Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

27 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 20 most recent headlines of 27 Filtered view
Bank Info Security 10 months, 2 weeks ago

Breach Roundup: TransUnion Discloses Breach Affected 4.5M

Also: DSLRoot Turns Homes Into Proxies, Cyberattack Disrupts Swedish TownsThis week: TransUnion incident affects 4.5 million, DSLRoot residential proxies, Operation Serengeti 2.0, ZipLine campaign exploits contact forms, a cyberattack disrupts 200 Swedish municipalities, Maryland Transit Administration hit by ransomware, TAG-144 escalated attacks in South America.

Bank Info Security 10 months, 2 weeks ago

CISA Probes Nevada Cyber Breach Amid Surge in State Attacks

US Cyber Defense Agency Deploys Support to Nevada Following Ransomware IncidentThe Cybersecurity and Infrastructure Security Agency and FBI are aiding Nevada after a cyberattack disabled state services, exposing how local governments - amid surging ransomware, IT shortfalls and federal funding cuts - are increasingly reliant on strained national cyber defense resources.

'Many dozens' targeted in ongoing campaign, CheckPoint researcher tells The Reg Cybercriminals are targeting critical US manufacturers and supply-chain companies, looking to steal sensitive IP and other data while deploying ransomware. Their attack involves a novel twist on phishing — and a photo of White House butlers. …

Loading more headlines...