Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

15 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 15 most recent headlines Filtered view
Bank Info Security 6 months, 4 weeks ago

MedStar Health Notifying Patients of Data Theft Breach

Ransomware Gang Rhysida Leaks 3.7TB of Data Stolen From Maryland Hospital SystemMaryland-based MedStar Health, which operates 10 hospitals, is notifying patients about a data theft incident affecting their personal information. Ransomware group Rhysida claims on its darkweb leak site to have 3.7 terabytes of MedStar's data, including "over 7 million pieces of patient data."

Bank Info Security 6 months, 4 weeks ago

Breach Roundup: Coupang Breach Sparks Leadership Shakeup

Also: Texas AG Sues Smart TV Manufacturers, Fortinet SSO FlawsThis week, a leadership shakeup at Coupang, attackers exploited critical Fortinet SSO flaws, Pornhub data hacked, Texas Attorney General Ken Paxton sued smart TV makers, auto finance provider 700Credit disclosed a breach affecting millions, A revived pro-Russia ransomware operation stumbled.

Bank Info Security 6 months, 4 weeks ago

Farm Forecast: Cloudy With a Chance of Hacking

Precision Agriculture Boost Yields but Opens Farmers to Cybersecurity RiskPrecision agriculture is transforming U.S. farming with sensors, drones and automation, boosting productivity yields. But growing digital dependence is also expanding the attack surface, exposing farms to ransomware, disruption and rising cybersecurity risk.

Security boffins warn flaw is now being used for ransomware attacks against live networks Microsoft says attackers have already compromised "several hundred machines across a diverse set of organizations" via the React2Shell flaw, using the access to execute code, deploy malware, and, in some cases, deliver ransomware.…

Cybercrime Gang Rhysida Still Lists the Practice on Its Leak Site Among Its VictimsA Kansas medical group will pay $1.2 million to settle proposed class action litigation involving an attack that compromised the sensitive data of nearly 256,000 individuals. The Rhysida ransomware operation claimed responsibility and said it stole 3 terabytes.

Ransomware groups are targeting hypervisors to maximize impact, allowing a single breach to encrypt dozens of virtual machines at once. Drawing on real-world incident data, Huntress explains how attackers exploit visibility gaps at the hypervisor layer and outlines steps orgs can take to harden virtualization infrastructure. [...]