Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

35 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 20 most recent headlines of 35 Filtered view
Bank Info Security 2 years, 5 months ago

Cyber Fail: When Ransomware Gangs Get Careless

Also: Rampant App Vulnerabilities, Cloud Misconfiguration and Why CISOs MatterWelcome to "Cyber Fail," where our experts uncover fails so we can all strengthen our defenses. Today, we examine what happens when ransomware groups get careless, application developers' laissez-faire attitude toward vulnerabilities, and the security woes of a beleaguered crypto exchange.

Bank Info Security 2 years, 5 months ago

More Ransomware Victims Are Declining to Pay Extortionists

While Average Falls Below 30%, We're Still Far From Seeing Criminal Profits Dry UpThe number of victims who opt to pay a ransom appears to have declined to a record low. During the last three months of 2023, an average of 29% of organizations hit by ransomware paid a ransom - a notable shift from what ransomware watchers saw in recent years.

Bank Info Security 2 years, 5 months ago

FTC Blasts Blackbaud's 'Shoddy' Practices in Ransomware Hack

FTC Is Latest Agency to Rebuke Fundraising Firm for Lax Security in 2020 AttackThe Federal Trade Commission is the latest regulatory agency taking action against fundraising and customer relationship management software provider Blackbaud in the aftermath of a 2020 ransomware incident that compromised the data of tens of thousands of clients and millions of consumers.

Bank Info Security 2 years, 5 months ago

Breach Roundup: CIA Hacking Tool Leaker Gets 40 Years

Also: Cloudflare Was Hacked With Stolen Okta TokenThis week, former CIA programmer gets 40-year sentence, zero trust prevents widespread damage, possible ransomware attack in Georgia, alleged hacker detained in Ukraine, USB-spread malware in Italy, LockBit attack on non-bank home mortgage lender, and Ukrainian critical infrastructure disrupted.

Loading more headlines...