Security Awareness Training Blog

Ransomware Blog

Keeping you updated on the latest ransomware attack vectors, strains, decryptors, families and trends to help you avoid becoming infected.

Only 7% of Organizations Can Restore Data Processes within 1-3 Days After a Ransomware Attack

New data on how organizations are able to respond to ransomware attacks also shows that paying a ransom is highly likely, despite having a policy of “Do Not Pay.”
Continue Reading

Number of Data Compromises Affecting U.S. Organizations Rises 77%

New data summarizing the compromises of data in 2023 provides key details on who’s being targeted, what types of data is being compromised, and what attack vectors are being used.
Continue Reading

Another Ransomware-as-a-Service Known as “Wing” Takes Flight on the Dark Web

Analysis of this newly-spotted service makes it clear that the newest entrant into the Ransomware-as-a-Service (RaaS) space has taken note of where predecessors are lacking and launched a ...
Continue Reading

Calculating Materiality for SEC Rule 1.05

The U.S. Securities and Exchange Commission (SEC), through a new requirement of Item 1.05 of the 8-K, requires that all regulated companies report significant cybersecurity breaches ...
Continue Reading

Cybersecurity Resiliency and Your Board of Directors

Growing cybersecurity threats, especially ransomware attacks, and the Securities and Exchange Commission’s (SEC) recent rules have made having a cybersecurity-aware Board of Directors ...
Continue Reading

Unprecedented Rise of Malvertising as a Precursor to Ransomware

Cybercriminals increasingly used malvertising to gain initial access to victims’ networks in 2023, according to Malwarebytes’s latest State of Malware report.
Continue Reading

Synthetic Data: The New Frontier in Cyber Extortion

Organizations are increasingly facing cyber attacks resulting in data breaches, and part of their post-incident responsibilities includes adhering to mandatory reporting requirements.
Continue Reading

81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to Soar

New data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it.
Continue Reading

Ransomware Payments On The Decline As Cyber Attackers Focus on The Smallest, And Largest, Organizations

New data for Q4 of 2023 reveals a sizable shift in the cyber threat landscape, with serious implications regarding ransomware and social engineering attacks targeting both the largest and ...
Continue Reading

The Percentage of Organizations Globally Struck by Ransomware Hits an All-Time High

Check Point’s review of ransomware shows that the percent of organizations worldwide hit by this greatest of cyberthreats rose by a whopping 33% in 2023.
Continue Reading

The Number of Ransomware Attack Victims Surge in 2023 to over 4000

The surge in Ransomware-as-a-Service affiliates is likely the reason behind the dramatic increase in the number of victimized organizations, with all indicators suggesting that this trend ...
Continue Reading

New Evasive Phishing Technique “Legacy URL Reputation Evasion" (LURE)

Researchers at Menlo Security observed a 198% increase in browser-based phishing attacks over the past six months.
Continue Reading

Social Engineering Attacks Rising in the Trucking Industry

Spear phishing and voice phishing (vishing) are on the rise in the trucking industry, according to a new report from the National Motor Freight Traffic Association (NMFTA).
Continue Reading

More Than Half of Data Breaches in the U.K.’s Legal Sector are Due to Insider Error

A new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of ...
Continue Reading

‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware Attacks

Rather than stick to traditional ransomware extortion methods that revolve around the attack itself, a new form of extortion known as Swatting puts the focus on the victim organization’s ...
Continue Reading

Pikabot Malware Spreading Through Phishing Campaigns

Researchers at Trend Micro warn that a threat actor known as “Water Curupira” is distributing the Pikabot malware loader via widespread phishing campaigns.
Continue Reading

FBI Releases Blackcat Ransomware Decryption Tool to Victims, Disrupting Attacks

For the first time ever, the U.S. Justice Department announced the existence of an FBI-developed decryption tool that has been used to save hundreds of victim organizations attacked by ...
Continue Reading

Black Basta Ransomware Decryptor Released to Help Some Victims

A flaw found by security researchers in the encryption software allows victim organizations to use “Black Basta Buster” to recover some of their data – but there’s a catch.
Continue Reading

Lockbit 3.0 Ransomware Disrupts Emergency Care at Multiple German Hospitals

Hitting three hospitals within a Germany-based hospital network, the extent of the damage in this confirmed ransomware attack remains undetermined but has stopped parts of operations.
Continue Reading

SC Mag: "Attacks on critical infrastructure are harbingers of war: Are we prepared?"

I just found a great post by Morgan Wright, chief security advisor of SentinelOne. Here is a quick summary and a link to the full article is at the bottom. The recent attacks on water ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews