Security Awareness Training Blog

Ransomware Blog

Keeping you updated on the latest ransomware attack vectors, strains, decryptors, families and trends to help you avoid becoming infected.

Ransomware Payments Decline While Data Exfiltration Payments Are On The Rise

The latest data from Coveware shows a slowing of attack efficacy, a decrease in ransom payments being made, and a shift in initial access tactics.
Continue Reading

SEC Report Provides Insight into Key Tronic Ransomware Costs Totaling Over $17 Million

The financial repercussions of the May 2024 ransomware attack on the electronics manufacturing services firm Key Tronic underscores just how costly these attacks are.
Continue Reading

The First Half of 2024 Results in More Than 1 Billion Data Breach Victims

New data shows that cyber attacks have resulted in double the number of data breaches in 2024 than throughout all of 2023.
Continue Reading

Fortune 50 Ransomware Victim Pays an Eye-Watering $75 Million

The Dark Angels ransomware group got paid a staggering $75 million ransom from an undisclosed Fortune 50 victim.
Continue Reading

Nearly All Ransomware Attacks Now Include Exfiltration of Data…But Not All Are Notified

Organizations are falling victim to ransomware attacks where data is stolen, but the victim isn’t being told about it. I have a theory as to why this is happening.
Continue Reading

78% of Organizations Are Targets of Ransomware Attacks Two or More Times in Twelve Months

New data puts the spotlight on the frequency and impact of modern ransomware attacks, highlighting the overconfidence organizations are showing in their ability to defend and respond to ...
Continue Reading

Change Healthcare Ransomware Attack May Cost Nearly $2.5 Billion

The ransomware attack against UnitedHealth Group’s Change Healthcare platform is expected to cost the company up to $2.45 billion, more than a billion dollars more than was previously ...
Continue Reading

New Ransomware Threat Group Calls Attack Victims to Ensure Payments

Analysis of new ransomware group Volcano Demon provides a detailed look into how and why calling victims ups the chances of ransomware payment.
Continue Reading

SEC Fines Publicly Traded Company $2.125 Million For Negligence Before, During, and After a Ransomware Attack

According to the filing, the organization in question failed to devise controls to adequately detect, respond to, and disclose an attack that included data exfiltration and service ...
Continue Reading

Espionage-Intent Threat Groups Are Now Using Ransomware as a Diversion Tactic in Cyberattacks

A new report focused on cyber espionage actors targeting government and critical infrastructure sectors highlights the strategic use of ransomware for distraction or misattribution.
Continue Reading

IRS Warns of Phishing Attacks Targeting Car Dealerships

The US Internal Revenue Service (IRS) has issued an advisory warning of phishing campaigns targeting car dealerships. The IRS says car dealers should be on the lookout for targeted ...
Continue Reading

Phishing Continues to Be the Primary Entry to Ransomware Attacks

Phishing remains a top initial access vector for ransomware actors, according to researchers at Cisco Talos. The threat actors often use phishing to steal legitimate credentials so they ...
Continue Reading

[On-Demand Webinar] Crack the Code on Ransomware: Empowering Your Last Line of Defense

Cybercriminals are maximizing the potential damage to your organization to boost their profits. A staggering 91% of reported ransomware attacks included a data exfiltration effort. Now is ...
Continue Reading

Ransomware Attacks on Healthcare Is Costing Lives

Ransomware is more prolific and expensive than ever. Depending on the source you read, the average or median ransomware payment was at least several hundred thousand dollars to well over ...
Continue Reading

Ransomware Attack on U.K. Health Service Laboratory Disrupts Major London Hospital Services

What likely started as a quick ransomware “smash and grab” has turned into a headline case resulting in responses from both U.K. and U.S. law enforcement.
Continue Reading

FREE Resource Kit for Ransomware Awareness Month in July

We’re here to help you and your users stay secure from the scourge of ransomware for Ransomware Awareness Month this July with a kit full of free resources!
Continue Reading

“Operation Endgame” Ends with the Arrest of 4 Cybercriminal Suspects and 100 Servers

Coordinated efforts between law enforcement agencies across nine countries has resulted in a major disruption of a threat group’s malware and ransomware operations.
Continue Reading

91% of Every Ransomware Attack Today Includes Exfiltrating Your Data

New insight into ransomware attacks show that cyber attacks are a top concern for organizations – with many not aware they were a victim until after the attack.
Continue Reading

Cyber Insurance Claims Rise Due To Phishing and Social Engineering Cyber Attacks

New data covering cyber insurance claims through 2023 shows claims have increased while reaffirming what we already know: phishing and social engineering are the real problem.
Continue Reading

Black Basta Ransomware Uses Phishing Flood to Compromise Orgs

Rapid7 reports an interesting social engineering scheme that easily bypasses content filtering defenses and creatively uses a fake help desk to supposedly “help” users put down the attack.
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews