Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

17 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 17 most recent headlines Filtered view
Bank Info Security 1 year, 7 months ago

Victims Must Disclose Ransom Payments Under Australian Law

New Law Calls for Better Reporting, Securing Devices and Critical InfrastructureThe Australian government's proposed cybersecurity legislation passed both houses of the Parliament on Monday, formalizing the government's strategy to boost ransomware payment reporting, mandate basic cybersecurity standards for connected devices and enhance critical infrastructure security.

Blue Yonder Outage Causing Disruptions for Starbucks, Major Grocery Store ChainsMajor grocery store chains, Starbucks and other large organizations are experiencing disruptions following a ransomware attack against supply chain management service provider Blue Yonder. The provider said it's continuing to probe the attack and has no timeline for service restoration.

Bank Info Security 1 year, 7 months ago

Black Basta Ransomware Group Retools for Strategic Attacks

Social Engineering Moves Mirror Nation-State Groups' Tactics, Researchers SayThe Black Basta ransomware group has been refining its social engineering tactics to amass more victims despite escalating law enforcement disruptions, together with a shift to more "strategic, long-term planning" that security experts said suggests Russian state ties.