Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 15 most recent headlines Filtered view
Bank Info Security 1 year, 3 months ago

UK Home Office Ransom Ban Proposal Needs More Clarity

Cybersecurity Wonks Find Fault With Home Office Ransomware ProposalsA collection of British cybersecurity policy wonks poured cold water over a British government proposal to outlaw ransom payments by government agencies and from regulated operators of critical infrastructure. A ban wouldn't likely represent a significant blow to ransomware profits.

Also: 23andMe's Privacy Meltdown, Investors' $500M AI Bet on ReliaQuestIn this week's update, ISMG editors discussed the Trump administration's cybersecurity funding cuts and potential impact on state and local ransomware defense. 23andMe's bankruptcy and the FTC's stance on genetic data privacy, ReliaQuest's $500 million raise and what it means for AI-led SecOps.

Recovery's never been harder in today's tangled, outsourced infrastructure Comment Disaster recovery is getting tougher as IT estates sprawl across on-prem gear, public cloud, SaaS, and third-party ITaaS providers. And it's not floods or fires causing most outages anymore - ransomware now leads the pack, taking down systems faster than any natural disaster.…

Bank Info Security 1 year, 3 months ago

Medical Imaging Practice Notifying Patients of Recent Hack

Lawsuits Allege Cybercrime Gang Medusa Stole Data of 132,000 PeopleAn Arizona-based medical imaging practice with locations in 11 states is notifying patients that their data was compromised in a January cyberattack. Litigation filed against the company allege ransomware gang Medusa stole sensitive data pertaining to at least 132,000 people in the incident.

70% of Ransomware Incidents Trace to Attackers Simply Logging In, Researchers WarnHackers may have a reputation for wizardry, but researchers say two of their top tactics are entirely prosaic: exploiting known vulnerabilities in outdated networking gear to gain initial access, as well as using valid - albeit stolen - employee credentials and just logging in.