Security News

First rule of Ransomware Club is do not pay the ransom, but it looks like Carlson Wagonlit Travel didn't get the memo
2020-07-31 12:50

US corporate travel management firm Carlson Wagonlit Travel has suffered an intrusion and it is believed the company paid a $4.5m ransom to get its data back. The ransomware, a relatively new strain first seen late last year, deploys a Windows XP virtual machine onto the target network in order to unleash the ransomware itself.

MongoDB ransom threats step up from blackmail to full-on wiping
2020-07-02 18:49

Presumably, the fact that the blackmail message was uploaded to your database - proving that the crooks had write access - is meant to convince you that the crooks definitely also had read access and therefore did indeed steal all your data. One thing missing from the blackmail message above is the sort of pressure you'd expect in a ransomware attack, namely that you're paying to get your data back because the crooks have wiped or scrambled it.

Alabama City to Pay $300,000 Ransom in Computer System Hack
2020-06-12 11:00

A city in northern Alabama will pay a ransom worth $300,000 in Bitcoins in response to a hack of its computer system. Florence City Council voted unanimously at an emergency meeting Wednesday evening to make the payment from the city's insurance fund in an effort to preserve information tied to its city workers and customers, news outlets reported.

Businesses torn between paying and not paying ransoms
2020-06-10 04:00

Research shows the public often wants restitution from businesses that fall foul of ransomware - with 65% of respondents wanting compensation, and 9% even wanting to send the CEO to prison. "The two most essential things that businesses should have in place, according to their customers, are protection software and backup copies of their data. Now, it seems, if businesses don't get these basics right, consumers are ready to punish their leadership."

Ransomware attack: Why a small business paid the $150,000 ransom
2020-06-08 15:47

The CFO of a small company that was the victim of a ransomware attack reveals why they paid the ransom to gain back control of their systems. TechRepublic's Karen Roby talked with the CFO of a small company in Kentucky that fell victim to a ransomware attack.

Ransomware attack: Why a small business paid the $150,000 ransom
2020-06-08 15:43

The CFO of a small company that was the victim of a ransomware attack and reveals why they paid the ransom (in Bitcoin) to gain back control of their systems.

Paying the ransom = paying double
2020-05-14 06:00

The total cost of recovery almost doubles when organizations pay a ransom. 27% of organizations hit by ransomware admitted paying the ransom.

46% of SMBs have been targeted by ransomware, 73% have paid the ransom
2020-04-21 04:30

73% of those SMBs that have been the targets of ransomware attacks actually have paid a ransom, Infrascale reveals. B2B orgs were more likely to be ransomware targets than B2Cs. Business-to-business organizations were more likely to have experienced a ransomware attack than business-to-consumer entities, according to the Infrascale survey results.

Are ransom payers fueling ransomware?
2020-04-01 04:00

"To combat ransomware and other threats, I advise IT security organizations to invest wisely in products that continuously discover and patch vulnerabilities, uncover advanced threats using machine learning and artificial intelligence, and continuously back up their data everywhere." The report found 85 percent of organizations are experiencing a shortfall of skilled IT security personnel, and survey respondents cited "Lack of skilled personnel" as their biggest obstacle to adequately defending against cyberthreats.

Stolen data of company that refused REvil ransom payment now on sale
2020-03-23 12:29

Operators of the Sodinokibi Ransomware as a Service recently published over 12GB of data that allegedly belongs to one of its victims - Brooks International - that refused to pay ransom. Sodinokibi - a GandCrab derivative blamed for numerous attacks that took place last year - is a prime example of RaaS. BleepingComputer shared a screengrab of one such hacker forum post that showed a member advertising a link to the stolen data for 8 credits: that's worth about €2.