Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 15 most recent headlines Filtered view
Bank Info Security 2 years, 3 months ago

Nursing Home Declares Bankruptcy, Blames Recent Cyberattacks

Also, Senate Bill Proposes Payment Relief for Firms Meeting Cyber 'Standards'A nursing home operator is seeking bankruptcy protection, citing the effects of a ransomware attack last fall and fallout from the recent Change Healthcare outage as factors that contributed to its financial woes. Also, a Senate bill aims to address cash flows for some health firms hit by an attack.

Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT

Bank Info Security 2 years, 3 months ago

Ransomware Groups: Trust Us. Uh, Don't.

Review of Attacks Finds Inconsistent Data Leaks and Victim Naming, Broken PromisesRansomware groups hope threats are enough to sway victims so they don't have to follow through. For victims who pay ransoms, the results are almost guaranteed to be less than advertised - more akin to buying a pig in a poke than a contractual guarantee of service.

Bank Info Security 2 years, 3 months ago

Ransomware Hackers May Be Exploiting Aiohttp Library Bug

The Python Library Flaw Allows Directory Traversal AttacksHackers who are possibly members of a criminal group affiliated with numerous ransomware-as-a-service operations are exploiting a directory traversal vulnerability in a Python library that allows unauthenticated remote attackers access to sensitive information from server files.

As ransomware becomes more sophisticated, detection tools should be upgraded to cover every site and location Sponsored Feature Ransomware gangs that steal and encrypt vital business data before extorting payment for its decryption and restoration are ramping up global attacks at an ever-increasing rate. In fact, cyber security experts agree that ransomware now represents one of - if not the most - serious cybersecurity threats currently facing governments, public/private sector organisations and enterprises around the world.…