Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

24 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 20 most recent headlines of 24 Filtered view

Project Mellissa Contributed Toward Disruptive ActionsA Dutch public and private sector anti-ransomware initiative has contributed to ransomware disruptions globally, found an assessment from the University of Leiden. "Project Melissa" was launched in 2023 by Cybersafe Netherlands, the Dutch National Cyber Security Center and security companies.

Bank Info Security 1 year, 7 months ago

Breach Roundup: Vodka Maker Bankrupt After Cyberattack

Also: Trinity Didn't Really Hack the Spanish Tax Agency, Law Firm KYL Reports BreachThis week, a vodka maker in bankruptcy cited its ransomware attack, no ransomware at the Spanish tax agency and cable cuttings in Finland. Data stolen from Japanese shoppers, Chemonics International and law firm KYL. A sweep of Asian cybercrime, trends in the U.K. and ENGlobal ransomware attack.

French Police Reportedly Detain Accused Ryuk Money Launder Ekaterina ZhdanovaAn international investigation led by the United Kingdom busted Russian money cash-for-crypto laundering networks in an operation that's led to the arrest of 84 individuals and U.S. sanctions against others. One of the network allegedly laundered extortion money paid to the Ryuk ransomware group.

Krebs on Security 1 year, 7 months ago

U.S. Offered $10M for Hacker Just Arrested by Russia

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as "Wazawaka," a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies.

Bank Info Security 1 year, 7 months ago

Russia Indicts Ransomware Hacker Wanted by the FBI

Suspected LockBit, Babuk Operator Mikhail Matveev Arrested in RussiaA prolific ransomware affiliate hacker and developer is facing criminal charges in Russia, Kremlin media reported Friday. Mikhail Pavlovich Matveev has been wanted by U.S. authorities since 2023 for his role in hacking activities as part of ransomware groups including LockBit, Hive and Babuk.

Loading more headlines...