article thumbnail

9 Ransomware Enablers - and Tactics for Combating Them

Data Breach Today

Patch Management and Locking Down Remote Desktop Protocol Remain Essential Defenses Ransomware operations continue to thrive thanks to a vibrant cybercrime-as-a-service ecosystem designed to support all manner of online attacks.

article thumbnail

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. “The minute you announce you’ve got a decryptor for some ransomware, they change up the code,” James said.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Ransomware Gangs and the Name Game Distraction

Krebs on Security

It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation. Another ransomware family tied to Evil Corp.

article thumbnail

10 Mistakes Companies Make in Their Ransomware Responses

Dark Reading

Hit by ransomware? These missteps can take a bad scenario and make it even worse

article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

article thumbnail

Ransomware Group Debuts Searchable Victim Data

Krebs on Security

The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web. ” A Little Sunshine Ransomware The Coming Storm ALPHV ransomware BlackCat ransomware Brett Callow Emsisoft

article thumbnail

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. “Ransomware has gathered a critical mass of nonsense, b t, hype, and fuss around it.

article thumbnail

Ransomware Attackers Don't Take Holidays

Data Breach Today

Cybereason's Sam Curry shares insight from the new study "Organizations at Risk: Ransomware Attackers Don’t Take Holidays Cybereason's Sam Curry on the Financial and Business Impact of After-Hours Strikes Cyberattackers love to strike on weekends and holidays - that's not news.

article thumbnail

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. PWC’s timeline of the days leading up to the deployment of Conti ransomware on May 14.

article thumbnail

Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue.

article thumbnail

Ransomware Prevention and Recovery

Learn how to protect your business data from the most disruptive malware currently in existence. This whitepaper will help you avoid becoming the victim of a data breach and ensure business continuity.

article thumbnail

A Closer Look at the DarkSide Ransomware Gang

Krebs on Security

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe , stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. The DarkSide ransomware note.

article thumbnail

FBI Seizes Hive Ransomware Servers in Multinational Takedown

Data Breach Today

Agents Infiltrated Hive in July 2022: 'We Hacked the Hackers,' Says DOJ Official The FBI penetrated the network of the Hive ransomware group, which has a history of attacking hospitals.

article thumbnail

Why Are Ransomware Attacks Intensifying?

Data Breach Today

The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise.

article thumbnail

Ransomware Profits Dip as Fewer Victims Pay Extortion

Data Breach Today

As Funding From Ransoms Goes Down, Gangs Embrace Re-Extortion, Researchers Warn Bad news for ransomware groups: Experts find it's getting tougher to earn a crypto-locking payday at the expense of others.

article thumbnail

Ransomware Attack Affects 1,000 Vessels Worldwide

Data Breach Today

Norway's DNV Shuts Down IT Servers, Investigates Attack A maker of software used to manage shipping vessel operations says it has shut down its servers after detecting a ransomware attack.

article thumbnail

Ransomware’s Future: A Lucrative Money Spinner

Data Breach Today

Intel 471’s Michael DeBolt Says Anti-Ransomware Actions Will Take Time What is the future of ransomware, and is it going to continue with the same intensity of the last few years? But ransomware isn’t going away soon

article thumbnail

Task Force Seeks to Disrupt Ransomware Payments

Krebs on Security

Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes.

article thumbnail

Ransomware’s Future: A Continuing Money Spinner

Data Breach Today

Intel 471’s Michael DeBolt Says Anti-Ransomware Actions Will Take Time What is the future of ransomware, and is it going to continue with the same intensity of the last few years? But ransomware isn’t going away soon

article thumbnail

Vendor Ransomware Breach Affects 942,000 Patients

Data Breach Today

Incident Is Among Latest Fallout From Attacks on Healthcare Sector Entities A New York-based practice management vendor has notified 28 healthcare entity clients and more than 942,000 of their patients that sensitive information was compromised in a ransomware attack in April.

article thumbnail

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language.

article thumbnail

Wanted: Disgruntled Employees to Deploy Ransomware

Krebs on Security

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. ransomware-as-a-service gang actually includes a solicitation for insiders in the desktop wallpaper left behind on systems encrypted with the malware.

article thumbnail

Ransomware Group Turns to Facebook Ads

Krebs on Security

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

article thumbnail

Why Ransomware Victims Avoid Calling It 'Ransomware'

Data Breach Today

The latest edition of the ISMG Security Report discusses why too few organizations admit to being victims of ransomware attacks, how delayed enterprise subscription start dates forced CrowdStrike to cut sales forecasts, and leveraging threat intelligence to protect critical infrastructure

article thumbnail

Rackspace Confirms Exchange Outage Caused by Ransomware

Data Breach Today

Companies Tells US SEC That the Incident Will Affect Revenue Ransomware lies behind the ongoing outage of hosted Exchange services at Rackspace, the company disclosed in a Tuesday update. The company did not disclose any particular ransomware actor.

article thumbnail

How Criminals Are Weaponizing Leaked Ransomware Data

Data Breach Today

Accenture's Robert Boyce Advises Firms to Update Monitoring and Approval Processes Accenture analyzed the top 20 most active ransomware leak sites to see how threat actors are posting sensitive corporate information and making the data easy to search and exploit.

article thumbnail

Ransomware Leak Sites Attract More Attacks

Data Breach Today

Victims Often Attacked Simultaneously by Multiple Ransomware Groups Cybercriminals monitor leak sites for newly listed ransomware victims in a bid to try their own hand at dropping encryption malware, says Sophos.

article thumbnail

Strategies to Modernize Ransomware Response

Data Breach Today

Accenture's Robert Boyce on Adopting an Effective Communications Plan Accenture's new ransomware report reveals key challenges in executing an effective communications plan.

article thumbnail

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc.

article thumbnail

Ontario Teachers’ Data Stolen in Ransomware Attack

Data Breach Today

Victims Notified of Ransomware Attack Six Months After the Incident A cyberattack on a Canadian teachers’ union gave thieves access to sensitive data of more than 60,000 members The union is yet to disclose the exact number of affected individuals, but stated that both former and current members are impacted.

article thumbnail

Battling Ransomware in Healthcare

Data Breach Today

Errol Weiss Says Industry Lacks Resources to Improve Cybersecurity The healthcare industry continues to be targeted by ransomware gangs, but there are efforts underway to help improve the health sector's information security resiliency.

article thumbnail

Ransomware Group Behind Victoria Fire Department Outage

Data Breach Today

Vice Society Claims Credit for Data Leak Affecting Current, Former Employees The Vice Society ransomware group today claimed responsibility for a December 2022 attack on an Australian state fire department that led to a widespread IT outage.

article thumbnail

Australia Initiates Global Ransomware Task Force Operations

Data Breach Today

Aim Is International Cooperation in Fight Against Digital Extortion Australia started operating an international ransomware task force to facilitate information sharing and best practices worldwide.

article thumbnail

Evolving Ransomware Threats on Healthcare

Data Breach Today

The Risks of Operating Legacy Technology with Limited Security Resources While healthcare as an industry is being most targeted by ransomware, health or medical clinics are by far the hardest hit

article thumbnail

Rackspace Warns of Phishing Attempts Post Ransomware

Data Breach Today

Class Action Lawsuit Filed Against Rackspace for Negligence Hosted services company Rackspace is warning customers about the increasing risk of phishing attacks following a ransomware attack causing ongoing outages to its hosted Exchange environment.

Phishing 221
article thumbnail

The Ransomware Files, Ep. 10: Dr. Ransomware, Part 2

Data Breach Today

Is a practicing cardiologist living in Venezuela also a ransomware mastermind? The Ransomware Files" podcast looks at the evidence prosecutors claim Moises Luis Zagala Gonzalez is a cybercriminal polymath. But Zagala's wife says he is innocent and there's a reason for his predicament.

article thumbnail

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Ransomware BleepingComputer Diebold Nixdorf Emsisoft Fabian Wosar Lawrence Abrams ProLock ransomware

article thumbnail

Customer Care Giant TTEC Hit By Ransomware

Krebs on Security

TTEC , [ NASDAQ: TTEC ], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident resulting from a ransomware attack, KrebsOnSecurity has learned.

article thumbnail

Ransomware Ecosystem: Big-Name Brands Becoming a Liability

Data Breach Today

Midsized Businesses Are the New Frontier for Ransomware Demands Here's unwelcome ransomware news: When a ransomware victim chooses to pay a ransom, the average amount has increased to $228,125, reports ransomware incident response firm Coveware.

article thumbnail

Ransomware-Wielding Criminals Increasingly Hit Healthcare

Data Breach Today

Sector Especially Vulnerable Due to Dispersed IT Footprint, Massive Records Storage Ransomware gangs rely on shotgun-style attacks using phishing or stolen remote access credentials to target individuals.