Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

55 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 20 most recent headlines of 55 Filtered view
Bank Info Security 2 years, 4 months ago

Binance Restricts 85 LockBit Crypto Wallets

Authorities Uncover 30,000 LockBit Bitcoin AddressesCryptocurrency trading platform Binance restricted access to 85 accounts as part of an action against the LockBit ransomware affiliates, and authorities estimated that members of the now-defunct ransomware-as-a-service operation had pocketed "hundreds of millions" in ransom.

Bank Info Security 2 years, 4 months ago

HHS OCR Tells Congress It Needs More Funding for HIPAA Work

Breaches and Complaints Continue to Soar as Regulatory Duties IncreaseAs the volume of major health data breaches rises, the federal agency charged with investigating those incidents told Congress this week that it lacks the needed funding to keep up with its mounting workload. The agency also separately announced its second ransomware HIPAA breach settlement.

Bank Info Security 2 years, 4 months ago

Attackers Rush to Exploit ScreenConnect Vulnerabilities

Ransomware, Info Stealers, Backdoors and CryptojackingHackers are on a tear to exploit unpatched ConnectWise ScreenConnect remote connection software to infect systems with ransomware, info stealers and persistent backdoors. The attacks observed by researchers include ransomware deployments tied to the now-defunct LockBit ransomware operation.

Bank Info Security 2 years, 4 months ago

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

With Over $1 Billion in Annual Proceeds, Don't Expect Attackers to Give Up the LifeOnce the dust settles on the LockBit disruption, what will be the state of ransomware? Expect attackers to continue refining their tactics for maximizing profits via a grab bag of complementary strategies, including crypto-locking shakedowns and data-theft extortion.

Bank Info Security 2 years, 4 months ago

No Big Reveal: Cops Don't Unmask LockBit's LockBitSupp

After Teasing 'Who is LockBitSupp,' Cops Say He's 'Engaged With Law Enforcement'"Who is LockBitSupp?" Police teased they would reveal the answer to that question Friday, but when the big reveal came, they disclosed very little, except to cryptically say the apparent member of the LockBit ransomware group's leadership team "has engaged with law enforcement."

Bank Info Security 2 years, 4 months ago

Who is LockBitSupp? Police Delay Promise to Reveal Identity

Officials Reschedule Big Reveal of LockBit Ransomware Group Leadership's IdentityWho is LockBitSupp? On Friday morning, when law enforcement promised to reveal the identity of the public mouthpiece of the LockBit ransomware-as-a-service operation they infiltrated and disrupted earlier this week, authorities instead announced a delay.

Bank Info Security 2 years, 4 months ago

Breach Roundup: More Fallout From the LockBit Takedown

Also: Avast Agrees to $16.5 Million Civil Penalty to Settle Privacy InvestigationThis week: more fallout from LockBit, Avast to pay $16.5M, Russia-linked group targeted mail servers, no indication that AT&T was hacked, analysis of a patched Apple flaw, Microsoft enhanced logging, an Android banking Trojan, North Korean hackers and a baking giant fell to ransomware.

Bank Info Security 2 years, 4 months ago

LockBit Group Prepared New Crypto-Locker Before Takedown

Numerous Impediments Remain If Administrators Attempt to Reboot the OperationThe notorious ransomware-as-a-service group LockBit, disrupted by law enforcement this week, was developing a new version of its crypto-locking malware prior to being shut down, security researchers reported. Even so, experts say it's unlikely the group would be able to successfully reboot.

Loading more headlines...