The Lockbit 3.0 ransomware group claims to have breached the United States Federal Reserve, exfiltrating about 33 terabytes of potentially sensitive data.  The group claims that the stolen data includes “Americans’ banking secrets,” though they have not yet published any...

A ransomware attack targeting Synnovis, a U.K. healthcare partnership, has significantly disrupted medical procedures in several of London’s largest hospitals.  The incident has prevented hospitals from matching patients’ blood types at a normal frequency. Surgeries and other procedures that require...

Ascension, which operates 140 hospitals across the United States, has confirmed that an ongoing service outage was caused by a ransomware attack.  The organization says that they have implemented procedures to “ensure patient care delivery continues to be safe and...

In an apparent attempt to compel their victim to pay up, the ransomware gang DragonForce has published a recording of a phone call with one of its victims’ employees. The recording was published on DragonForce’s dark web page. For ethical...

Ransomware payments reached an estimated $1.1 billion in 2023, per a report from crypto-tracing firm Chainalysis. It’s no wonder that ransomware is a growing threat — and from the victims’ perspective, the temptation to pay is certainly understandable. But...

Data exfiltration refers to any malicious attack that steals data from the victim. It’s also known as “data theft,” though the term “data exfiltration” is more specific to the data on networks or larger-scale IT systems (as opposed to the...

The FBI’s 2023 Internet Crime Report (PDF) shows the dramatic growth of the ransomware industry — and details some of the techniques that bad actors use to compromise critical IT systems. It’s important to note that these statistics are not...

According to a report from Reuters, the Blackcat ransomware gang is behind a massive ransomware attack that has impacted prescription deliveries throughout the United States. Last week, bad actors reportedly gained access to systems owned by Change Healthcare, a prescription...

A group of researchers has released a free recovery tool for data encrypted by Rhysida ransomware.  The Rhysida ransomware variant appeared towards the beginning of 2023 and spread quickly, primarily targeting education, healthcare, manufacturing, government, and information technology (IT) sectors....

White Phoenix is an open-source ransomware decryption tool, intended for use with larger files encrypted by the Play ransomware group and other ransomware variants that use intermittent encryption. The tool is available on GitHub here, and it’s both free...