10 Mistakes Companies Make in Their Ransomware Responses

Dark Reading

Hit by ransomware? These missteps can take a bad scenario and make it even worse

Disrupting Ransomware by Disrupting Bitcoin

Schneier on Security

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. This is where the suggestion to ban cryptocurrencies as a way to “solve” ransomware comes from.


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Double-Encrypting Ransomware

Schneier on Security

In the first, hackers encrypt data with ransomware A and then re-encrypt that data with ransomware B. Uncategorized encryption extortion malware ransomwareThis seems to be a new tactic : Emsisoft has identified two distinct tactics.

Ransomware Defense: Top 5 Things to do Right Now


Matt Bromiley, senior consultant with Mandiant Managed Defense, discusses the top tricks and tips for protecting enterprise environments from ransomware.

Ransomware Attacks Leave Lasting Damage

Security Boulevard

Organizations hit by ransomware attacks also report tightened budgets and lingering impacts on productivity, profitability and security posture, suggesting the extensive damage caused in the wake of ransomware attacks has long-lasting effects.

Ransomware Is Getting Ugly

Schneier on Security

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet. The Colonial Pipeline is another current high-profile ransomware victim. Uncategorized cryptocurrency cybercrime doxing police ransomware

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. “Ransomware has gathered a critical mass of nonsense, b t, hype, and fuss around it.

A Closer Look at the DarkSide Ransomware Gang

Krebs on Security

The FBI confirmed this week that a relatively new ransomware group known as DarkSide is responsible for an attack that caused Colonial Pipeline to shut down 5,550 miles of pipe , stranding countless barrels of gasoline, diesel and jet fuel on the Gulf Coast. The DarkSide ransomware note.

Insurance and Ransomware

Schneier on Security

As ransomware becomes more common, I’m seeing more discussions about the ethics of paying the ransom. However, the most pressing challenge currently facing the industry is ransomware. Uncategorized academic papers cybercrime cybersecurity insurance mitigation ransomware reports

Death Kitty Ransomware and BlackMatter Ransomware details

CyberSecurity Insiders

Death Kitty Ransomware that targeted South African Port Transnet has disrupted the networks, forcing the company to declare Force Majeure at Container Terminals and Cargo shifting, forcing the staff to switch to manual paper and pen work.

Kaseya Ransomware Attack Update

CyberSecurity Insiders

Kaseya Software Company has released an update that all its software users who have fallen prey to the ransomware attack will receive a free decryptor to unlock their database files on a respective note. The post Kaseya Ransomware Attack Update appeared first on Cybersecurity Insiders.

Details of the REvil Ransomware Attack

Schneier on Security

ArsTechnica has a good story on the REvil ransomware attack of last weekend, with technical details: This weekend’s attack was carried out with almost surgical precision. Uncategorized cyberattack malware ransomware Russia supply chain vulnerabilities zero-day

The DarkSide Ransomware Gang

Schneier on Security

The New York Times has a long story on the DarkSide ransomware gang. Uncategorized business of security crime cybercrime ransomware Russia

Ransomware: 8 Things That You Must Know

Joseph Steinberg

While ransomware may seem like a straightforward concept, people who are otherwise highly-knowledgeable seem to cite erroneous information about ransomware on a regular basis. As such, I would like to point out 8 essential points about ransomware.

Ransomware Shuts Down US Pipeline

Schneier on Security

This is a major story : a probably Russian cybercrime group called DarkSide shut down the Colonial Pipeline in a ransomware attack. This is the new and improved ransomware attack: the hackers stole nearly 100 gig of data, and are threatening to publish it.

Average ransomware payments decline… but that’s not good news

Graham Cluley

The latest research finds that ransomware attackers are attempt to extort, on average, a smaller amount of money through their criminal activities. Malware Ransomware ransomware

Task Force Seeks to Disrupt Ransomware Payments

Krebs on Security

Some of the world’s top tech firms are backing a new industry task force focused on disrupting cybercriminal ransomware gangs by limiting their ability to get paid, and targeting the individuals and finances of the organized thieves behind these crimes.

Ransomware Group Turns to Facebook Ads

Krebs on Security

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

Ransomware is the New-age Atomic Bomb

Security Boulevard

Ransomware can start cyber warfare! The post Ransomware is the New-age Atomic Bomb appeared first on Kratikal Blogs. The post Ransomware is the New-age Atomic Bomb appeared first on Security Boulevard. This is why.

75,000+ Customers Affected in CNA Ransomware Attack

Security Boulevard

The CNA ransomware attack that made the news in March this year has an extension to the story. The insurance giant revealed that the organization suffered a data breach following the ransomware attack.

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

NASDAQ:RCM ], one of the nation’s largest medical debt collection companies, has been hit in a ransomware attack. R1 RCM acknowledged taking down its systems in response to a ransomware attack, but otherwise declined to comment for this story. R1 RCM Inc.

Negotiating with Ransomware Gangs

Schneier on Security

Thus, the decision whether to pay or ignore a ransomware demand, seems less of a legal, and more of a practical, determination ­ almost like a cost-benefit analysis. When confronted with a ransomware attack, the options all seem bleak. Uncategorized ransomware risk assessment

Ransomware Now Leaking Stolen Documents

Schneier on Security

Originally, ransomware didn't involve any data theft. Now ransomware is increasingly involving both encryption and exfiltration. Recently, the aerospace company Visser Precision was hit by the DoppelPaymer ransomware. blackmail dataloss doxing encryption ransomware

Honda Hit By Possible Ransomware Attack

Adam Levin

Japanese automotive manufacturer Honda is investigating a possible ransomware attack that has caused company-wide network outages. The post Honda Hit By Possible Ransomware Attack appeared first on Adam Levin. Data Security Data breach featured ransomware honda EKANS ics

Ukrainian Police Nab Six Tied to CLOP Ransomware

Krebs on Security

Authorities in Ukraine this week charged six people alleged to be part of the CLOP ransomware group , a cybercriminal gang said to have extorted more than half a billion dollars from victims.

Ransomware Hit ATM Giant Diebold Nixdorf

Krebs on Security

Diebold Nixdorf , a major provider of automatic teller machines (ATMs) and payment technology to banks and retailers, recently suffered a ransomware attack that disrupted some operations. Ransomware BleepingComputer Diebold Nixdorf Emsisoft Fabian Wosar Lawrence Abrams ProLock ransomware

Why Do Ransomware Attacks Keep Happening

Security Boulevard

The post Why Do Ransomware Attacks Keep Happening appeared first on Digital Defense, Inc. The post Why Do Ransomware Attacks Keep Happening appeared first on Security Boulevard. Security Bloggers Network Blog managed vulnerability scanning penetration test Ransomware

The Second Wave of a Ransomware Pandemic

Security Boulevard

In January, we published the Ransomware Pandemic, a report discussing the ever-evolving threat of ransomware and the growing devastation disseminated by these malicious malware strains. The post The Second Wave of a Ransomware Pandemic appeared first on Security Boulevard.

Ransomware threat to SonicWall Customers

CyberSecurity Insiders

SonicWall that offers next generation firewalls and various Cybersecurity solutions has announced that its customers using certain products are at a risk of being cyber attacked with ransomware. The post Ransomware threat to SonicWall Customers appeared first on Cybersecurity Insiders.

Kaseya offers universal decryptor to customers following ransomware attack

Graham Cluley

IT service firm Kaseya says that it has "obtained" a universal decryptor for customers hit by the REvil ransomware gang earlier this month. Malware Ransomware Kaseya ransomware Revil

6 claves de Gartner contra el ransomware

Security Boulevard

The post 6 claves de Gartner contra el ransomware appeared first on ManageEngine Blog. The post 6 claves de Gartner contra el ransomware appeared first on Security Boulevard. Este tema es probablemente, el protagonista de la gran mayoría de discusiones sobre ciberseguridad en el mundo.

Where Did REvil Ransomware Go? Will it Be Back?

Security Boulevard

Speculation swirled over why the prolific and dangerous REvil ransomware went offline – blog, payment processing, all suddenly went kaput – it’s important not to lose sight of the bigger issues. And ransomware threats. The post Where Did REvil Ransomware Go?

Ransomware’s Russia problem


Last week, US news outlet NBC News caused a stir with an article proclaiming that the REvil ransomware used in the recent, colossal Kaseya supply-chain attack was “ written to avoid computers that use Russian.” Russia-averse ransomware families.

Payroll/HR Giant PrismHR Hit by Ransomware?

Krebs on Security

PrismHR , a company that sells technology used by other firms to help more than 80,000 small businesses manage payroll, benefits, and human resources, has suffered what appears to be an ongoing ransomware attack that is disrupting many of its services.

Ransomware Attempt Volume Sets A New Record

Security Boulevard

An article published in ZDNet has cited a report prepared by a cyber security firm that says that ransomware attempt volume saw a major rise in the first half of 2021 itself. The report has mentioned that the ransomware attempt volume rose up to an unbelievable figure of 304.7

Adding a Russian Keyboard to Protect against Ransomware

Schneier on Security

Uncategorized law enforcement malware ransomware RussiaA lot of Russian malware — the malware that targeted the Colonial Pipeline, for example — won’t install on computers with a Cyrillic keyboard installed.

Bank loses customers’ social security numbers after ransomware attack

Hot for Security

Clop ransomware gang exploited Accellion flaws to steal data Customers angry that their details were breached, even after closing their accounts long ago.

REvil Ransomware Gang Starts Auctioning Victim Data

Krebs on Security

The criminal group behind the REvil ransomware enterprise has begun auctioning off sensitive data stolen from companies hit by its malicious software. A partial screenshot from the REvil ransomware group’s Dark Web blog.

Documented Death from a Ransomware Attack

Schneier on Security

A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. UK hospitals had to redirect patients during the 2017 WannaCry ransomware attack , but there were no documented fatalities from that event.

REvil ransomware – what you need to know

The State of Security

Learn more about the notorious REvil ransomware in my article on the Tripwire State of Security blog. Data loss Guest blog Malware Ransomware ransomware Revil

Ransomware Gangs Don’t Need PR Help

Krebs on Security

We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Ransomware ransomware

Who us??? Kaseya says it hasn’t paid anybody for its ransomware decryption key

Graham Cluley

Kaseya hasn't paid anyone for the decryptor it managed to get its paws on last week, and is offering to customers hit by a massive ransomware attack. Malware Ransomware Kaseya ransomware Revil

No More Ransom website celebrates five years of providing free ransomware recovery tools and advice

Graham Cluley

The No More Ransom website has become one of the first ports of call for any individual or company whose computer has been hit by a ransomware attack. Malware Ransomware ransomware