Security news aggregator

Latest coverage for Ransomware

Ransomware encrypts or steals data to disrupt operations and extort victims, making backups, access controls, and incident response essential.

25 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Ransomware is malware used to deny access to systems or data, usually by encrypting files and demanding payment for decryption. Many operations also steal sensitive information and threaten to publish it, so an attack can create both an availability crisis and a privacy or disclosure risk. Initial access may involve phishing, stolen credentials, exposed remote services, or exploitation of unpatched vulnerabilities; attackers may then move through the network before deploying the payload.

Defenses should combine vulnerability management, phishing-resistant authentication where practical, endpoint and network monitoring, and backups that are isolated from routine administrator access and regularly tested for recovery. Organizations should also limit privileges and segment critical systems to reduce the blast radius. An incident requires rapid containment, preservation of forensic evidence, restoration from known-good backups, and assessment of notification, legal, and regulatory obligations. Threat intelligence can help identify relevant criminal infrastructure or tactics, but it does not replace sound access control, patching, detection, and recovery practices.

Showing 20 most recent headlines of 25 Filtered view
Bank Info Security 1 year, 4 months ago

'Termite' Gang Leaks Australian Fertility Clinic Records

Researchers: Ransomware Group Emerged Last Fall; Variant of Babuk MalwareA new ransomware gang, Termite, has started leaking on the dark web samples of sensitive data stolen in an attack on Australian fertility clinic Genea. A court has issued a restraining order in hopes of preventing the threat actor or others from further disseminating, using or publishing the data.

After Disrupting Ascension Health, Black Basta Forecast Reprisals From FBI, Moscow"We are pentesters, not murderers," ransomware group Black Basta claimed in its negotiations with victim Ascension Healthcare in May 2024, after its attack led to widespread disruptions and patient safety alerts. Leaked chat logs reveal the group feared resulting reprisals from the FBI and Moscow.

Also: U.S. Health Data Privacy Crackdowns, Reality vs. Hype of LLMs in SecurityIn this week's update, four editors with ISMG explore the crumbling state of ransomware group Black Basta and implications for other cybercrime gangs, the expanding impact of U.S. health data privacy laws, and whether large language models are truly what they seem.

Series A Investment Expands AI-Driven Cybersecurity and Threat DeflectionMimic got $50 million in Series A funding to expand its ransomware defense solutions. Backed by Google Ventures and Menlo Ventures, the company will enhance AI-driven threat detection, automate security for proprietary apps, and grow internationally to protect enterprises from ransomware attacks.

Bank Info Security 1 year, 4 months ago

Breach Roundup: US Army Officer Guilty of Selling Data

Also, AI Video Mocking Trump and Musk Disrupts HUD OfficesThis week, a U.S. Army soldier pleaded guilty, an AI video displayed to federal workers mocked Donald Trump and Elon Musk, a Saudi firm hit by ransomware, a new North Korean scam, hackers targeted Ukrainian notaries, CISA flagged two flaws, a botnet targeted Microsoft 365 and unpatched Ivanti VPNs.

Bank Info Security 1 year, 4 months ago

Ransomware Recovery Lessons Learned From Arnold Clark

Disruptive Data-Stealing Attackers Hit Vehicle Retail Giant Right Before ChristmasCyber resilience lessons learned: In the wake of a disruptive ransomware attack, the head of automotive retail giant Arnold Clark said continually practicing and refining the organization's resilience plan has driven its response time down from at least 12 hours, to just one or two.

Loading more headlines...