Ransomware
Ransomware | News, how-tos, features, reviews, and videos
New ransomware gang RA Group quickly expanding operations
The RA Group uses double extortion and has detailed information on its victims.
Law enforcement crackdowns and new techniques are forcing cybercriminals to pivot
Researchers say that law enforcement crackdowns and new investigative tools are putting pressure on cybercriminals, but challenges for defenders remain.
UK NCSC, ICO debunk 6 cyberattack reporting myths
These misconceptions, including the belief that paying a ransom makes the incident go away, could result in more attacks or bigger regulatory fines.
Insured companies more likely to be ransomware victims, sometimes more than once
A recent report found that companies with cyber insurance have been hit by ransomware more than those without it, and sometimes more than once. Although threat actors may not be directly correlating the insurance factor to find...
Make them pay: Hackers devise new tactics to ensure ransomware payment
Payouts from ransomware victims declined by 38% in 2022, which has prompted hackers to adopt more professional and corporate tactics to ensure higher returns.
Nebulon's TripLine offers ransomware encryption protection for on-prem systems
Ransomware protection for on-premises systems and hyperconverged infrastructure is the goal of the latest release from “smart infrastructure” vendor Nebulon.
New ransomware group CACTUS abuses remote management tools for persistence
The CACTUS cybercriminal group targets VPN appliances for initial access and to install a backdoor.
BlackCat group releases screenshots of stolen Western Digital data
The screenshots included an image of a meeting that was held by the company to discuss the response to the recent cybersecurity incident.
Microsoft patches vulnerability used in Nokoyawa ransomware attacks
The vulnerability identified as CVE-2023-28252 is a privilege escalation flaw affecting the Windows Common Log File System driver.
Iranian APT group launches destructive attacks in hybrid Azure AD environments
The threat group MERCURY has the ability to move from on-premises to cloud Microsoft Azure environments.
New Rorschach ransomware hits with unique features and very fast encryption
Researchers say the recently discovered strain raises the bar by automating some intrusion processes and moving very quickly compared to other attacks.
DarkBit puts data from Israel’s Technion university on sale
DarkBit had previously demanded 80 bitcoins as ransom, and said it would sell the data within five days if the ransom went unpaid.
Hackers changed tactics, went cross-platform in 2022, says Trend Micro
Ransomware groups are adopting corporate structures, Microsoft macros are no longer an easy target, and the Rust programming language is making it easier to write multiplatform malware.
CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws
The CISA pilot program will notify organizations of vulnerabilities that can lead to ransomware attacks, with small organizations the primary beneficiaries.
BianLian ransomware group shifts focus to extortion
The shift in the operating model comes as a result of Avast’s release of a decryption tool that allowed a victim of the BianLian ransomware gang to decrypt and recover their files without paying the ransom.
Universities and colleges cope silently with ransomware attacks
Ransomware gangs like Vice Society target colleges and universities like every other sector, but they try hard to keep that information quiet.
Amazon-owned Ring reportedly suffers ransomware attack
The Russia-linked ALPHV ransomware gang has threatened to leak stolen data if Ring refuses to pay ransom.
