Over the past five years, ransomware-as-a-service offerings have largely evolved from putting automated toolkits into the hands of subscribers to recruiting affiliates and sharing profits. To maximize revenue, some larger operators are also seeking affiliates with more advanced IT and hacking skills.
The gang behind the Ragnar Locker ransomware posted an ad on Facebook in an attempt to publicly shame a victim so it would pay a ransom. Security experts say the innovative tactic is indicative of things to come.
Hacking incidents - including ransomware attacks - continue to be the most common type of health data breaches added to the federal tally this year. And the ongoing COVID-19 crisis will put healthcare organizations at heightened risk for such incidents in the months to come, some experts predict.
Darkside is the latest ransomware operation to announce an affiliate program in which a ransomware operator maintains crypto-locking malware and a ransom payment infrastructure while crowdsourced and vetted affiliates find and infect targets. When a victim pays, the operator and affiliate share the loot.
Researchers at Kaspersky have uncovered a Linux version of the RansomEXX ransomware that, until now, had targeted only Windows devices. The ransomware has been tied to several high-profile attacks over the last several months.
The National Guard has been recruited to help a healthcare system recover from a recent ransomware attack, while some other healthcare entities have temporarily shut down their email systems in the wake of urgent federal cyber alerts. How warranted are these drastic measures?
Victims of crypto-locking malware who pay a ransom to their attackers are paying, on average, more than ever before. But investigators warn that when victims pay for a guarantee that all data stolen during an attack will get deleted, criminals often fail to honor their promises.
The number of attacks related to Emotet continues to spike after the dangerous botnet re-emerged over the summer with a fresh phishing and spam campaign, according to research from HP-Bromium. During this time, Emotet is mainly infecting devices with the QBot or QakBot banking Trojan.
After weeks of rising anxiety, Election Day proceeded in the U.S. with no public indications of interference. But experts say misinformation campaigns are still likely, and there's plenty of time for malicious activity as the vote tallying proceeds.
Despite the soaring list of customers reporting data breaches tied to the May ransomware attack on Blackbaud - and numerous legal actions filed against the company - the fundraising software vendor recently told Wall Street that it expects cyber insurance to cover the bulk of its costs associated with the incident.
The U.K. NCSC responded to over 700 cyber incidents over a 12-month period, 200 of which were related to the COVID-19 pandemic, according to the cyber agency's annual report. NCSC also notes that's it's preparing to step-up its response to cyber incidents involving the NHS and vaccine development.
The Maze cybercrime gang, which revolutionized the ransomware business by adding an extortion element to each attack, has issued a statement saying it has hung up its spikes and will retire, at least temporarily. Security executives do confirm Maze's activity has dropped off in recent months.
The data dump of citizens' election information following a ransomware attack against a county in Georgia is likely to raise concerns about the integrity of this year's vote, some security experts say.