Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

23 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 20 most recent headlines of 23 Filtered view
Bank Info Security 1 year, 4 months ago

DeepSeek-R1 Can Almost Generate Malware

DeepSeek Comes Very Close to Producing a Keylogger and RansomwareSecurity researchers used the Chinese DeepSeek-R1 artificial intelligence reasoning model to come close to developing ransomware variants and keyloggers with evasion capabilities. The model needs prompt engineering and its output requires code editing.

Bank Info Security 1 year, 4 months ago

Suspected LockBit Ransomware Developer Extradited to US

Feds Accuse Dual Russian-Israeli National of Serving as Key Member of OperationAn accused developer for Russian-speaking ransomware group LockBit, 51-year-old Rostislav Panev, appeared in a U.S. courtroom after being extradited from Israel. The dual Russian and Israeli citizen faces a 41 count superseding criminal indictment charging him with being a key member of the group.

Bank Info Security 1 year, 4 months ago

Medusa Ransomware Turns Critical Infrastructure to Stone

FBI Ties Group to Triple-Extortion Tactics Involving Follow-On Ransom DemandsThe Medusa ransomware group has been continuing to pummel critical infrastructure sectors across America, warns a joint U.S. government alert. The FBI said the group's tactics include triple extortion, meaning it continues to shake victims down for a ransom, even after they've paid.

Feds warn gang still rampant and now cracked 300+ victims around the world A crook who distributes the Medusa ransomware tried to make a victim cough up three payments instead of the usual two, according to a government advisory on how to defend against the malware and the gangs who wield it.…

Loading more headlines...