank Info Security 2 years, 4 months ago

Ransomware Talent Surges to Akira After LockBit's Demise

US Healthcare Entities Are Firmly in Akira Ransomware Group's Sights, Expert WarnsRansomware groups may come and go, but often it's only in name, as the individuals involved will move on to power whatever group remains a going concern. Cue a reported flow of top talent from LockBit, which was recently disrupted by law enforcement, to Akira, which is apparently alive and well.

Loading more headlines...