Security Awareness Training Blog

Ransomware Blog

Keeping you updated on the latest ransomware attack vectors, strains, decryptors, families and trends to help you avoid becoming infected.

Ransomware Targets are Getting Larger and Paying More as Fewer Victims Are Paying the Ransom

New data showcasing the state of ransomware shows that while organizations are likely getting better at recovery (and not paying the ransom), cybercriminals are shifting focus to ensure ...
Continue Reading

Ransomware Has SMBs Reprioritizing Their Cybersecurity Spending to Combat Attacks

New data shows that SMBs can clearly see where they have cybersecurity issues and are taking great strides to put their devoted budget to security technology and services that actually ...
Continue Reading

[Eye Popper] Ransomware Victims Refused To Pay Last Year

Finally some good news from the ransomware front!  Despite bad actors launching a number of ransomware campaigns throughout 2022, organizations refused to submit and paid criminals an ...
Continue Reading

Cybercriminals Mimic Victim Website to Publish Exfiltrated Data on the Public Web

In a new twist, threat actors use a typo squatted domain name to increase the chances that stolen data will be seen by the general public after not being paid the ransom.
Continue Reading

Government, Higher Ed, School Districts, and Healthcare Continue to be Victims of Ransomware Attacks

An analysis of the publicly-accessible data on ransomware attacks shows that these sectors that were a primary target of ransomware in 2021 continued as targets in 2022 to the same degree.
Continue Reading

[Heads Up] Phishing Attacks Are Now The Top Vector For Ransomware Delivery

Phishing attacks are now the top vector for ransomware delivery, according to researchers at Digital Defense. Phishing emails can be highly tailored to specific employees in order to ...
Continue Reading

These grim figures show that the ransomware problem isn't going away

ZDNet summarized the problem as follows: "Up to 1,981 schools, 290 hospitals, 105 local governments and 44 universities and colleges were hit with ransomware in the US alone during 2022, ...
Continue Reading

[Eye Opener] Insurance policy doesn’t cover ransomware attack, Ohio Supreme Court says

Dec. 27, 2022, The Ohio Supreme Court ruled in favor of an insurance company, determining that its contract to cover any direct physical loss or damage to property did not encompass ...
Continue Reading

New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable”

As an apparent method of political commentary on the war in Ukraine, the new Azov wiper uses a mix of intermittent overwriting and trojanizing Windows binaries to annihilate its’ victims.
Continue Reading

Ivanti Report Shows Cybersecurity Practitioners Concentrating on Right Threats

A recent Ivanti report shows cybersecurity practitioners getting more focused on the threat landscape, but defenders may need to hone their attention to focus on the right threats. 
Continue Reading

Hospitals Warned of Royal Ransomware Attacks by U.S. Department of Health

This brand new ransomware gang is on the attack and, despite them being new to the game, are coming out of the gate attacking the healthcare sector and asking for millions in ransom.
Continue Reading

October and November Have Been the Two Busiest Months for Ransomware

Trending data going back to January of 2020 shows that ransomware attacks are continually increasing in number with unusual highs in the 4th quarter.
Continue Reading

[On-Demand] Ransomware, Ransom-war and Ran-some-where: What We Can Learn When the Hackers Get Hacked

Ransomware strikes organizations almost every two seconds. Tales of bad actors doing their worst fill the InfoSec news cycle, but what happens when the hackers get hacked?
Continue Reading

New Threat Group Already Evolves Delivery Tactics to Include Google Ads

Delivering an equally new Royal ransomware, this threat group monitored by Microsoft Security Threat Intelligence has already shown signs of impressive innovation to trick victims.
Continue Reading

Ransomware Attacks on Holidays and Weekends Increase and Take a Greater Toll on Organizations

With 97% of U.S. organizations experiencing a ransomware attack over a weekend or on a holiday, the impacts on response and recovery time are material, including loss of revenue.
Continue Reading

A Recent, Complex, Ransomware Campaign

Microsoft has observed a threat actor that’s been running a phishing campaign since August 2022. The threat actor, which Microsoft tracks as “DEV-0569,” is using phishing emails to ...
Continue Reading

10 Million Health Records from Australian Insurer Medibank are Leaked After Refusing to Pay the Ransom

The aftermath of a ransomware attack last month demonstrates just how bad an attack can get when the cybercriminals don’t get what they want.
Continue Reading

Over One-Third of Companies Who Pay the Ransom are Targeted for a Second Time

Despite the somewhat logical notion that once you’ve paid the ransom, the attack is over, new data shows that paying the ransom doesn’t help you anywhere near how much you think it does.
Continue Reading

Valid Accounts Rank as the Top Initial Access Infection Vector, Putting a Spotlight on Credentials

As ransomware, business email compromise, and phishing attacks continue to escalate, new data sheds light on where organizations need to focus to help put a stop to attack success.
Continue Reading

Ransomware Attacks on UK Organizations are Not Being Reported Enough, Clouding Impact

A new report from the UK’s National Cyber Security Center highlights the current state of threats in the UK, with particular focus on ransomware attacks and their impact.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews