Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 20 most recent headlines of 22 Filtered view

Amazon, Apple, Google, and Microsoft among major customers Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16 that continues to disrupt its business operations.…

Bank Info Security 10 months, 3 weeks ago

Dialysis Chain Tells Feds Hack Affects Nearly 2.7 Million

Stolen DaVita Data Leaked on Dark Web by Ransomware Gang InterlockMonths after cybercriminal gang Interlock claimed to have stolen more than 1.5 terabytes of patient data from kidney dialysis chain DaVita, the company told federal regulators that the cyberattack first disclosed in April has affected nearly 2.7 million people.

Crypto mines, BEC scams, fake passports, and a $300M fraud empire allegedly brought down during Serengeti 2.0 Interpol's latest clampdown on cybercrime resulted in 1,209 arrests across the African continent, from ransomware crooks to business email compromise (BEC) scammers, the agency says.…

Bank Info Security 10 months, 3 weeks ago

Drug R&D Firm's IT, Data Encrypted in Alleged Qilin Attack

Inotiv Inc. Tells SEC Some Business Operations Disrupted, No Recovery Date in SightInotiv, a drug research and development firm, told federal regulators that it's been dealing with a cyberattack since Aug. 8 that has encrypted some IT systems and data, and is disrupting certain business operations. Ransomware gang Qilin has listed the company as a victim on its dark website.

Trend Micro Research, News and Perspectives 10 months, 4 weeks ago

Warlock: From SharePoint Vulnerability Exploit to Enterprise Ransomware

Warlock ransomware exploits unpatched Microsoft SharePoint vulnerabilities to gain access, escalate privileges, steal credentials, move laterally, and deploy ransomware with data exfiltration across enterprise environments.

Bank Info Security 10 months, 4 weeks ago

Accounting Firm Pays Feds $175K for HIPAA Ransomware Breach

Settlement Includes Corrective Action Plan Focused on Improving Risk AnalysisAn investigation into a ransomware breach reported in 2020 as affecting the protected personal information of 170,000 people led to a $175,000 fine against a certified public accounting and consulting firm. Regulators also required the company to implement a corrective action plan in the settlement.

CRM Breach May Be Tied to Ongoing Scattered Spider and ShinyHunters CampaignCloud software giant Workday said its customer relationship management software has been breached and customer data stolen. The alert comes as attackers continue to pose as employees to trick help desks into giving them direct access to a victim's Salesforce CRM instance.

If you wanted to hurt Putin’s ransomware racketeers, these info-stealing npm packages are one way to do it Researchers at software supply chain security outfit Safety think they’ve found malware that targets Russian cryptocurrency developers, and perhaps therefore Russia’s state-linked ransomware crews…

Loading more headlines...