9 Ransomware Enablers - and Tactics for Combating Them

Data Breach Today

Patch Management and Locking Down Remote Desktop Protocol Remain Essential Defenses Ransomware operations continue to thrive thanks to a vibrant cybercrime-as-a-service ecosystem designed to support all manner of online attacks.

Ransomware Gangs and the Name Game Distraction

Krebs on Security

It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation. Another ransomware family tied to Evil Corp.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Ransomware Group Debuts Searchable Victim Data

Krebs on Security

The latest innovation in ratcheting up the heat comes from the ALPHV/BlackCat ransomware group, which has traditionally published any stolen victim data on the Dark Web. ” A Little Sunshine Ransomware The Coming Storm ALPHV ransomware BlackCat ransomware Brett Callow Emsisoft

Ransomware’s Future: A Lucrative Money Spinner

Data Breach Today

Intel 471’s Michael DeBolt Says Anti-Ransomware Actions Will Take Time What is the future of ransomware, and is it going to continue with the same intensity of the last few years? But ransomware isn’t going away soon

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Through a detailed analysis of major attacks and their consequences, Karl Camilleri, Cloud Services Product Manager at phoenixNAP, will discuss the state of ransomware and future predictions, as well as provide best practices for attack prevention and recovery.

Ransomware’s Future: A Continuing Money Spinner

Data Breach Today

Intel 471’s Michael DeBolt Says Anti-Ransomware Actions Will Take Time What is the future of ransomware, and is it going to continue with the same intensity of the last few years? But ransomware isn’t going away soon

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. PWC’s timeline of the days leading up to the deployment of Conti ransomware on May 14.

How Criminals Are Weaponizing Leaked Ransomware Data

Data Breach Today

Accenture's Robert Boyce Advises Firms to Update Monitoring and Approval Processes Accenture analyzed the top 20 most active ransomware leak sites to see how threat actors are posting sensitive corporate information and making the data easy to search and exploit.

Why Are Ransomware Attacks Intensifying?

Data Breach Today

The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise.

Vendor Ransomware Breach Affects 942,000 Patients

Data Breach Today

Incident Is Among Latest Fallout From Attacks on Healthcare Sector Entities A New York-based practice management vendor has notified 28 healthcare entity clients and more than 942,000 of their patients that sensitive information was compromised in a ransomware attack in April.

Ransomware Prevention and Recovery

Learn how to protect your business data from the most disruptive malware currently in existence. This whitepaper will help you avoid becoming the victim of a data breach and ensure business continuity.

10 Mistakes Companies Make in Their Ransomware Responses

Dark Reading

Hit by ransomware? These missteps can take a bad scenario and make it even worse

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. “Ransomware has gathered a critical mass of nonsense, b t, hype, and fuss around it.

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Krebs on Security

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “ BlackCat “), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language.

Ransomware Leak Sites Attract More Attacks

Data Breach Today

Victims Often Attacked Simultaneously by Multiple Ransomware Groups Cybercriminals monitor leak sites for newly listed ransomware victims in a bid to try their own hand at dropping encryption malware, says Sophos.

Task Force Seeks to Disrupt Ransomware Payments

Krebs on Security

Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes.

Evolving Ransomware Threats on Healthcare

Data Breach Today

The Risks of Operating Legacy Technology with Limited Security Resources While healthcare as an industry is being most targeted by ransomware, health or medical clinics are by far the hardest hit

A Closer Look at the DarkSide Ransomware Gang

Krebs on Security

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe , stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. The DarkSide ransomware note.

Ransomware Ecosystem: Big-Name Brands Becoming a Liability

Data Breach Today

Midsized Businesses Are the New Frontier for Ransomware Demands Here's unwelcome ransomware news: When a ransomware victim chooses to pay a ransom, the average amount has increased to $228,125, reports ransomware incident response firm Coveware.

Wanted: Disgruntled Employees to Deploy Ransomware

Krebs on Security

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. ransomware-as-a-service gang actually includes a solicitation for insiders in the desktop wallpaper left behind on systems encrypted with the malware.

Strategies to Modernize Ransomware Response

Data Breach Today

Accenture's Robert Boyce on Adopting an Effective Communications Plan Accenture's new ransomware report reveals key challenges in executing an effective communications plan.

Ransomware Group Turns to Facebook Ads

Krebs on Security

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

Customer Care Giant TTEC Hit By Ransomware

Krebs on Security

TTEC , [ NASDAQ: TTEC ], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident resulting from a ransomware attack, KrebsOnSecurity has learned.

ENISA Report: Threat Landscape for Ransomware Attacks

Data Breach Today

Ifigeneia Lella of ENISA Calls Out Major Gaps in Incident Reporting ENISA’s new "Threat Landscape for Ransomware Attacks" report analyzes 623 ransomware incidents in the EU, U.K.

Bitdefender releases Universal LockerGoga ransomware decryptor

Security Affairs

Bitdefender has released a free decryptor to allow the victims of the LockerGoga ransomware to recover their files without paying a ransom. The LockerGoga ransomware operation has been active since January 2019, it targeted organizations worldwide, including the aluminum giant Norsk Hydro.

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc.

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers.

Ransomware Ecosystem: Big Changes Since Colonial Pipeline

Data Breach Today

The latest edition of the ISMG Security Report analyzes the changes in the ransomware landscape one year after the attack on Colonial Pipeline. It also revisits the Ryuk ransomware attack on a school district in Illinois and examines common culprits hindering effective Zero Trust adoption

The Ransomware Files, Ep. 10: Dr. Ransomware, Part 2

Data Breach Today

Is a practicing cardiologist living in Venezuela also a ransomware mastermind? The Ransomware Files" podcast looks at the evidence prosecutors claim Moises Luis Zagala Gonzalez is a cybercriminal polymath. But Zagala's wife says he is innocent and there's a reason for his predicament.

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Krebs on Security

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. penned a two-part analysis on why smart contracts will make ransomware more profitable.

Battling Ransomware in Healthcare

Data Breach Today

Errol Weiss Says Industry Lacks Resources to Improve Cybersecurity The healthcare industry continues to be targeted by ransomware gangs, but there are efforts underway to help improve the health sector's information security resiliency.

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Ransomware BleepingComputer Diebold Nixdorf Emsisoft Fabian Wosar Lawrence Abrams ProLock ransomware

Another Ransomware For Linux Likely In Development

Security Affairs

Uptycs researchers recently spotted a new Linux ransomware that appears to be under active development. The Uptycs Threat Research team recently observed an Executable and Linkable Format ( ELF ) ransomware which encrypts the files inside Linux systems based on the given folder path.

Ransomware: The Latest Chapter

Dark Reading

As ransomware attacks continue to evolve, beyond using security best practices organizations can build resiliency with extended detection and response solutions and fast response times to shut down attacks

Ransomware Gangs Don’t Need PR Help

Krebs on Security

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Ransomware ransomware

Ukrainian Police Nab Six Tied to CLOP Ransomware

Krebs on Security

Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims.

New Luna ransomware targets Windows, Linux and ESXi systems

Security Affairs

Kaspersky researchers discovered a new ransomware family written in Rust, named Luna, that targets Windows, Linux, and ESXi systems. Researchers from Kaspersky Lab detailed a new ransomware family named Luna, which is written in Rust and is able to target Windows, Linux, and ESXi systems.

FBI Issues Alert on Hive Ransomware

Data Breach Today

Uptick in Hive Ransomware Activity Spotted The US Federal Bureau of Investigation has issued a warning about Hive ransomware after the group took down Memorial Health System last week.

StrRAT Masquerades as Ransomware

Data Breach Today

Microsoft Says Spam Campaign Uses Updated Variant Microsoft is warning about a spam campaign that uses an updated variant of Java-based StrRAT malware that steals confidential data while disguising itself as a ransomware infection even though it does not actually encrypt data

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog.