Dark Reading

Less Lucrative Ransomware Market Makes Attackers Alter Methods

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.
TMCnet

ESET Research: A deep dive into EDR killers - a cornerstone of modern ransomware operations

EDR killers are a fundamental part of modern ransomware intrusions; affiliates prefer a short, reliable window to run encryptors rather than constantly modifying payloads. Affiliates, not operators, ...
TechSpot

Google launches AI ransomware detection in Drive desktop, trained on millions of attack samples

Connecting the dots: Ransomware has become one of the most devastating threats in the digital era, locking away critical files and demanding costly payouts. When combined with AI and cloud computing, ...
Dark Reading

Cyber OpSec Fail: Beast Gang Exposes Ransomware Server

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.
Statetechmagazine

Ransomware as a Service Threat Grows Against Local Governments

In 2022, the ALPHV Ransomware as a Service group attacked the city of Alexandria, La., with its malware. Two years later, LockBit ransomware bandits attacked Wichita, Kans. Once novel RaaS gangs are ...

Ransomware In 2026: Why Prevention Is Now A Board-Level Discipline, Not An IT Project

For years, organizations treated ransomware as a technical threat, but that mindset is now dangerously outdated as ransomware ...
Infosecurity-magazine.com

FunkSec Ransomware Victims Can Now Recover Files with Free Decryptor

A decryptor for the FunkSec ransomware has been developed and made avaliable to download for free by researchers at antivirus provider Avast. Ladislav Zezul, a malware researcher at Avast’s parent ...
Forbes

AI-Assisted Ransomware: Fighting Fire With Fire

Ransomware has evolved significantly over the past decade, transforming from crude DIY tool kits to sophisticated ransomware-as-a-service (RaaS) models and, more recently, to AI-assisted attacks. This ...
Yahoo

Do you use Gmail or Outlook? FBI, CISA issue warning about Medusa ransomware

Add Yahoo as a preferred source to see more of our stories on Google. Federal authorities are warning users of Gmail, Outlook, and other popular email services about dangerous ransomware linked to a ...
Bleeping Computer

RansomHub ransomware uses new Betruger ‘multi-function’ backdoor

A newly identified custom backdoor deployed in several recent ransomware attacks has been linked to at least one RansomHub ransomware-as-a-service (RaaS) operation affiliate. Symantec researchers who ...
MedCity News

Most Healthcare Providers Remain Highly Vulnerable to Ransomware Attacks

About 90% of healthcare organizations are insecurely connected to the internet and running systems vulnerable to exploitation by ransomware gangs, according to research released this week by ...
Bleeping Computer

Ransomware gang uses SSH tunnels for stealthy VMware ESXi access

Ransomware actors targeting ESXi bare metal hypervisors are leveraging SSH tunneling to persist on the system while remaining undetected. VMware ESXi appliances have a critical role in virtualized ...