How do today’s ransomware attackers find a way in? In truth, there are numerous routes, some more obvious than others. The key for ransomware attackers is to find an initial staging post. Often this is an employee—or more specifically, the employee’s network credentials—grabbed after a phishing attack. In other cases, it’s about finding an external […]

On Sept. 6, two Utah-based newspapers reported that their company files had been encrypted and rendered inaccessible, delaying the publishing presses for 24 hours. Days earlier, something similar happened at Savannah College of Art and Design (SCAD) in Georgia, this time leading to a breach of sensitive student and staff data. In California, it was […]

Discerning trends in ransomware has never been easy, but every now and again something jumps out from the confusion of events that points clearly at trouble ahead. A good current example is the steady rise of the Hive ransomware group, first reported around mid-2021. Since then, there has been a steady stream of attacks attributed […]

Someone out there in Internet-land is extremely angry with the LockBit ransomware group. So angry, in fact, that on the weekend of August 21 they decided to hit the group’s Tor leaks sites with a DDoS attack large enough to take them offline. It’s the sort of thing that probably happens all the time on […]

On May 1 2022, an unnamed company in the automotive sector fell victim to what is surely one of the most nightmarishly contorted ransomware incidents ever reported. Hopefully, that sentence has grabbed your attention because untangling what happened on that day as reported by security company Sophos is a wild ride involving not one, not […]