Expert insights. Personalized for you.
Malware Designed To Attack Linux Hosts With ChaChi Backdoor The Pysa ransomware gang has created a new Linux version of its malware designed to target Linux hosts with the ChaChi backdoor, using its Windows counterpart's characteristics, according to a new report MORE
The Agency Will Elevate the Role of National Central Bureaus to Fight Cybercrimes Interpol has announced that it will boost the role of country-specific National Central Bureaus to fight ransomware and other cybercrimes. MORE
Janine Darling, the founder and CEO of STASH Global, discusses the pervasive and persistent problem of ransomware and how to mitigate the risks MORE
Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S. MORE
Biden Orders Federal Ransomware Task Force to Coordinate Federal Investigations The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place. MORE
278 Patch Management and Locking Down Remote Desktop Protocol Remain Essential Defenses Ransomware operations continue to thrive thanks to a vibrant cybercrime-as-a-service ecosystem designed to support all manner of online attacks. MORE
Fewer Victims Paying Attackers Simply to Delete Stolen Data, Coveware Reports Good news on the ransomware front: The average ransom paid by a victim dropped by 38% from Q1 to Q2, reaching $136,576, reports ransomware incident response firm Coveware. MORE
285 
The ransomware gang LockBit took credit for the attack LockBit Takes Credit for the Incident on Its Darknet Website The consultancy Accenture, which offers cybersecurity services, confirmed Wednesday it had been hit by a cyber incident. MORE
Researchers Analyze the Severe Threat the Malware Poses Conti ransomware, which emerged eight months ago, poses a severe threat, according to Cybereason's Nocturnus Team, which offers an in-depth analysis of how the malware works MORE
218 
Classes Canceled as the University's IT Staff Repairs Damage Howard University canceled classes Tuesday in the wake of a ransomware attack it first detected on Friday, the university has announced. MORE
TTEC , [ NASDAQ: TTEC ], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident resulting from a ransomware attack, KrebsOnSecurity has learned. MORE
Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Ransomware BleepingComputer Diebold Nixdorf Emsisoft Fabian Wosar Lawrence Abrams ProLock ransomware MORE
Fresh Ransomware-as-a-Service Operations Seek Affiliates for Extorting New Victims After a string of high-profile hits, many of the largest and most notorious ransomware operations recently disappeared. MORE
249 Expert: More Likely, an Affiliate Has Repurposed REvil's Crypto-Locking Malware Has the REvil ransomware operation come storming back? MORE
232 The latest edition of the ISMG Security Report features an analysis of the Avaddon ransomware gang's retirement and the crackdown on the Clop ransomware gang in Ukraine. Also featured: Bitcoin as ally in the ransomware battle; strengthening U.S. MORE
Uptick in Hive Ransomware Activity Spotted The US Federal Bureau of Investigation has issued a warning about Hive ransomware after the group took down Memorial Health System last week. MORE
285 VMware ESXi Servers Targeted by Crypto-Locking Malware, MalwareHunterTeam Warns The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VmWare's ESXi servers hosting virtual machines, according to MalwareHunterTeam. MORE
Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes. MORE
Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown. MORE
This edition of the ISMG Security Report features three segments on battling ransomware. MORE
Researchers at Tesorion released a decryptor for Judge ransomware that also decrypts files encrypted by the NoCry ransomware. In January this year, we published a blog post on our analysis of the Judge ransomware. SecurityAffairs – hacking, NoCry ransomware). MORE
More Major Incidents Added to the 'Wall of Shame' Several ransomware incidents have been added to the federal tally of major health data breaches in recent weeks, with no signs of these attacks abating MORE
It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation. Another ransomware family tied to Evil Corp. MORE
Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. ransomware-as-a-service gang actually includes a solicitation for insiders in the desktop wallpaper left behind on systems encrypted with the malware. MORE
NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc. MORE
Australia Regulator Says Such Breaches Are Likely Underreported Australia's data regulator says organizations hit by ransomware may be underreporting data breaches because they haven't thoroughly figured out if data was taken. MORE
The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe , stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. The DarkSide ransomware note. MORE
Hit by ransomware? These missteps can take a bad scenario and make it even worse MORE
Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident. Olympus issued a statement to announce that its European, Middle East and Africa computer network was hit by a ransomware attack. MORE
Affiliate-Driven Approach and Regular Malware Refinements Are Key, Experts Say REvil, aka Sodinokibi, is one of today's most notorious - and profitable - ransomware operations, driven by highly skilled affiliates who share profits with the operators. MORE
Also: Update on NIST 'Zero Trust' Initiative In the latest weekly update, three editors at Information Security Media Group discuss important cybersecurity issues, including the latest ransomware trends, plus an update on NIST's "zero trust" initiative MORE
Babuk Ransomware Gang Reportedly Posted Exfiltrated Team Data The NBA's Houston Rockets reported on Wednesday that the organization was recently hit with a ransomware attack for which the Babuk cyber gang has taken responsibility. MORE
217 This is the first episode of The Ransomware Files, a podcast miniseries focused on stories of resilience in the fight against ransomware. MORE
It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. MORE
Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims. MORE
Microsoft Says Spam Campaign Uses Updated Variant Microsoft is warning about a spam campaign that uses an updated variant of Java-based StrRAT malware that steals confidential data while disguising itself as a ransomware infection even though it does not actually encrypt data MORE
Firm Says Singapore Unit Was Targeted Tokio Marine, a Japan-based property and casualty insurer, says its Tokio Marine Insurance Singapore unit was hit by a ransomware attack this week MORE
New 'Pay or Grief' CryptoLocking Malware Is DoppelPaymer in Disguise, Experts Say The ransomware landscape changes constantly as groups disappear, change approaches or rebrand. MORE
229 The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. “Ransomware has gathered a critical mass of nonsense, b t, hype, and fuss around it. MORE
Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware. MORE
113 Malwarebytes: Gang Seeking 'Pentesters' and 'Access Brokers' A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the security firm Malwarebytes MORE
Ransomware Related Topics 
Data Breach Today
JULY 29, 2021
Patch Management and Locking Down Remote Desktop Protocol Remain Essential Defenses Ransomware operations continue to thrive thanks to a vibrant cybercrime-as-a-service ecosystem designed to support all manner of online attacks.
Krebs on Security
AUGUST 5, 2021
It’s nice when ransomware gangs have their bitcoin stolen, malware servers shut down, or are otherwise forced to disband. Indeed, some of the most destructive and costly ransomware groups are now in their third incarnation. Another ransomware family tied to Evil Corp.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Krebs on Security
SEPTEMBER 15, 2021
TTEC , [ NASDAQ: TTEC ], a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident resulting from a ransomware attack, KrebsOnSecurity has learned.
Krebs on Security
MAY 14, 2021
The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. “Ransomware has gathered a critical mass of nonsense, b t, hype, and fuss around it.
Krebs on Security
AUGUST 19, 2021
Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. ransomware-as-a-service gang actually includes a solicitation for insiders in the desktop wallpaper left behind on systems encrypted with the malware.
Data Breach Today
AUGUST 28, 2021
Uptick in Hive Ransomware Activity Spotted The US Federal Bureau of Investigation has issued a warning about Hive ransomware after the group took down Memorial Health System last week.
Dark Reading
JULY 14, 2021
Hit by ransomware? These missteps can take a bad scenario and make it even worse
Data Breach Today
AUGUST 26, 2021
Fresh Ransomware-as-a-Service Operations Seek Affiliates for Extorting New Victims After a string of high-profile hits, many of the largest and most notorious ransomware operations recently disappeared.
Data Breach Today
SEPTEMBER 11, 2021
Malware Designed To Attack Linux Hosts With ChaChi Backdoor The Pysa ransomware gang has created a new Linux version of its malware designed to target Linux hosts with the ChaChi backdoor, using its Windows counterpart's characteristics, according to a new report
Data Breach Today
JULY 26, 2021
Fewer Victims Paying Attackers Simply to Delete Stolen Data, Coveware Reports Good news on the ransomware front: The average ransom paid by a victim dropped by 38% from Q1 to Q2, reaching $136,576, reports ransomware incident response firm Coveware.
Krebs on Security
APRIL 29, 2021
Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes.
|
Data Breach Today
AUGUST 20, 2021
Firm Says Singapore Unit Was Targeted Tokio Marine, a Japan-based property and casualty insurer, says its Tokio Marine Insurance Singapore unit was hit by a ransomware attack this week
Data Breach Today
JUNE 4, 2021
Biden Orders Federal Ransomware Task Force to Coordinate Federal Investigations The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place.
Threatpost
JULY 5, 2021
Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware.
Data Breach Today
JUNE 18, 2021
The latest edition of the ISMG Security Report features an analysis of the Avaddon ransomware gang's retirement and the crackdown on the Clop ransomware gang in Ukraine. Also featured: Bitcoin as ally in the ransomware battle; strengthening U.S.
Data Breach Today
MAY 24, 2021
Microsoft Says Spam Campaign Uses Updated Variant Microsoft is warning about a spam campaign that uses an updated variant of Java-based StrRAT malware that steals confidential data while disguising itself as a ransomware infection even though it does not actually encrypt data
Security Affairs
SEPTEMBER 11, 2021
Recently we observed that part of the REvil ransomware infrastructure was up and running again, now we can confirm that they hit new victims. On September 7, the servers of the REvil ransomware gang were back online after around two months since their shutdown.
Data Breach Today
JULY 30, 2021
Also: Update on NIST 'Zero Trust' Initiative In the latest weekly update, three editors at Information Security Media Group discuss important cybersecurity issues, including the latest ransomware trends, plus an update on NIST's "zero trust" initiative
Data Breach Today
AUGUST 26, 2021
This is the first episode of The Ransomware Files, a podcast miniseries focused on stories of resilience in the fight against ransomware.
Data Breach Today
AUGUST 23, 2021
Australia Regulator Says Such Breaches Are Likely Underreported Australia's data regulator says organizations hit by ransomware may be underreporting data breaches because they haven't thoroughly figured out if data was taken.
Krebs on Security
NOVEMBER 10, 2020
It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.
Data Breach Today
SEPTEMBER 7, 2021
Classes Canceled as the University's IT Staff Repairs Damage Howard University canceled classes Tuesday in the wake of a ransomware attack it first detected on Friday, the university has announced.
Data Breach Today
AUGUST 9, 2021
VMware ESXi Servers Targeted by Crypto-Locking Malware, MalwareHunterTeam Warns The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VmWare's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
Krebs on Security
JUNE 16, 2021
Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims.
Krebs on Security
AUGUST 14, 2020
NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc.
Data Breach Today
JULY 26, 2021
Malwarebytes: Gang Seeking 'Pentesters' and 'Access Brokers' A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the security firm Malwarebytes
Security Affairs
SEPTEMBER 13, 2021
Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident. Olympus issued a statement to announce that its European, Middle East and Africa computer network was hit by a ransomware attack.
Data Breach Today
APRIL 16, 2021
Babuk Ransomware Gang Reportedly Posted Exfiltrated Team Data The NBA's Houston Rockets reported on Wednesday that the organization was recently hit with a ransomware attack for which the Babuk cyber gang has taken responsibility.
Data Breach Today
MAY 21, 2021
Janine Darling, the founder and CEO of STASH Global, discusses the pervasive and persistent problem of ransomware and how to mitigate the risks
Data Breach Today
JULY 16, 2021
Palo Alto Networks Report Describes Tactics of Group Leveraging Open-Source Tools The gang behind the ransomware strain known as Mespinoza, aka PYSA, is targeting manufacturers, schools and others, mainly in the U.S.
Data Breach Today
JULY 28, 2021
Expert: More Likely, an Affiliate Has Repurposed REvil's Crypto-Locking Malware Has the REvil ransomware operation come storming back?
Data Breach Today
JULY 10, 2021
The Agency Will Elevate the Role of National Central Bureaus to Fight Cybercrimes Interpol has announced that it will boost the role of country-specific National Central Bureaus to fight ransomware and other cybercrimes.
Data Breach Today
AUGUST 11, 2021
The ransomware gang LockBit took credit for the attack LockBit Takes Credit for the Incident on Its Darknet Website The consultancy Accenture, which offers cybersecurity services, confirmed Wednesday it had been hit by a cyber incident.
Data Breach Today
JULY 30, 2021
New 'Pay or Grief' CryptoLocking Malware Is DoppelPaymer in Disguise, Experts Say The ransomware landscape changes constantly as groups disappear, change approaches or rebrand.
Data Breach Today
AUGUST 19, 2021
More Major Incidents Added to the 'Wall of Shame' Several ransomware incidents have been added to the federal tally of major health data breaches in recent weeks, with no signs of these attacks abating
Data Breach Today
JULY 2, 2021
Affiliate-Driven Approach and Regular Malware Refinements Are Key, Experts Say REvil, aka Sodinokibi, is one of today's most notorious - and profitable - ransomware operations, driven by highly skilled affiliates who share profits with the operators.
Data Breach Today
JANUARY 14, 2021
Researchers Analyze the Severe Threat the Malware Poses Conti ransomware, which emerged eight months ago, poses a severe threat, according to Cybereason's Nocturnus Team, which offers an in-depth analysis of how the malware works
Data Breach Today
JULY 9, 2021
This edition of the ISMG Security Report features three segments on battling ransomware.
Krebs on Security
MAY 11, 2020
Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Ransomware BleepingComputer Diebold Nixdorf Emsisoft Fabian Wosar Lawrence Abrams ProLock ransomware
Security Affairs
MAY 18, 2021
Researchers at Tesorion released a decryptor for Judge ransomware that also decrypts files encrypted by the NoCry ransomware. In January this year, we published a blog post on our analysis of the Judge ransomware. SecurityAffairs – hacking, NoCry ransomware).
Let's personalize your content