Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

35 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 20 most recent headlines of 35 Filtered view
Bank Info Security 1 year, 9 months ago

Russia Arrests 100 in Cryptex Crypto Exchange Crackdown

US-Sanctioned Crypto Exchange Founder Sergey Ivanov Included in Sweeping ArrestsRussia’s primary federal investigative agency announced a rare and sweeping investigation into the United States-sanctioned cryptocurrency exchange Cryptex and other platforms used to carry out illegal transactions and launder millions from ransomware groups.

Bank Info Security 1 year, 9 months ago

Medical Group Pays $240K Fine for 3 Ransomware Attacks

Nonprofit Group Hit 3 Times in 3 Weeks in 2018, Affecting PHI of 85,000 PatientsFederal regulators have hit a California physician services organization with a $240,000 HIPAA civil penalty following an investigation into three ransomware attacks that occurred within a three-week span in early 2018, compromising the sensitive information of 85,000 patients.

Bank Info Security 1 year, 9 months ago

ENISA 2024: Ransomware and AI Are Posing New Cyberthreats

ENISA's Ifigeneia Lella Shares Highlights of 2024 Threat Landscape ReportWhile the number of ransomware attacks stayed about the same in the past year, cybercriminals are using more effective tactics such as weaponizing breach disclosure deadlines to extract higher ransoms, according to ENISA's 2024 Threat Landscape report.

Crooks 'like a sysadmin, with a malicious slant' Exclusive An extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022, according to Cisco Talos, which recently discovered a "substantial" Windows credential data dump that sheds light on the criminal and their victims.…

Counter Ransomware Group Focuses on Timely Reporting, Avoiding Paying the RansomNew voluntary ransomware guidance released during the International Counter Ransomware Initiative meeting this week calls for victims to report attacks to law enforcement on a more timely basis - and involve more advisors in deciding whether to pay a ransom.

With 14 serious security flaws found, what a gift for spies and crooks Fourteen bugs in DrayTek routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating — could be abused by crooks looking to seize control of the equipment to then steal sensitive data, deploy ransomware, and launch denial-of-service attacks.…

Loading more headlines...